Cybersecurity

Tag Archives

femtech

Female startups rising

The last years have seen a number of exciting startups securing venture capital and developing innovative products that include healthcare wearables. FemTech is the name for the women-led, women-designed new product startups, and the success of these traditional and consumer health care products can be summed up in two words: market potential.

Women’s healthcare has been underfunded by the research and development world, but the last few years have seen a number of innovative products brought to market. While much of femTech is focusing on reproductive technology and sexual health, such as fertility startups that are helping young women harvest and save their eggs for later childbirth decisions, to a birth control telemedicine and delivery model, to apps that are as sensitive as the birth control pill for contraception, not all the focus is on reproductive health.

Cardiovascular disease remains the number one killer of women worldwide, and Bloomer Tech is developing a number of wearables with biometric sensors to collect and analyze heart heath data. The data can be used to guide real-time medical decision making, while collecting big data amounts of women’s heart health data for research. The material developed has flexible, washable circuits embedded in textiles, a technology that will allow a number of interesting developments in the ability of wearables to collect biometric data. Their first product is a bra with the flexible circuits embedded to collect data on heart disease risk factors. It communicates to an app on a smartphone via Bluetooth. Most important, the user decides on how much and what data can be shared with a medical professional, researcher, or other person.

Bellabeat, the maker of LeafUrban jewelry, is leading the jewelry/design/health monitoring pack. The beautiful leaf-shaped jewelry looks nothing like a fitness tracker, and provides several important tools for women hoping to find a better tool to monitor health: it helps track menstrual periods, so women can keep track of fertility and contraception, and it monitors signs of stress and offers guided meditation. Like other health and fitness devices, it monitors activity and sleep, and gives the user data.

However, the largest amount of VC funding remains with startup companies focusing on a product that has both cachet and market potential. Many, or most, new products focus on women’s sexual and reproductive health. Elvie raised $6 million for a small device to help women do Kegel exercises properly. Women’s health care startups in FemTech have raised, to date, over $1.1 billion for research and development. Continue reading

security

Overcoming The False Hope of a Ransomware Attack (Part 2)

Welcome back to the second half of our two-part article on how ransomware is built to deliver false hope in order to scam businesses harder than hackers have ever scammed before. While ransomware was once grudgingly praised for the innovative integration of cryptography into malware, as it turns out, this is mostly just an illusion. Last time we talked about the rising threat of ransomware, how malware has a long tradition of destroying files, and the way ransomware works once it attacks your computer. Join us again today as we pick up right where we left off with encryption, how it works, and why ransomware uses it.

Ransomware Encryption

The big confusion about ransomware is the use of encryption. At first, it was lauded as one of the cleverest upgrades to malware since email attachments but in reality, the only reason encryption is used instead of full-on deletion is to create false hope and the possibility that companies will pay up.

Here’s how it works: Encryption relies on a key, the thing that determines how the files will be encrypted. One of the simplest encryption keys is the backward alphabet where A=Z, B=Y, C=X, and so on. A more complex version might use a specific page of a specific book where A=first letter, etc. The point of the encryption key is that as long as it is sufficiently complicated or impossible to predict, you cannot decrypt anything that has been encrypted without the original key.

When your files are encrypted through ransomware, it’s important to understand that modern encryption software can randomly generate one-time nonsense keys that cannot be decrypted and, if the key is lost, so too is anything that was encrypted with it. This means that unless you get the exact key used to wreck your files, there’s simply no way you’ll be able to get them back. Some hackers will promise to give you the key and a decryption tool but experience has revealed the majority of these promises to be outright lies.

Trusting Hackers

Continue reading

stratecta - ransomware security

Overcoming The False Hope of a Ransomware Attack (Part 1)

Every modern business deals with a certain amount of technology. From tech companies that consist internally of nothing but professionals at computers to minimally technical industries that still rely on databases and business software to keep everything running smoothly, the need for a secure network and backups of archived business data is universal. When your data is in danger and it looks like there’s a chance of recovering anything that has been lost, most companies will jump through flaming hoops for any either planned or, worse, unplanned recovery method. That is exactly why ransomware is so terrible. The hope of getting your files back after a disaster is often more powerful than the fear of losing them in the first place.

While you may think that your files are being held hostage, your disaster recovery plan is much more reliable than any hacker’s “promise” that you’ll see your files again.

Malware Has Always Wiped Files

To understand the innovation of ransomware, it may help to have a better grasp on the history of malware as a whole. Ransomware is just one of the most recent innovations in a long chain of malicious, invasive software. In fact, while there has been a significant rise in the ability of malware to actually do something like steal credit card numbers or extortion, malware has traditionally been almost completely pointlessly evil. Worms have roamed the web since before the internet unification seeking out vulnerable systems and often infected websites are simply left up to hurt anyone who comes across them.

When an infection is successful, whether it was targeted or random, the malware’s goal is simply to cause pain. Spamware makes your system unusable with constant pop-ups, spyware steals your login information and uses it for fraud or more spam, and many forms of malware despite the name will simply explore your files, deleting or corrupting them as it goes. Hackers have always deleted files for fun and there’s no reason to assume that they’re going to stop now just because they’ve also figured out how to make a little side cash.

What Ransomware Does

When ransomware gets onto your computer, it’s first act is usually to lurk around for a while. During this time, it may finish installing itself, spread from the first computer into the local network, and map all your files. These processes usually happen quietly using background resources and the delay often masks the true infection point, whether it as a bad website, a phishing email, or an actual hacker security breach in which the ransomware was placed on your computer. Continue reading

win the crown

5 Techniques to Help Dealership Staff Improve Cyber-Security (Part 2)

Welcome back to the second half of our two-part article on how to help your dealership staff become an important part of the cyber-security effort. They are responsible for handling reams of customer personal information and protecting the financial interests of every client who comes through your doors. This means keeping account information safe, even from people who claim to be the friends and family of your customers. Last time we talked about line of sight on staff computer screens and the reasons why personal data is so vital to protect. Let’s pick up on access to employee computers.

3) No Customer Access to Employee Computers

There are two kinds of computers in a dealership, those set aside for customers to manage their finances and buy insurance on, and those that employees use to sell cars and manage customer accounts. If it can possibly be helped, do not let customers use employee computers. These have software, data access, and possibly saved log-in information that could give customers access to information and actions they should not have.

Worse than accidentally letting a customer access your control software is the fact that not all hackers live in Russia. There are plenty right here in the states and they will absolutely take an opportunity to ‘phish themselves’ on your machine, quickly pop in a malware-riddled USB device, or find a way to email themselves data on your system. If a customer is allowed to use an employee computer, watch them very closely and do not, under any circumstances, allow outside data devices to be plugged into a dealership computer.

4) Never Open Email Attachments

Speaking of phishing, the current leading form of hacking and social engineering all tied into one. Phishing occurs when a hacker sends a false email with an infected attachment. The email either appears to be from a friend or coworker or it can pose as a message from a concerned “customer”. There are many different phishing strategies ranging from convincing the victim that the attachment is an important work document to thinking it’s a funny cat picture. The only thing in common is that the hacker must convince a staff member to click their infected link in order to spread the malware. Continue reading

security

5 Techniques to Help Dealership Staff Improve Cyber-Security (Part 1)

Car dealerships have everything that hackers and scam artists love. You deal with high-value items and handle large amounts of money. You deal with people’s banks directly and process stacks of personal information that could be used for identity theft. You process payment information like debit and credit cards and cars are a favorite way to blow through stolen money or ruin the life of someone whose identity has been stolen. To a hacker, a car dealership looks like a playground which means that it’s your job as the honest professionals trying to run a business to protect yourself, your customers, and your staff members from the inevitable attacks.

Cyber-Security and Social Engineering

However, having a strong firewall, encryption, and virus-scanning software isn’t enough anymore to stop the really determined cyber-criminals. The new name of the game is social engineering, using deception and false human connection to lure staff members into making a critical mistake. Sometimes, the scam isn’t even to get malware onto your computer, but rather to steal information directly from the employee themselves, tricking them into giving away important personal or account information about a customer or performing an action that they shouldn’t. In order to keep your employees safe, it’s vital that they are fully trained in data protection on every possible level.

1) Protect Line-of-Sight

Start by explaining that hackers aren’t the only criminals. People can and will come in under false pretenses, hoping to get a look at someone else’s account information. Guests claiming to be the spouses, friends, and family members of your customers may ask to check on information, then try to get a look at something else while the account is up on the staff member’s screen. There are several reasons why someone might want a peek at another person’s car dealership information including looking for financial information, an identity to steal, or stalking.

Because you can’t know who is scamming right off the bat, you are obliged to be helpful and go along with any reasonable requests but be very careful about line of sight. Never show someone another customer’s information and if your office door isn’t closed, don’t turn your monitor around at all just in case someone sees something from across the hall. Be aware of windows, people walking behind you, and reflective surfaces. Yes, scammers and stalkers get that devious to steal personal information.

2) Never Answer Personal Questions

People will come in person, call you on the phone, and send you emails asking for information about accounts, cars, services, and customers. Naturally, the vast majority of these contacts will be business-as-usual but every staff member needs to be on their guard for the one call in two hundred that is loaded and dangerous. To be ready even if you don’t see a scam call coming, never ever give out personal information on customers or your fellow employees. Continue reading

stratecta

The Complete Digital Transformation Checklist – Is Your Company Up to Speed? (Part 2)

Welcome back to our complete digital transformation checklist. Last time we covered the importance of starting with a website including a live chat feature, the inevitability of a mobile app, and why every modern company can and should have a CMS. We ended the article by promising more acronyms and as we hate to disappoint, let’s start today with the EMS.

4) Industry-Specific EMS – Enterprise Management Software

The term EMS stands for enterprise management software and this acronym is, in fact, incredibly vague. The kind of software you need to run your business depends on your industry and size but believe us, at this point there is a fast and capable EMS for almost every industry on the planet from field services to finance management. Look into software built specifically for your industry and consider streamlining the vast majority of your procedures. EMS’s can offer inventory tracking solutions, connect to your CRM for improved customer relations across the board, and are usually built to address concerns unique to the industry like specific safety inspections, appointment scheduling, and so on.

5) VOIP – Internet Phones for Everyone

If you are still paying a telco company for wired office phones and costly cell phone plans, it’s time to join the rest of the online community in internet-based phone services instead. VOIP has come a long way since Skype for individual users introduced the population at large to the idea in the first place. There are now VOIP companies that cater exclusively to businesses and call centers and the flexibility is amazing. Not only can you scale a VOIP plan to any size of team or company, you can also access numbers from anywhere including mobile devices simply by logging into an online platform.

6) AI-Assisted Data Analysis

Data analysis, once one of the most tedious chores of any sales, research, or IT team, can now be handled almost 100% by self-learning computer programs. The power of large-scale data analysis and AI intuition can cut the time you spend on data analysis down to a fraction while multiplying the available results data your teams have to work with. The fact of the matter is that computers are both better and faster at skimming data and drawing trend charts.

7) IoT Devices and Sensors

IoT (Internet of Things) is the latest craze in business technology and it looks like it’s here to stay. The concept behind IoT devices is simply that they are wifi-enabled and can be controlled from a Smart Home hub or a mobile device from anywhere in range of the wifi network. Businesses are using IoT security cameras for wireless access to their security footage. IoT lights that can be remotely switched off and a programmable IoT thermostat can work together to significantly reduce your power bills. Plus, employees are delighted by almost all IoT gadgets like, say, an IoT coffee pot that can start brewing before anyone physically gets to the break room. Continue reading