As technology advances, cybercriminal attacks evolve, necessitating the creation of new cybersecurity methods. In May, David Willett, underwriting value creation executive at ProSight Specialty Insurance, alluded to his involvement with beta testing a new risk management tool, and he agreed to share more details: “ShadowNet measures beacons that are transmitted while using certain applications. I believe that everyone in the collision and automotive industries need this level of protection because they are exactly the type of people who are targeted by cybercriminals.”
Willett was joined by his “favorite cyber security engineer,” Jeff Stull, founder and CEO of RiskAnalytics, which manufactures ShadowNet. “The cyber security landscape mirrors history – the bad guys build a missile, the good guys build a shield, the bad guys build a better missile, so the good guys build a better shield, and so on. The attackers have the advantage because they can select the time, place and method of attack. At RiskAnalytics, we want to fundamentally alter the paradigm of cybercrime and security because reactionary products don’t work for long. We needed to find a way to be more proactive.”
Although the automotive and collision repair industries typically haven’t been subjected to much cybercrime, compared to the healthcare industry, since most shops don’t keep customers’ personal information on-hand, cybercriminals have begun to “figure out that every computerized business will pay money on a ransom basis, and it’s very easy to insert malware inside a company’s computer system to lock everything up and prevent them from doing business,” Stull said. “Repair shops typically don’t invest in a lot of cybersecurity beyond antivirus protection and a firewall, but everyone who’s been breached has a firewall; it doesn’t stop the plague of ransomware. Industries that haven’t invested in cyber protection are ideal targets.”
Cybercriminals use ransomware because, in this technologically advanced society, all businesses depend on their computers in order to product work, so they’re very likely to pay the ransom. According to Stull, “The crime of ransomware is pervasive and widespread across all industries, including automotive and collision. The best way to protect against ransomware is to prevent it from reaching the user’s computer in the first place, thereby eliminating any opportunity to encrypt data. At RiskAnalytics, we started looking at different ways to use threat intelligence in order to block all communication between cybercriminals and our customers.”
Exploring research on flu vaccines, RiskAnalytics’ engineers were struck by the parallels between biological systems and cybersecurity, down to the terminology used, such as infection and virus. “What piqued our interest was the ongoing researching into a universal flu vaccine. By focusing on the part of the flu virus that remains constant from season to season, scientists are seeking to create a universal flu vaccine, the holy grail,” Stull explained. “Similarly, instead of reacting to each cyber-attack payload or method individually, we focus on defending against cybercriminals at the most fundamental level of the Internet by disrupting communication between them and our customers, throwing a monkey wrench into all their plans. It’s simple, but this fundamentally different way of defending against cybercrime is deadly effective and super subtle.”
By tracking cybercriminals and global criminal syndicates, RiskAnalytics identifies which domains are most frequently used to stage attacks. The company designed ShadowNet to prevent them from reaching vulnerable businesses they hope to exploit. ShadowNet is a real-time threat intelligence feed that can be used by a company to disrupt criminal communications. For small companies, RiskAnalytics has simplified and weaponized the threat intelligence to run on a fully automated appliance, called IntelliShun. This can be installed outside a shop’s firewall to prevent incoming cyberattacks as well as to block the outbound communications that arise when a user clicks on a phishing email link. “IntelliShun is your first and last line of defense,” Stull stated.
More recently, RiskAnalytics released a phone app that gives control back to the user by preventing personal information from being used by websites and the various apps that run on your phone. “Your phone routinely communicates with servers located in non-western countries around the world: China, Russia, Turkey, Columbia, Tovalu. It goes on and on. If you don’t do any business in Russia, why does your phone need to communicate with Russian servers?” Stull queried. “Over the course of an average day, the ShadowNet app blocks as many as 20,000 communication attempts to servers outside the U.S., often in places without Western privacy laws.”
“We discovered a unique way to protect users’ phones from cybercrime by giving them control over how their phones communicate,” Stull added. “Every app you download and each website your visit contains a privacy statement, allowing them to obtain your personal information and send it to servers in countries all over the world. ShadowNet is a really simple way to gain control of how your information is being used, while simultaneously providing an affordable and effective means of cybersecurity on a device which normally offers no protection against these types of attacks.”
Cybercrime is a growing problem, Stull pointed out. “Most traditional solutions are completely ineffective, and it’s only getting worse because it’s so easy. Since most cyber attacks are perpetrated outside Western law, there’s little risk of getting caught or being incarcerated. Fortunately, with a fundamental shift in how they address the risk of cyberattacks, many shops will barely have to spend a dime. Educate your users so they understand the dangers of phishing emails and how to identify them. Don’t communicate with domains and websites that are known aggressors. Turn off all unnecessary services in your devices, and make sure the apps you use are frequently updated.”
“Because almost all ransomware attacks exploit known software defects, these simple tactics can protect your shop well into the upper 90th percentile. Better, these efforts are very cheap, easy and highly effective, making them worth exploring before investing in additional solutions that are more expensive and difficult to implement.” Stull confided, “The cybersecurity industry’s dirty little secret is you don’t always need to buy the cool newest thing on the market.”
ShadowNet is available on the Apple App Store by searching “ShadowNet.” The app is automatically configured to block certain domains, but by going to advanced settings, users can “block all countries except the US” or choose which domains to block. “Shop owners should note that many tech companies use domains ending in .ai, .io and .libya, plus many users allow access from the .ly domain due to commonly accessing bit.ly websites,” Stull shared. “If you see any difference in how your phone operates after installing ShadowNet, it will likely operate faster and better.”
Willett chimed in to remind shop owners that it’s important to set up a separate network for the business, while mandating that all personal devices, including employees’ company-issued phones and PDAs, access the internet through a public network used for customers. “You don’t want to invite your employees’ entire network of family and friends into your system, or you’ll soon be wondering why you’re having system issues,” he warned. “Business owners always need protection, even when it’s unrelated to their industry specifically, because cybercriminals assume they’re affluent. If you’re a shop owner who doesn’t want your personal information, your business information or our family to be vulnerable to cybercriminals, you’re going to want to look into ShadowNet.”
Most problems with cybercrimes have really simple solutions, Stull believes. “Turns out your mom was right – you shouldn’t talk to strangers, and neither should your devices. Protecting yourself and your shop from cyber attacks isn’t a function of how much you spend, but whether you’re implementing fundamental protections to block attacks. By implementing a few simple controls, customers can regain control of their system and help us completely change the paradigm on cybersecurity.”
For more information about RiskAnalytics and ShadowNet, visit www.riskanalytics.com.