Sunday, November 25, 2012

Symantec: Cybercriminals make £3m from ransomware

This article was written by Rene Millman, 9 Nov 2012 Reprinted by Permission

Criminals are making £3 million a year from holding people’s computers to ransom, according to a new study.

Research from IT security company Symantec revealed that 2.8 per cent of victims pay up to £280 to unlock computers infected with malware that locks screens and prevents them from accessing their PCs.

Cybercriminals often use social engineering tricks, such as displaying fake messages purporting to be from local police authorities, to convince victims to pay up. Such messages often include warnings such as, “you have browsed illicit materials and must pay a fine.”

The research found that one gang was observed attempting to infect 495,000 computers over the course of just 18 days. The first instances of this type of cyber-attack were observed in 2009, and - until recently - it was largely limited to Russia and Eastern Europe.

“It has increasingly become a popular ploy among numerous international online criminal gangs, spreading the threat to Western Europe, the United States and Canada over the past year,” said the company.

Symantec said ransomware will surpass fake anti-virus software as the leading cybercrime strategy in the coming year. It said there are other signs that ransomware is becoming increasingly professional.

Several different ransomware families, sold to what appear to be separate gangs, have all been tracked back to a single individual.

“That individual, who we have been unable to identify, is seemingly working full-time on programming ransomware on request” said the company.

“This dedicated development of multiple different versions of the same type of malware is reminiscent of how fake antivirus was developed.”

The company also predicted that as users shift to mobile and cloud so will attackers to exploit Secure Sockets Layer (SSL) Certificates used by mobile devices and applications.

Earlier this week IT Pro reported that security researchers have identified a new malware strand that steals image files from computers and sends them to a remote server.

The Art of Delegation, Part 1 of 2

This article was written by Barry Mc Kinley, SCORE Orange County Business Mentor

imageOne of the major differences between a small business that doesn’t grow and a company that is constantly growing is that the management has mastered the Art of Delegation. Using effective delegation allows many more tasks to get completed while developing more knowledgeable and inspired employees. If you are a sports fan you get frustrated and angry when your teams “super-star” hogs the ball and all the glory. To be effective in sports you have to play as a team, this is certainly no different in business. If you work on your own, there’s only a limited amount of what you can do, no matter how hard you work. Your growth and income becomes limited to the amount of hours in a day. You quickly will feel the pressure and work overload.

Without building your business via delegation if you become sick or take a vacation your business collapses. Nobody has any idea what to do nor has the confidence to try to do it. The smart manager is constantly challenging employees with new jobs and responsibilities. By effective delegation you are building a stronger team and are prepared in the event that a key employee leaves your company.

Over the years I have heard many excuses for not utilizing delegation, to list just a few;

· It takes too long to train the person

· I can do it better

· I don’t trust somebody else

· I don’t want them to know about my business

· I don’t want somebody trying to change things

Almost without exception I heard these responses from business owners who also told me almost in the same breath they were overworked and their business was not growing. Do you think that Steve Jobs build Apple by doing everything himself? Or about Henry Ford, Bill Gates, Donald Trump, or Stanley Messedup. Never heard of Stanley that is because he tried to do it all himself including meeting with the bankruptcy attorney for his company.

When to Delegate

To determine when delegation is most appropriate there are five key questions you need to ask yourself.

· Is it a task that somebody else can do, or is it critical you do it yourself?

· Does the skill provide an opportunity to grow and develop an employee’s skills?

· Is this a recurring job in the future either in this or a similar form?

· Do you have enough time to delegate the job effectively?

· Is this a task that I should delegate?


This article was written by Rodger Dean Duncan, November 9, 2012 Reprited by Permission

So you think you're trustworthy? Think again. Here's how to evaluate your credibility--and build trust among your colleagues.

You wouldn’t deliberately dilute your own credibility. But it’s possible that some of your innocent behaviors are producing precisely that unintended consequence.

Credibility problems can come in the form of trust busters. Let’s consider two of the most common ones, along with their fixes that I call trust builders.

Trust Buster #1: Double Talk

This takes many forms, all of which damage or destroy trust:

“Spin”: We communicate with others by sharing our opinions and championing our causes. That’s fair and understandable and a natural part of human interaction. “Spin,” on the other hand, is often used as a pejorative term, and rightfully so. “Spin” usually describes a heavily biased portrayal in one’s own favor of an event, situation, or topic. Although it’s possible to spin information honestly, the term as used here implies disingenuous, deceptive, and even manipulative tactics. An obvious example would be the state-run media in some countries that selectively allow news stories that are favorable to the government while censoring anything deemed critical. A common example closer to home is the blather that tries to pass itself off as helpful information in the annual reports of public companies. When a letter to shareholders begins with “This was a challenging year for our company . . .” it’s a pretty safe bet that what follows is the rhetorical equivalent of putting lipstick on a pig--the company’s performance nose-dived, targets were missed, and it can all be blamed on market conditions and political intrigue beyond the control of management.

Cherry picking: This is a close cousin of spin, and takes the form of selectively presenting facts and quotes to support a particular position. The result is often a false impression. Politicians do it all the time. A member of Congress might highlight a piece of legislation he claims to have co-sponsored. The way he tells the story you’d think he was riding into town on a white horse as the primary champion of the cause. In reality, he fails to mention that the legislation is also co-sponsored by more than a hundred other Congressmen and that his actual involvement amounted to little more than adding his name to the list. In the corporate world, cherry picking often occurs when restructuring is announced, when performance initiatives are rolled out, and when organization charts are reshuffled. Trust suffers.

Euphemisms: These are words designed to deflect attention from something considered distasteful or unpleasant. In some families, nobody ever dies, they “pass away.” In some social circles, nobody is insulted or disrespected, they are “marginalized.” In some companies, people don’t get fired or dismissed, they are “outplaced.” As one writer said, euphemisms are like secret agents on a delicate mission, they are unpleasant truths wearing diplomatic cologne. The trouble with euphemisms is that despite the cologne they still stink.

Jargon: Much like slang, jargon is terminology that often develops as a kind of shorthand used by members of a group--like computer people talk about RAM, CPU, URLs, and related things. Acronyms--abbreviations formed from initial letters or a term or phrase--are another kind of jargon. These are not inherently a problem, but they tend to fog up communication when used to excess or with people unfamiliar with the code.

Buzzwords: Buzzwords are in a class by themselves. These overused terms are common to corporate, technical, administrative, and political environments, but they’re evident in other places, too. While jargon (ideally) at least has a defined technical meaning, buzzwords are often used primarily to impress with a pretense of knowledge. Instead, they usually result in opaque sentences with mushy meaning. I saw one organization’s so-called mission statement that read something like this: “In a spirit of continuous improvement, it is our responsibility to provide access to low-risk high-yield benefits to our customers and to administrate economically sound policies while promoting personal growth and fulfillment for our associates.” My ninth grade English teacher would have kicked me out of class for writing a sentence like that. When used sanely, words like leverage, passion, bandwidth, paradigm, empowerment, framework, and space have a welcome place in our language. But when strung together in a cobweb of obfuscation, the result is bewilderment, not communication; suspicion, not trust.

Vague commitments: When a boy picks up your teenage daughter for a date, you’ll likely want some information about what’s on the agenda for the evening--things like where they’re going, who will be there, what the activity will be, and when you can expect your daughter to return home. You want your daughter to have fun and, above all, you want her to be safe. If the guy gives you no more data than “I’ll bring her back,” you’ll have second thoughts about letting your daughter out the front door. In the business world, vague commitments are no less of a trust buster. Some people pay lip service to clarifying expectations, but then they fail to provide specifics on results, deadlines, budgets, or most anything else about performance. It makes no difference whether this failure is inadvertent or by design. The effect is the same: fragile trust.

Trust Builder #1: Clear the Fog

Honesty and clarity are the best prevention against double talk. Simply don’t engage in double talk in the first place. Avoid ambiguous or evasive language. Use simple words. Lay out the whole story, warts and all. Billionaire Warren Buffett, chairman of Berkshire Hathaway, is a model of straight talk in all his business dealings. It’s especially evident in his annual “management letter” to shareholders. Buffett’s phenomenal success is something he gladly shares with his vice chairman Charles Unger, his small staff, and the managers of his various companies. He’s also quick to shoulder responsibility for the negative. He says things like “If Charlie and I fail, we will have no excuses,” and “When Charlie and I make mistakes, they are--in tennis parlance--unforced errors.”

Clearing the fog is not complicated:

  • To avoid “spin,” be sure that all sides to an issue get a fair hearing. Remember that a pig with a lipstick is still a pig. Play it straight. People appreciate--and trust--plain talk.
  • Use examples that are plausible, relevant, and real. People trust illustrations that connect to their world.
  • Use language that stands up straight. Words that lurk behind corners or tiptoe around issues are neither credible nor convincing. Political correctness is a particular offender.
  • Make specific, realistic commitments. Then honor them.

Trust Buster #2: Pulling Rank

Some people try to exert influence by using the power of their position or authority. Maybe their ego gets in the way. Maybe they delight in the role of bully. Maybe they’re impatient and just want others to do things their way. Maybe they simply lack confidence and are reluctant to entertain the views of others. Whatever the reasons, pulling rank is never effective in engaging peoples’ heads, hearts, and hopes. In fact, it does just the reverse.

During my years at Campbell Soup Company I worked for two CEOs--Harold Shaub and Gordon McGovern. They were worlds apart in virtually every aspect of leadership. Harold Shaub was an old-school executive whose closest colleagues--even those who had worked with him for more than 35 years--still called him “Mr.” He clearly preferred surrounding himself with “yes men,” people who blindly followed his orders with no alternatives offered and no questions asked. He seemed to relish the perks of his office, and was none-too-subtle about reminding people that he was the boss. When Shaub retired, he was replaced in the corner office by Gordon McGovern. Gordon was nearly a direct opposite. He preferred the employee cafeteria over the executive dining room with its silver and china and deferential butlers. Though well-bred and Ivy League educated, Gordon was informal and approachable. He thrived on lively conversation, especially with people who offered opposing views. He was as comfortable chatting with a worker on the plant production line as he was in talking with a member of the board of directors. In fact, because Gordon was so approachable, he got some of his best ideas from people who operated at several rungs lower on the organization chart. He seemed totally blind to the issues of rank. Though this seemed to annoy some of the Harold Shaub holdovers in the executive suite, it endeared Gordon to nearly everyone else in the company. He was, by far, more effective than his predecessor in bringing out the best in others.

Trust Builder #2: Drop the Pretense

Using one’s higher status to compel obedience or obtain privileges is guaranteed to spawn resentment. When a boss pulls rank, people respond more out of compliance than out of commitment. Besides, pulling rank often comes across not as a sign of strength but as a sign of weakness. Pulling rank looks like a last resort, even when used early. After all, the reasoning goes, why would anyone need to pull rank if his viewpoint could stand on its own merits?

Let’s get real. Even though you may have position, title, a reserved parking space, and maybe a bigger desk lamp than the guy next door, you’re really no smarter than most of the people in your organization. You may have “paid your dues,” to get where you are. But that doesn’t mean you have more brain cells. So drop the pretense. You’re all in this together. And the better you are at exercising influence rather than authority, the better you’ll be at engaging the heads, hearts, and hopes of your colleagues.

Here are five steps to help you drop the pretense:

  • Question your motives. Are you using your position or authority to browbeat people into doing things your way? Are you trying to stifle open discussion? Are you using the leverage of your position just because you can? Do you somehow feel threatened--for example, by someone who offers a view difference from yours? If the roles were reversed and someone tried to pull rank on you, how would you feel?
  • Examine your case. Are there leaks in the case you’re trying to make for adopting your view? Is pulling rank just a way to camouflage those leaks?
  • Inspect your language. Are you using words like “It’s my way or the highway . . .” or “Remember that I’m the boss . . .” or “Just do what you’re told . . .” or “I thought you liked working here”? These are blatant examples of pulling rank, with bullying thrown in.
  • Consider the desired outcomes. If mutual purpose and mutual respect are what you really want in your relationships, you’ll realize that pulling rank introduces a tone that’s contrary to mutuality.
  • Practice your conversation skills. Remember that true dialogue cannot occur in an atmosphere where one person tries to exert power over another. Beware the temptation to shift gears from collaboration to command-and-control. Listen with empathy. This means listening to understand, not to judge or rebut. Inquire to discover. Advocate with respect. All of these dialogue skills reinforce a “we’re all in this together” tone and diminish the temptation to exercise unrighteous dominion by pulling rank.

Rodger Dean Duncan is an expert on leadership development and strategic change management. Since he founded Duncan Worldwide in 1972, his clients have included senior executives at major companies in several industries and cabinet officers in two White House administrations. His best-selling book is Change-Friendly Leadership: How to Transform Good Intentions into Great Performance. Follow him on Twitter.

Three Good Reasons for Going Into Business – Not!

This article was written by Mike Capsuto, SCORE Orange County Business Mentor

imageThe most common reasons people express a desire to go into business are:

  • Financial security
  • Job security
  • Become their own boss.

None of these are entirely good reasons.

First, it takes three to five years of intense work and frustration before a business generates sufficient cash flow to provide a comfortable level of financial security for you and your family. I once asked a businessperson how he became so successful. He said that it took years of hard work and having to overcome many failures to be an overnight success. He also said that it was financially well worth it.

Second, when self employed you start every morning unemployed. Sales do not miraculously appear at your door. You have to get out, meet customers and close sales before your competition does.

Third, there are many outside pressures preventing you from being entirely your own boss, many of which you never had to contend with as an employee, such as:

  • Expectations of family, investors and creditors
  • Compliance with local, state and federal laws and regulations
  • Skills of the labor supply
  • Changing technology
  • Lack of financing
  • Customer demands
  • Competition

With all these conflicting factors, how does one become successful?

Though important, success does not entirely come by forming a business entity, conducting market surveys, writing a business plan, etc. as literature may suggest. Businesses are run by people and their personalities.

Do you have or had an activity in the past such as a hobby, playing golf or any other fun pursuit that got you excited? You could not wait to get started. You looked forward to facing the competition. You had no fear of failure yet, every time you failed, you created new winning strategies. People were attracted to you by your energy. Successful entrepreneurs have similar personality traits and understanding these traits will increase your chances of your business succeeding.

· Emotional Intelligence: All clients or customers have a level of anxiety when dealing with your business. They are thinking: “Can I afford it?”; “Is it healthy?”; “Can I find it elsewhere for less?”; or “Does it make me look fat?”. Successful people have a high level of emotional intelligence. They have the ability to identify and understand a customer’s emotions and communicate in a positive way in to overcome their anxieties. This understanding of emotions helps you relate better to other people, forming strong business relationships and achieve greater success. Some literature call this the Likeability Index.

  • Persistence and Confidence: Many successful people failed more often than they had successes. They treat each failure whether large or small as a new learning experience. Adjusted their approach and went after the solution with enthusiasm. More people fail because they just give up. Believe in yourself and continue to try even though giving up seems the simplest solution. If you give up it will always be in the back of your mind “What if I had done ….”.
  • Creativity: Creativity is the ability to solve problems in new and interesting ways. Whether you are developing new business strategies, improving daily operations or finding ways of resolving a customer’s problems, creativity will allow you to find the unique solutions for success.
  • Ability to Handle Fear: Fear holds people back. People don't try due to the fear of losing money, making a costly mistake, ridicule from family, friends and peers, and the fear of not having a regular pay check. Others have fear of meting people and having to sell them on your product or idea. To not to try is the same as giving up. Successful entrepreneurs have fear. They have learned to become educated about their problems and suppress that fear when times are difficult.
  • An Inquisitive Nature: People succeed because they have the ability to ask why? They want to know why something happens and move to improve that method. Their inquisitive nature allows them to achieve a deeper understanding of problems faced in their business and in turn allows them to become more efficient. They solve problems by asking why?

If you define your business as a fun pursuit, the business will have its own momentum. Your attitude will change from the stress of having to make your business grow to knowing that it will be growing on its own, and you will be enjoying every minute of it.

Labor Law Change Would Threaten U.S. Businesses

This article was written by Michael J. Lotito, employment and labor law attorney - 10/19/12 from MSN Reprinted by Permission

Employers nationwide, take notice: The U.S. Department of Labor is bringing partisan politics to your lawyer’s office. The DOL is close to making a change to an obscure labor law. If it is enacted, you should prepare to make some of your company’s most private information public. This issue, buried deep in territory well known only to a few labor-law specialists, is on the front lines of the ongoing struggle between management and unions. Since 1959 the Labor Management Reporting and Disclosure Act has protected workers who want to unionize by making sure a company cannot organize a stealth antiunion campaign. The law says an employer must disclose certain information to the DOL when it hires someone to communicate with employees about unionization and labor-related issues. For example, if a company is concerned that its workers might unionize and calls in a consultant to present information to employees, the company must report that it has hired a “persuader” and how much it paid in fees.

But in June 2011 the DOL said it believed companies had been “underreporting” those relationships. It then proposed changing the definition of persuader to extend far beyond anyone who communicates directly with employees to include attorneys who work with companies on a number of issues that affect the workplace.

The proposed rule is clearly aimed at companies that could be involved in a union-organizing campaign, but it would ultimately muzzle an employer’s proactive efforts to foster a positive workplace environment. For instance, a company might ask its legal counsel to evaluate its vulnerabilities and make recommendations for improvement. As a client, a company would expect this work to be done confidentially. But under the proposed rule, it could no longer conduct such evaluations in private. If a company were to hire a law firm, a union would likely pay close attention and could gain access to previously confidential information.

The proposed rule is so broad that it could entrap companies that have no union-related issues at all. The change would make public an astonishing number of the day-to-day private actions of running a business. “Virtually nothing involving labor relations will be exempt,” stated the Society for Human Resource Management, which represents human resource professionals, in comments written to the DOL.

Does your company have a policy regarding how your employees use Facebook, Twitter and the like? The proposed rule effectively says that if your company hires outside counsel to get advice on a labor issue, including a social media policy, you would have to disclose the relationship in a report detailing whom you hired, why, and how much you paid. That report would be available to unions, your competitors and your customers. Do you share a lawyer with a company that has unionization issues? The DOL’s proposed rule also affects you. Once a law firm or consultant is labeled a persuader, all labor-related work it does for any client has to be disclosed at the risk of criminal penalties. What will many rganizations do as a result? Call no one—which is exactly what proponents of the rule hope will take place. The proposed change would fundamentally alter the confidential attorney-client relationship that has existed since this nation was formed. The American Bar Association, careful to take the side of neither unions nor management, has come out against the proposal, calling it “an unjustified and intrusive burden on lawyers and law firms and their clients.” The Association of Corporate Counsel says it runs “directly contrary to an attorney’s ethical obligations in maintaining client confidences” and, citing the 50 years of precedent, requests that the DOL “explain why its predecessors for over a half-century have been ‘wrong.’”

Beyond the enormous privacy implications, this rule would have a big economic cost. In a July 19 report, the U.S. House Committee on Oversight and Government Reform describes a flood of federal regulation that is holding back economic growth. This rule was one of 18 problematic new regulations it cited, and its estimated annual cost was $100 million. The fear is that partisan politics will push this change through, perhaps after the presidential election, when there is less concern about alienating voters. To prevent that, it is imperative that employers take on this issue directly. Employers successfully defeated another union-related proposal put forth last year by the National Labor Relations Board that would have expedited the union election process, making it easier and faster for unions to win a union campaign. The rule was finalized, but the U.S. Chamber of Commerce sued, and the U.S. District Court for the District of Columbia ultimately found it invalid. Employers need to step up and heed this example to prevent this rule change from becoming law. The sanctity of your relationship with one of your most trusted advisors—your counsel—and the fundamental right to attorney-client confidentiality are at stake.