https://www.sikich.com

IT Horror Stories: Ignoring the Warning Signs

Dustin Miller

Nov 4 2025

3 min read

For more than 20 years, Sikich worked with an electronic manufacturer, stepping in whenever there was an emergency. But between those frantic calls, warning signs about vulnerabilities, outdated systems, and missing safeguards were ignored. Monitoring, patching, MFA, and disaster recovery planning—all were put off.

Finally, in October 2023, another IT Horror Story happened. The company was hit with a ransomware attack that crippled all locations. With outdated antivirus software, weak VPN configurations, poor password hygiene, and no disaster recovery plan, the attackers had little resistance. The fallout required over 500 hours of remediation through January 2024 just to get systems operational again.

The Horror of Ignoring the Red Flags

The manufacturer’s story illustrates the steep cost of dismissing warning signs:

Unpatched Systems = Easy Exploits
Ignoring software updates and firewall best practices left systems vulnerable. 60% of breaches stem from unpatched vulnerabilities.

Weak Security Controls = No Barrier
With no MFA on VPNs or administrative tools, and poor password hygiene across users and admins, attackers could move laterally with ease. Microsoft has shown MFA blocks 99.9% of automated attacks

No Disaster Recovery = No Plan B
With no defined disaster recovery process for their ERP system or network, downtime stretched into months. IBM reports the average breach lifecycle is 204 days, with recovery costs climbing the longer the delay.

Sikich’s Solution: Turning Disaster Into Renewal

After the ransomware attack, Sikich partnered with the manufacturer to secure, modernize, and future-proof their IT environment:

Rebuilt the Network Environment: Overhauled critical infrastructure after the attack.
Revamped Backup Systems: Ensuring reliable replication and recovery processes.
EDR + Monitoring: Replaced old antivirus with modern endpoint detection and response (EDR) and 24/7 monitoring.
MFA Everywhere: Rolled out across VPNs, admin tools, and business applications.
Restricted VPN Access: Limited to minimum business requirements.
ERP Upgrade: Addressed outdated systems and improved resilience.
Tech 360 Services: Ongoing monitoring, management, and vCIO guidance to prevent history from repeating.

Don’t Ignore the Warning Signs

The lesson of this electronic manufacturer’s story is that ignoring the warning signs can result in your own IT Horror Story. The cost of inaction is always higher than the cost of prevention.

Don’t Settle for Bad IT, Make the Switch

Don’t wait for an attack.

Contact Sikich today for a free IT security and vulnerability assessment. We’ll identify your weak points, prioritize fixes, and put guardrails in place so your business doesn’t become the next IT Horror Story. Claim Your Free Assessment →

This publication contains general information only and Sikich is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or any other professional advice or services. This publication is not a substitute for such professional advice or services, nor should you use it as a basis for any decision, action or omission that may affect you or your business. Before making any decision, taking any action or omitting an action that may affect you or your business, you should consult a qualified professional advisor. In addition, this publication may contain certain content generated by an artificial intelligence (AI) language model. You acknowledge that Sikich shall not be responsible for any loss sustained by you or any person who relies on this publication.

About the Author

Dustin Miller

Dustin Miller is a principal, who supports the managed services practice in the role of virtual chief information officer (vCIO). Dustin helps business owners and executives understand their current IT assets, create a vision and multi-year roadmap for IT that integrates with business objectives, and align specific technology initiatives within the annual budgeting process. He provides ongoing collaboration and serves as an executive-level technology team member that understands and can speak to both technology and business topics.