Tag Archives: Windows

ransomware

Ransomware: Growing Threat for SMBs

Ransomware, a cyber scourge that appears on the verge of intensifying, poses an increasingly dire threat to small- and medium-sized businesses (SMBs) in 2016.

In a ransomware attack, victims are prevented or limited from accessing their systems. Cyber criminals attempt to extort money by first using malware to encrypt the contents of a victim’s computer, then extracting a ransom in exchange for decrypting the data and allowing the victim to regain access.

Until now, most attacks have targeted consumers and, to a lesser extent, businesses working on Windows platforms.

That’s about to change. Security experts caution that small- and medium-sized business owners and users of non-Windows platforms can expect to be increasingly targeted in attacks that seek to extort money from them via sophisticated ransomware tools.

Upcoming webinar: Navigating Identity Theft: How to Educate and Protect Your Employees and Clients

Experts say many of the malicious campaigns will likely be carried out by opportunistic attackers and newbie extorters trying to take advantage of inexpensive do-it-yourself ransomware kits that are beginning to become available in underground markets.

Estimates about the cost to victims from more widely used ransomware tools like CryptoWall and CryptoLocker range from tens to hundreds of millions of dollars.

Now, analysts are concerned that cyber criminals are on the verge of widening the scope of their attacks. Last month, researchers at security vendor Emsisoft analyzed Ransom32, a malware tool many believe is a harbinger of things to come on the ransomware front.

Fewer are immune to attack

Ransom32 is the first ransomware tool written entirely in Javascript. That makes it easily portable to other platforms like Linux and Mac OS X.

Kowsik Guruswamy, Menlo Security chief technology officer
Kowsik Guruswamy, Menlo Security chief technology officer 

 

Kowsik Guruswamy, chief technology officer at Menlo Security, says that, unlike the JavaScript in a browser that is sandboxed to prevent access to the file system and other local resources, Ransom32 also is designed to have unfettered access to the system.

“Ransom32 is one-of-a-kind in that it’s cross-platform, which alone increases the targets for the malware authors,” Guruswamy says. “Since the underlying Chromium interpreter is cross-platform, this allows Ransom32 to target users across all of the (operating systems) and devices in one go. This is the worrisome part.”

Related video: A case for making software more resistant from the start

Significantly, the authors of the malware appear to have adopted a ransomware-as-a-service model in their distribution approach. Ransom32 is available via a hidden server on Tor to anyone with a bitcoin account.

The malware does not require any specific skills to operate, and it comes with a management interface that the attacker can use to customize ransom messages and specify the ransom amounts. The interface supports a feature that lets the authors of Ransom32 track how much money is being collected via the tool and lets the authors take a 25% cut from the total.

DIY kit for bad guys

Ransom32 is the second publicly disclosed ransomware in recent months that is being distributed as a do-it-yourself kit in the cyber underground. The first was Tox, a malware tool discovered by a researcher at Intel’s McAfee Labs that, like Ransom32, was distributed via Tor to anyone interested in launching a ransomware attack.

“Ransomware as a service is an increasing and worrisome trend,” says Fabian Wosar, a security researcher at Emsisoft. “Fortunately, most schemes are of poor quality, but the people writing these types of frameworks are learning.”

Each time a security vendor finds a weakness in a ransomware tool, the threat actors figure out what mistakes they are making and plug it immediately, Wosar says.

Going forward, expect to see the emergence of tools like Ransom32 and trends like ransomware-as-a-service pose a bigger threat for businesses, especially the small and medium ones, which generally don’t have the same resources that large companies have to defend themselves.

Lately, there have been an increasing number of reports about company servers being attacked directly through the Remote Desktop Protocol (RDP) that is used to remotely administer and manage systems.

SMBs have limited defenses

“Most SMBs don’t have the budget to employ their own in-house IT staff,” Wosar says. “As a result, a lot of them employ outside companies to take care of their IT infrastructure, and these companies often use remote control tools like RDP to administrate the network and server [remotely].”

One result is that a lot of SMBs are exposed to attacks that take advantage of weakly protected remote control interface to gain access to internal systems and data. Wosar says that in such situations it is just a matter of time before an attacker stumbles on a critical server and hijacks it for ransom.

Because the attackers typically gain access to the server itself, they also can turn off any security software that might be installed on it, and they become virtually undetectable in the process. All that is left behind is usually a note that informs the admin about the hack, with a means of communication to negotiate the price.

There already has been an increased interest from cyber criminals in specifically targeting companies, largely because of the potentially bigger payouts involved, says Christian Funk, who heads Kaspersky Lab’s global research and analysis team in Germany.

“A business is depending on its digital assets and, therefore, often more willing to pay the ransom,” Funk says. “There have been cases where cyber criminals noticed that a company has been successfully infected and, therefore, the criminals decided to charge up to eight times the original ransom. I suspect such methods, as well as targeted attacks, are likely to increase in future.”

This article was written by Third Certainty’s Jaikumar Vijayan.

Customer Perception Is Your Reality!

The quote in the headline — “The customer’s perception is your reality” — is from the renowned business trainer Kate Zabriskie, and I hope you agree it is absolutely true. No matter how excellent you think you are, or your company is, at service delivery, your future success as an enterprise depends principally upon how good you are in your customers’ minds when responding to their ever-changing needs. Or, as John Mackey (CEO, Whole Foods) put it, “For us, our most important stakeholder is not our stockholders, it is our customers. We’re in business to serve the needs and desires of our core customer base.”

But what are those needs? Are they those that you may have already identified, based on your experience? Has your considerable operational expenditure, in people and systems, really met what your customers need? Or is our thinking unconsciously restricted by our knowledge of what we can and cannot easily achieve?

There are many publications, a plethora of business processes ideas and of course the Internet itself, all crammed with customer relationship management theories. I don’t suggest that these are wrong, but what I do believe is that most financial services customers want something better than the superficial contact often delivered regularly by mailshots or e-mails. The “relationship” they require is more like that of their general medical practitioner! Namely a service that is accessible, resulting in knowledgeable and courteous attention, one that is effective, on call always but available only when needed.

This article focuses on customer perception and service delivery for existing insurance customers and associated stakeholders. More specifically about how appropriately the enterprise responds to customers’ post-sales questions, claims and changes about personal lines policies.

It might first be helpful to consider, in general terms, the prime means of post-sales service delivery in the UK currently deployed by insurance companies, brokers, claims service companies, etc.

These channels are principally face-to-face in offices; via the Internet; over the telephone, including SMS texting; and, to an under-developed extent, through mobile service platforms.

Branch contact used to be normal, but face-to-face customer contact seems on the decline. No doubt the cost of staff, the use of alternative technologies and the need to drive down costs have all contributed to the demise of the branch office. The challenge then is how to achieve the goal that Sam Walton (founder of Wal-Mart) described as “customer service that is not just the best but legendary.”

Well, I imagine that the words “call center” do not spring immediately to your mind as “legendary.”

At their best, call centers provide a good and necessary service, but I do not believe that the sophisticated telephony statistics and in-house customer surveys yield an entirely accurate picture of customer perception.

In the main, customer perception is that call centers are a dismal fact of life. They often describe their experience as an endless series of numerical options and pre-recorded messages. These are followed by an interminable wait brought to an unsatisfactory climax by what they perceive as a “factory service,” so often a conversation with an underpowered and strictly timed operator, who seems in a hurry to deal with the next call.

Is this the sort of post-sales service your customers deserve? Does it really surprise and delight your customer with “legendary” service?

From an enterprise point of view, call centers are generally sub-optimal. Staff turnover can be high, recruitment and training costs significant, with onerous levels of supervisory oversight. Management often experiences prolonged stress, justifying service delays and fretting how to improve service without incurring more costs. Most call center staff cannot make significant changes to policy records, or handle customers’ resulting needs themselves; instructions have to be prepared for other processing technical staff.

Is there a better or additional way, other than a call center, in which the increasing expectations of existing insurance customers can be met and exceeded? Is it possible to achieve this and at the same time drive a huge chunk of operational costs out of the business?

The answer is emphatically yes! In fact these benefits can be achieved quickly and cheaply compared with traditional legacy and Internet technology. The solution is to deploy the latest and powerful mobile technology directly to customers, to empower them to access their own records and to make self-service changes, raise claims and initiate inquiries directly to a database or a secure copy.

Today’s customer is never far from a smartphone or tablet. The expectation from an enterprise is that of mobile technology being available to post-sales and post-renewal. Customers do not want to be pinned down to call center hours or a static location from which to call to make changes or to deal with claims.

Any company that offers a post-sales insurance service that suits the time and place of their choice must surely have a significant and differentiated product. If that same company, as a result, is able to eliminate a huge percentage of its operational costs, then it also will derive a massive commercial advantage. Let’s see how this can be achieved.

To explain and to avoid confusion with traditional legacy solutions, I will briefly describe the provenance of modern mobile technology platforms.

It was not long ago that mobile phones were used solely for voice calls and texts. Today’s smart phones and tablets are multifunctional devices that can insert themselves into the very DNA of the customer-enterprise relationship.

This is possible by means of developing intelligent mobile processes. Operating systems for smart phones such as Mac iOS, Android, Windows and RIM are now fully mature and open a window of opportunity for the development of third-party software.

But quality matters, too, and development needs to be easy and intuitive to use because mobile users demand more choice, more ways to use their phones more functionally.

The Internet just allowed us to connect with anyone in the whole world. But with mobile technology we will connect anytime and anywhere with everything through “the Internet of Things” (IoT). Manufacturers and retailers are investing immense amounts of money in intelligent appliances, and very soon your home will be as smart as your car. This technology offers a unique chance for insurance enterprises to integrate intelligent mobile devices in their post-sales service delivery.

For example:

me

How would this work in practice? Mobile and tablet applications are limited only by vision and imagination, and space in this article permits only a brief summary. There are two principal post-sales areas where advantage can be gained, namely policy changes/inquiries and claims reporting/progress.

Imagine your home and contents policyholder receiving a renewal notice and reviewing the cover. This might show that the sums assured need revision and that a newly acquired item of jewelry should be added; perhaps an optional extra such as legal expenses cover is to be considered. By means of an appropriate mobile phone or tablet, the policyholder “logs in” and views current policy details. No doubt this will include a reminder that renewal is almost due.

Using the form of graphic display the policyholder is used to (sliders and check boxes on smart phones for example) the cost of changes are modeled. More information about the legal expenses cover is requested, received and possibly some questions answered. Mid-term changes are frequent, too, so any relevant date and details of change may subsequently be selected once the policy records are accessed from the mobile. When the customer is satisfied with the modeled changes, the new risk profile is sent to the insurer and a new premium generated. If accepted (or remodeled), payment details are collected, and no doubt certain questions required by the insurer are “check-boxed,” instant confirmation is given and promptly afterward updated documents e-mailed to the policyholder.

All of these events take place at a time, day and location of the customer’s choice. Unless the customer chooses otherwise, no call center conversation is required; no staff are needed to manually process the changes. In this example, all the requested changes were within the insurer’s underwriting and rating rules; had they not been, then an appropriate message would be generated ensuring, that a call center contact is focused upon more specialized and justified issues, requiring a smaller number of trained and empowered people. In effect, the call center becomes a skill center, a quite different entity.

Reporting claims and dealing with claims progress issues can easily be imagined, and again the limit is process appetite and creativity. Mobile technology has the advantage of a camera, GPS and verifiable date and time. So this data can be assured and becomes invaluable within the claims oversight process.

Photographs can be taken, with assured dates/times/locations of loss-related events, damage, articles etc. These can be attached to a mobile claims notification, with appropriate inbuilt guidance, and sent to the claims department to initiate the process. The mobile can be used to receive calls, texts and e-mails. Even voice messages or videos from the customer can be attached. Adjusters can be appointed automatically subject to a “rules engine”; replacement goods can be selected and offered via the mobile connection; estimates and invoices can be generated or photographed for sending on to the claims department.

The effect of these customer processes upon service delivery is abundantly clear. But what of the opportunity to save costs? In my experience, between 25% and 50% of inbound customer calls are of a standard, non-exceptional nature. Conservatively, once fully operational, I would expect mobile technology for post-sales activities to drive out 30% of staff and call center costs of the enterprise. For those who also use call center or technical staff to actually manually process changes, as well, similar levels of savings could be achieved in that part of the operation.

At this stage it is reasonable to ask, if the technology is available now, the advantages so attractive and already being employed by other enterprises, why have insurers, generally, not yet filled this space?

I speculate that there are five reasons:

– The skills required to build mobile technology platforms are not generally available in most insurers’ computer departments.

Mobile process development is new and different, and simply importing legacy or internet systems on mobiles produces ugly, cumbersome customer applications. The solution is the careful selection of a third-party provider, working with staff, to introduce these new skills into the computer department.

– Core processes and enterprise data is jealously guarded by departments. Security is also of paramount importance.

They are right to be careful! These assets must not be put in harm’s way. Until complete confidence is established, the safe solution is to use replicated rules engines and validate changed data outside the core processes. The use of the latest and most secure encryption technology is paramount.

– Most IT departments have a tremendous backlog of legacy system updates. It’s essential but difficult to focus on a new mobile future when you are trapped in the technology of the past developments.

By using a third-party provider to quickly develop applications and train existing staff, an enterprise can begin to move forward and avoid being left behind by newer competitors.

– Development is seen as possibly expensive and probably protracted.

In fact, the opposite is true. It is surprisingly quick and relatively inexpensive to develop the latest generation of applications for mobile platforms compared with legacy systems. Payback can often be achieved within months of launch.

– There may be a lack of imagination or strategic understanding of what mobile applications can achieve.

It is, in my opinion, dismally true that some of the few mobile insurance “apps” available download little more than contact details, or a claim form. Recreating on a mobile what an enterprise already does on the Internet misses the point entirely and wastes a unique opportunity.

In conclusion, mobile technology has rendered the call center, in its current form, obsolete. The only question is how long the process will take. It will be fascinating to see the more agile and visionary insurance enterprises seize the opportunities presented by mobile technology.