Sysadmins don't recognise they've been owned?
Your server has starting sending *millions* of packets to the *same* IP address.
How can you *not* spot something is a bit odd?
Hackers have begun using compromised servers instead of client PCs to launch more powerful denial of service attacks. Hundreds of web servers are infected with a DoS application that transforms them into zombie drones, according to database security firm Imperva. These zombie servers are controlled using a simple web …
I had a computer science degree and know a lot about many things, but server administration isn't one of them.
My friend's website got to big for shared hosting so he started renting a dedicated server. I learned the bare minimum to get everything working properly, wrote some shell scripts to dump the databases, tar all the files and FTP that to a different server once a week as a backup.
That was two years ago and the site has been running fine without any sort of admin.
I know a web programmer whose company tasked him with setting up a server even though he had no clue what he was doing and his regular duties left him zero time to actually administer the server once it was up and running.
Anyway there are a lot of sites out the are setup my someone lacking the necessary skill and experience and then completely ignored until something breaks.