Archives For malware

IMG_6236Your Client’s Data Value Demands a Response

Last week I spoke at the Oklahoma Technology Symposium at The Cox Convention Center downtown, and then again to business leaders at the Gailaria Country Club north of the city. (Thanks to AnchorPoint Security and Check Point Software.)

The value of your client’s data is rapidly growing, and this was central to both of my presentations.

The Proof is in the Ransomware

People are paying the ransom. They can’t afford not to. Just this morning the WSJ reported another incident, this one related to the Leavine family NASCAR race team. They only paid $500, but $500 for what? The true cost of a breach like this is much greater. The FBI estimates the total cost per incident to be around $333,000! And the incidents of ransomware now four times what they were last year.

If you’re not talking to your clients about ransomware, now is the time. But more than talk is needed. They need answers.

Start by assessing their exposure to this type of attack. Can your client detect it coming in with their current security set up? My guess is that most can’t. That’s a managed services offering right there. Few companies will have the expertise to do this internally. They also need user awareness training. One place to start might be my latest book, Digital Money. It will be out by the end of this month!

The fact is, more data is being created, and just about every business is down when their computers are down. Data defines just about everything, including all of their clients, R&D, projects, finances, etc. Without their data, they’re out of business. What’s that worth?

Advertisements

malwareWhat’s the Likelihood I’ll be Hacked Over the Next 12 Months?

That’s the question every business leader should be asking.

The answer – it’s likely.  Over the past week two of my kids have been hit by fraudsters. Neither ended up paying, but both were initially confused. Had it not been for the constant security awareness training that happens in our home, they might have paid the bill.

It could have been malware, but in this case it was a pop-up.  “Call Our Support Desk Now!  You’ve been infected by malware,” the message read. My 20 year old son had one on his iPad; my 21 year old daughter had one on her company laptop. Both came by inadvertently clicking on a pop-up ad.  In my daughter’s case, she did call the number to see what was up (her system was completely frozen at this point.)  The technician on the line wanted to access her system, which is no longer on any Apple support contract. For $250 he promised to set her up on an annual support agreement and remove the malware on her system.

At that point she called me in to talk with him.  First I asked him how he knew we had malware on this system.  He reported that he had received a message from our system telling him.  I probed further to understand what he was planning to do to fix our computer. His explanations were technical but vague. I asked him about malware, bots, and signs of intrusion.  He wouldn’t tell me specifically what the problem was. So then I started asking about remediation steps. Was this a scan, patch, firmware upgrade, etc. He couldn’t explain. It was clear he didn’t know what he was talking about, but he was adamant that we needed a solution. Finally I said, how do I know you work for Apple. He explained that his firm, BTS, was contracted by Apple for this type of support. I took down his number, thanked him, and called Apple. He was a fraudster.

In my son’s case, he simply called Apple support directly, ignoring the phone number on the screen. It too was fraudulent. Apple gave us the right tools to scan both systems to clear them of any adware or malware. And, using Apple’s chat software, the entire process was free.

Your Client’s Don’t Know Any Better

The problem is, your clients don’t know any better. What are the chances they would call and pay?  They’re working hard, trying to get through their day, and suddenly a message pops up, and like my son’s tablet, the system is locked. Apple walked my son through a hard-reset to get back to functionality. How many of your clients would simply call the number and pay the support fee?  Sure, if they work for IT, they’re probably savvy enough to do the right thing. But what about the countless office workers, especially those working in small businesses without dedicated IT support people?

Fortunately, in our case it was a simple hard-reset. It could have been ransomware, malware installed through a support link, or some destructive virus. The point is, your clients are highly likely to be hit with some sort of fraud scheme, malware, or ransomware in the near future. If all you provide is basic managed services, or possibly firewall support, these attacks will continue, and your client is likely to pay for it. Educating them on this is the first step. But then, every one of your clients really does need someone to monitor, detect, and respond to these types of problems. They will only get worse over time.

© 2015, David Stelzl

Adding Security to Managed IT

Security is the most important part of your managed program.

Last Thursday I spoke to resellers in Atlanta, sponsored by Check Point Software.  This all day event included several important updates for resellers on what to consider in your managed program.  Keeping patches up-to-date and backing up data is important, but just about any reseller can do this.

What Small and Medium Size Businesses are Missing is the Ability to Detect Security Issues  

Following my session, was an excellent overview on how Check Point manages security at the end node. Small businesses are not going to stop their people from using their own phones and tablets for work (BYOD).  So how will these companies stop all the mobile device malware coming out?  This is a perfect role for the future SMB MSSP.  Can your company detect when a mobile device has been compromised? Are you able to help your clients make sure unauthorized users are not connecting to their wireless network? What about monitoring their IPS or correlating their events and providing reporting to show attacks you are blocking?  It’s all about intelligence. Helping small businesses (the businesses most targeted by today’s hackers) detect when someone is trying to access their data, and then responding to stop it.

It’s Not Just Technology – Marketing Science I Needed

In my session I showed how resellers should market and sell this. Not all business owners immediately see the need. As an example, the event I did last week in Richmond had over 30 attendees – every attendee (with the exception on one person who left early) signed up for an assessment provided by the hosting reseller. But I can tell you, not all of these attendees thought they had a need when we started the meeting. It was only after they heard the message.

This is the place to start.  These attendees where business level people, interested in keeping their businesses safe and growing. Assuming they are pretty safe, their focus is on profit and growth.

They may not all need more security, but the assessment process we are using is designed to uncover urgent issues such as compromised end nodes. If we don’t find problems, they should just keep checking. But we almost always do.

I spoke with one reseller yesterday who performs several assessments every month. While just about every assessment shows urgent issues, his assessment-to-project conversion is only about 15% (Which is average for our industry). Something is wrong here. If all of the assessments reveal urgent issues, why is the conversion rate so low?  It’s the assessment process. It’s designed to uncover vulnerabilities, but not designed to convert clients.

In my session I reviewed how to move business people from thinking they are fine, to understanding the truth about security. From there, we talked about how to assess and convert, to help businesses take the right actions to keep their data secure. Once things are under control, the MSSP offering should be designed to maintain an acceptable level of risk.

Providing this to your customers will make you one of their most important strategic partners.

© 2015, David Stelzl

P.S. if you’re interested in selling more security, consider the Security Sales Mastery Program – contact us to see if your company is eligible for training sponsored by Check Point Software, or one of several other well known security manufacturers.

We completed our first day of Making Money w/ Security on Monday with a group here in downtown Melbourne.  As we were discussing some of the global security trends, one of the attendees pointed me to this ted video which does an excellent job of breaking down the Stuxnet technology – I would encourage anyone selling security technology to take time to view this.  It provides some in-depth understanding on what’s really possible out there.

Also, don’t forget to check out the upcoming May workshop – Making Money w/ Security – a public offering delivered online.  Seating is limited and it’s filling up quickly…here’s the link.

http://securitysalesworkshop.eventbrite.com/

© 2013, David Stelzl

New Breed of Malware

August 20, 2012 — Leave a comment

Shamoon

The August 17th article from PCWorld read, “…Next generation malware takes insidious to a whole new level.”  I recently listed three big threats you should know about, Stuxnet, Flame, and Gauss…now add Shamoon to the mix.  This one apparently wipes our your hard drive and master boot record to keep you from performing any meaningful forensics.

From PCWorld’s analysis, all four (Stuxnet, Duqu, Flame, and Gauss) “…are believed to be sophisticated, state-sponsored malware developed for the purpose of cyber espionage against specific targets.”  This may affect larger organizations, and may seem irrelevant to the SMB market, but it’s the technology advancements behind these tools that concern me.  Over time the technology used here will likely be incorporated into malware readily available online to just about anyone.

While this may not drive additional products and services right now, I recommend knowing about these things as your client’s adviser.  Consider setting up briefings with local business executives to educate them on what is going on, and what steps their organizations should be taking to protect their customers and internal sensitive data from data security threats in general.

Educational marketing is the best way to reach out to business owners, executives, and anyone in that “Asset Owner” position.

© 2012, David Stelzl

Cybercrime Update

 

Are you up to date on cybercrime trends?  Security continues to move…last year Anonymous dominated the Wall Street Journal security news,…this year there are some important technologies to be following: Stuxnet, Flame, and more recently, Gauss.

Stuxnet

If you are selling security technology, you should know what Stuxnet is…Here is a great article providing an overview of this unique approach to cyber-warfare.  Stuxnet has been around for a couple of years now, but I find that few people recognize the name.

Flame

The Flame virus has been likened to Stuxnet, but indications are this is a more complex malware that is also capable of taking over mechanical systems and creating havoc.  There’s a short description here to get your started.

Gauss

The Gauss virus is a new discovery and located mostly in the middle east at this point.  Kaspersky has published some statistical data on this worm showing where it is attacking…”Kaspersky said that by July 31, 2012, it had counted 2,500 unique PCs as being infected by Gauss since May, and traced 1,600 of those infections to PCs in Lebanon. The next most-infected countries were Israel (483 PCs infected), the Palestinian Territory (261), the United States (43), the United Arab Emirates (11), and Germany (5).”

This malware seems to have targeted bank customers, but also has a connection to the Stuxnet program.  Check out all three of these as the news is building. Even though your clients may not be affected at this point, all three represent a significant change in technology advancements being made in the cybercrime world.
Two articles to get you started:

7 Key Facts

Unable to Crack Computer Virus

© 2012, David Stelzl

In preparation for our final day in the Virtual Making Money w/ Security Workshop I thought this short clip on urgent proposals would be apropos:

© 2011, David Stelzl