Software
Ransomware syndicates are focusing their attacks on backup systems in order to maximize their financial gains
Data backups have become a top target for ransomware actors, according to a report from a cybersecurity company.
A startling 94% of organizations that experienced ransomware attacks in the previous year reported that the attackers made an effort to compromise their backup systems, according to a recent study by Sophos that involved polling about 3,000 IT and security experts from 14 different countries.
For organizations in the government, media, leisure, and entertainment sectors, the percentages were even higher, reaching 99%.
The report outlined the two primary methods for recovering encrypted data in a ransomware attack: restoring from backups or opting to pay the ransom.
“By compromising an organization’s backups, ransomware actors can severely limit the victim’s ability to recover encrypted data, thereby increasing the pressure to pay,” stated the researchers.
“It has become a routine occurrence for these individuals during their attacks,” commented Curtis Fechner, the head of cybersecurity threats at Optiv, a Denver-based provider of cybersecurity solutions.
He mentioned to TechNewsWorld that they constantly attempt to locate and render the backups inaccessible. One aspect of their strategy for earning money involves identifying the backups, as they aim to maximize their potential revenue from an attack.
“By taking your backups offline and using them as leverage for recovery, I have increased the likelihood of you paying. Furthermore, I can exploit your desperation to extract even more from you.”I understand that you’re in a difficult situation,” Fechner added.
Growing Threat
According to Ilia Sotnikov, a security strategist and the vice president of user experience at Netwrix, an IT security software company headquartered in Frisco, Texas, enterprise ransomware was not very sophisticated when it first emerged about 10 years ago.
The ransomware malware quickly spread through the system by taking advantage of weak configurations or vulnerabilities and encrypting any data it came across. According to him, the victim was forced to pay a ransom in order to regain access to their operations.
“The cybersecurity industry has implemented a comprehensive security strategy that includes enhanced protection and detection capabilities, as well as a strong focus on backup and recovery practices,” he stated. Due to their expertise, organizations were able to successfully deflect the majority of attacks, significantly reducing the number of successful ones. Additionally, they gained valuable knowledge on how to efficiently restore systems and operations without resorting to paying a ransom.
Furthermore, he explained that the ransomware strategy underwent changes to enhance the likelihood of success by exploring alternative methods to overcome security measures. Malware has become increasingly difficult to detect and combat. The criminals began to allocate additional time to the reconnaissance stage in order to pinpoint and focus on the most vulnerable information. Groups such as Maze and LockBit began to extract the company’s data and introduced the additional risk of a public data leak alongside the encryption, a tactic referred to as double extortion.
“Since then,” he noted, “ransomware attackers have also begun targeting the backups to render recovery impossible or excessively expensive, compelling the victims to pay the ransom.”
Backups are currently down, while ransom demands are on the rise.
According to Sophos, people who had their backups compromised faced ransom demands that were typically more than twice as high as those who were not. For victims with compromised backups, the median ransom demands amounted to US$2.3 million, while those with uncompromised backups faced demands of $1 million.
Backups are essential for the smooth operation of organizations. According to Darren Guccione, CEO of Keeper Security, a password management and online storage company in Chicago, if the backup is compromised and the organization falls victim to a cyberattack, they may become more desperate to regain access to their networks and data.
“Attackers are well aware of the impact of denying access to backups, which leaves organizations in a vulnerable position and with limited choices other than complying with exorbitant ransom demands in order to retrieve their data,” he explained to TechNewsWorld.
The Sophos research provided evidence to support the fact that organizations with compromised backups are unable to negotiate with ransomware actors. It was discovered that individuals who had compromised backups ended up paying an average of 98% of the ransom demanded, while those without compromised backups paid 82%.
According to the report, organizations that had their backups compromised were significantly more inclined to pay the ransom in order to retrieve their encrypted data (67%), compared to those whose backups remained unaffected (36%).
Increased Cost of Restoration
Victims who have compromised backups not only face the burden of paying higher ransoms, but they also incur additional costs when it comes to recovering from an attack.
The median overall recovery costs for organizations whose backups were compromised were eight times higher at $3 million, compared to those whose backups were not impacted at $375,000.
Guccione outlined the various expenses that organizations face when they become targets of ransomware attacks. These include the financial impact of disrupted operations and harm to their reputation, the extensive efforts required for recovery in the short and long term, the actual ransom payment, and the potential consequences of fines and legal obligations.
“When a ransomware attack affects backups as well, it greatly extends the restoration process. Organizations are then required to rebuild their systems, data, and other crucial configurations,” he explained. If a breach involves a loss of sensitive data, especially if it includes personally identifiable information or falls under data protection regulations like GDPR or HIPAA, organizations may face additional legal and regulatory expenses.
As per the Sophos report, organizations with compromised backups experience longer recovery times from ransomware attacks. Just 26% of individuals who had their backups compromised were able to recover within a week after an attack, in contrast to 46% of those who did not have compromised backups.
Offline Backups: Balancing Security and Cost
There are various factors that contribute to the difference in restoration times between organizations with compromised and uncompromised backups, as highlighted in the report. One significant factor is the extra effort required to restore data from decrypted sources instead of well-prepared backups. Additionally, the presence of weaker backup protection may suggest less resilient defenses and a greater need for subsequent rebuilding efforts, according to the statement.
According to Narayana Pappu, the CEO of Zendata, a data collection, management, and sharing company based in San Francisco, backups usually lack the same level of security controls as production systems.
“Implementing logging, security measures, access controls, and testing on backup systems would be highly beneficial,” he advised TechNewsWorld. In addition, it is crucial to have redundant backups stored in various locations, including both cloud storage and offline storage. Implementing a comprehensive disaster recovery strategy can significantly minimize downtime.
According to Fechner, offline backups are effective in protecting against threats to backups, but they can also be quite costly. “Having backups that are offline and inaccessible to attackers is crucial,” he emphasized. However, considering the financial constraints faced by numerous organizations, particularly those in the small to medium business category, targeting backups remains a lucrative strategy for attackers.
Software
10 Essential Tips for Maximizing WhatsApp API Integration and Chatbot Efficiency
In today’s digital-first world, effective customer communication can make or break a business. As one of the most widely-used messaging platforms, WhatsApp offers businesses a unique opportunity to connect with customers in real-time. By leveraging WhatsApp API integration and WhatsApp chatbots, businesses can automate communication, streamline customer service, and create a more engaging experience. However, to make the most of these tools, it’s essential to use them strategically.
Here are 10 essential tips to help you maximize the efficiency of WhatsApp API integration and chatbots for your business.
1. Automate Routine Messages and Notifications
One of the biggest advantages of WhatsApp API integration is its ability to automate routine messages such as order confirmations, shipping updates, or appointment reminders. By setting up automated workflows, businesses can ensure that customers receive timely notifications without manual intervention.
Tip: Create automated messages for key touchpoints in the customer journey, such as post-purchase confirmations, service updates, or abandoned cart reminders.
Trick: Use triggers in your CRM or e-commerce platform to automatically send messages when specific customer actions occur, such as making a purchase or booking an appointment.
2. Use Personalization to Enhance Engagement
Personalization is key to building strong customer relationships. With WhatsApp API integration, businesses can personalize messages by using customer data from their CRM systems. Sending tailored communications based on previous purchases or user preferences increases engagement and makes the customer feel valued.
Tip: Integrate WhatsApp with your CRM to pull customer information such as names, purchase history, and preferences. Use this data to create personalized messages that resonate with your audience.
Trick: Segment your customer base and send targeted messages that cater to specific interests or behaviors, such as recommending products based on previous purchases or offering location-based promotions.
3. Set Up a Conversational Chatbot for 24/7 Support
Implementing a WhatsApp chatbot allows businesses to provide instant, round-the-clock support. Chatbots can handle FAQs, guide users through processes, and even assist with purchases, all without human intervention.
Tip: Program your chatbot to answer common queries such as store hours, order status, and return policies, ensuring customers get answers anytime they need them.
Trick: Include a “handoff” feature in your chatbot so it can seamlessly transfer complex issues to a human agent when needed. This ensures a smooth transition for customers who require personalized assistance.
4. Utilize Rich Media for a More Interactive Experience
WhatsApp allows businesses to send more than just text-based messages. Rich media such as images, videos, PDFs, and even audio messages can enhance customer interactions, making your communications more engaging.
Tip: Use WhatsApp to send product demo videos, promotional images, or interactive buttons that guide customers to your website or product pages.
Trick: Incorporate quick reply buttons or rich media elements in your chatbot to guide users through decision-making processes, such as product selection or booking services.
5. Leverage Multi-Language Support for Global Reach
If your business operates in multiple regions or serves a diverse audience, ensure your WhatsApp chatbot supports multi-language communication. This allows you to provide localized customer service and engage with users in their preferred language.
Tip: Design your chatbot to detect the user’s language based on their input or prompt them to select a language at the start of the conversation.
Trick: Regularly update your chatbot’s language database to include any new regions or dialects where your business is expanding, ensuring seamless customer service worldwide.
6. Track Key Metrics to Improve Performance
Analyzing the performance of your WhatsApp API and chatbot is crucial for making data-driven improvements. By tracking response times, customer satisfaction, and engagement rates, you can identify areas for optimization.
Tip: Set up analytics to monitor the performance of your WhatsApp communications, including open rates, response times, and customer interactions with your chatbot.
Trick: Use this data to continually refine your chatbot’s responses, ensuring they meet customer expectations and improve the overall experience.
7. Use Chatbots for Lead Generation and Qualification
WhatsApp chatbots can be powerful tools for capturing leads and qualifying potential customers. A well-designed chatbot can ask initial questions to determine whether a user is a good fit for your product or service, then pass along qualified leads to your sales team.
Tip: Program your chatbot to gather essential information such as customer needs, preferences, or budget, before passing the lead to a human agent for follow-up.
Trick: Use the chatbot to engage potential customers with product recommendations or special offers to encourage them to provide their contact details and enter your sales funnel.
8. Create a Clear Opt-In Process for Messaging
To comply with WhatsApp’s business policies, it’s important to ensure that users have opted in to receive messages from your business. Having a clear opt-in process not only ensures compliance but also builds trust with your customers.
Tip: Make it easy for customers to opt-in by including an opt-in request on your website, through social media, or at the point of sale.
Trick: Incentivize customers to opt-in by offering exclusive content, discounts, or promotions through WhatsApp. This increases the likelihood of gaining permission to message them directly.
9. Use Quick Replies for Faster Customer Support
Quick replies in WhatsApp allow businesses to provide customers with instant answers to common questions. This feature can significantly reduce response times and help streamline customer support.
Tip: Set up a library of quick replies for frequently asked questions (FAQs), such as return policies, product details, or payment methods.
Trick: Combine quick replies with your chatbot to provide a seamless, automated experience for users, ensuring they get accurate information in real time without having to wait for a human response.
10. Ensure Security and Compliance
Given that WhatsApp is used for sensitive customer interactions, ensuring data security and compliance with privacy regulations is critical. WhatsApp’s end-to-end encryption helps keep messages secure, but businesses must still follow best practices to maintain trust.
Tip: Only collect necessary customer data and ensure that it is stored securely in compliance with data protection regulations such as GDPR or CCPA.
Trick: Regularly review WhatsApp’s business policies and ensure your messaging processes are compliant. Avoid sending unsolicited or spammy messages, as this could result in account suspension.
Conclusion
By following these 10 essential tips, businesses can unlock the full potential of WhatsApp API integration and WhatsApp chatbots. From automating routine tasks and enhancing customer support to using data-driven insights for continuous improvement, these tools offer numerous opportunities to improve customer engagement, satisfaction, and business efficiency.
Software
The United States has prohibited the sale of Kaspersky software due to concerns about security risks originating from Russia
The United States government declared on Thursday its prohibition of the sale of Kaspersky antivirus within the nation and is urging American users of the software to transition to an alternative provider.
The Bureau of Industry and Security, a division of the Commerce Department, has implemented a unique ban on Kaspersky, claiming that the company, being headquartered in Russia, poses a threat to both U.S. national security and the privacy of its users.
Russia has demonstrated both the ability and the intention to utilize Russian companies, such as Kaspersky, to gather and weaponize the personal data of Americans. “Hence, we are obliged to undertake the course of action that we are currently implementing,” stated U.S. Commerce Secretary Gina Raimondo during a conference call with journalists.
Reuters was the first to report on the ban before it was officially announced. A representative from Kaspersky did not promptly reply to the inquiry for a comment.
Starting on July 20, Kaspersky will face a ban on selling its software to American consumers and businesses. However, the company will still be allowed to offer software and security updates to its current customers until September 29. Subsequently, Raimondo stated that Kaspersky would be prohibited from delivering software updates to customers in the United States.
“This implies that the quality of your software and services will decline.” Raimondo strongly advises finding an alternative to Kaspersky without delay.
Raimondo stated that U.S. consumers who are currently utilizing Kaspersky’s antivirus software are not in breach of any legal regulations.
Raimondo stated that individuals and businesses in the United States who currently use or have previously used Kaspersky products and services are not breaking the law, have not committed any wrongdoing, and will not face any legal consequences. “I strongly urge you to cease using that software and transition to an alternative as soon as possible to safeguard yourself, your data, and your family.”
Raimondo announced that the Department of Homeland Security and the Justice Department will collaborate to notify American consumers. Additionally, the U.S. government will establish a website to provide affected individuals with the necessary information to comprehend the rationale behind our actions and guide them in taking appropriate measures.
According to a high-ranking official from the U.S. Commerce Department, the federal cybersecurity agency CISA will engage in communication efforts with critical infrastructure organizations that rely on Kaspersky software in order to assist them in identifying alternative options. The official further stated that they have no intention of specifying any particular action by Kaspersky that prompted today’s decision. (The Commerce Department asked reporters not to reveal the official’s identity.)
The ban, which was announced on Thursday, represents the most recent intensification in a protracted sequence of measures taken by the U.S. government against Kaspersky, a company based in Moscow.
In September 2017, the Trump administration implemented a prohibition on the utilization of Kaspersky software by U.S. federal agencies due to concerns that the company may be coerced into assisting Russian intelligence agencies. In a previous report, it was disclosed that Russian state-sponsored hackers had illicitly acquired classified U.S. documents that were stored on the personal computer of an intelligence contractor. This breach occurred due to the use of Kaspersky’s antivirus software, making it the first documented case of espionage resulting from the use of this particular company’s software.
The Wall Street Journal reported in April 2023 that the decision to prohibit Kaspersky has been under development since last year.
According to the company itself, Kaspersky has more than 240,000 corporate clients globally and over 400 million individual customers. The senior official refrained from disclosing the exact number of U.S. customers that Kaspersky has. However, the official mentioned that there are a substantial number of customers, including critical infrastructure organizations as well as state and local government entities.
Android
Google Chrome now has a ‘picture-in-picture’ feature
Google is getting ready to make a big change to how its Chrome browser works. This is because new browsers from startups like Arc are making the market more competitive. The company said on Wednesday that it will be adding a new feature called “Minimized Custom Tabs” that will let users tap to switch between a native app and their web content. When you do this, the Custom Tab turns into a small window that floats above the content of the native app.
The new feature is all about using Custom Tabs, which is a feature in Android browsers that lets app developers make their own browser experience right in their app. Users don’t have to open their browser or a WebView, which doesn’t support all of the web platform’s features. Custom tabs let users stay in their app while browsing. Custom tabs can help developers keep users in their apps longer and keep them from leaving and never coming back.
If you make the Custom Tab into a picture-in-picture window, switching to the web view might feel more natural, like you’re still in the native app. People who send their customers to a website to sign up for accounts or subscriptions might also find this change useful, since it makes it easier for users to switch between the website and the native app.
After being shrunk down to the picture-in-picture window, the Custom Tab can be pushed to the side of the screen. Users can tap on a down arrow to bring the page back to the picture-in-picture window when it is full screen.
The new web experience comes at a time when Google is making it easier for Android users to connect to the web. People can find their way to the web with AI-powered features like Circle to Search and other integrations that let them do things like circle or highlight items.
The change is coming to the newest version of Chrome (M124), and developers who already use Chrome’s Custom Tabs will see it automatically. Google says that the change only affects Chrome browsers, but it hopes that other browser makers will add changes like these.
- Gadgets10 years ago
Why the Nexus 7 is still a good tablet in 2015
- Mobile Devices10 years ago
Samsung Galaxy Note 4 vs Galaxy Note 5: is there room for improvement?
- Editorials10 years ago
Samsung Galaxy Note 4 – How bad updates prevent people from enjoying their phones
- Mobile Devices9 years ago
Nexus 5 2015 and Android M born to be together
- Gaming10 years ago
New Teaser For Five Nights At Freddy’s 4
- Mobile Devices9 years ago
Google not releasing Android M to Nexus 7
- Gadgets10 years ago
Moto G Android 5.0.2 Lollipop still has a memory leak bug
- Mobile Devices9 years ago
Nexus 7 2015: Huawei and Google changing the game