Canadian to receive FBI award for uncovering massive botnet scheme

Chris Davis helped bring down one of the largest networks of hijacked computers ever uncovered — more than 15 million PCs in virtually every country and many major corporations, including most of the Canadian banks.

For his troubles, the B.C.-born computer security expert is set to be recognized by the Federal Bureau of Investigation, which played a lead role in the investigation and subsequent prosecution of the three men — two Spaniards and a Slovenian — who masterminded the scheme, one of the world’s largest-ever so-called botnets.

Mr. Davis is likely the only Canadian and one of the few non-FBI employees to receive an FBI Director’s Award.

“The Director’s Awards are the highest honour employees may receive, and they recognize outstanding contributions and exceptional service to the FBI and its mission,” the agency said in an emailed statement. “The Butterfly Botnet investigative team involved foreign law enforcement and private sector partners; their efforts were critical to the success of the investigation.”

The presentation will take place in the fall.

Botnets are always a threat, but the one Mr. Davis discovered in 2009 was particularly malicious, set up to steal passwords, credit card numbers and other personal data and secretly funnel it back to the criminals running the scheme.

In this case, the malware was created by an IT specialist at a telecom company — his day job —  in Slovenia, who then sold copies for the equivalent of about a thousand dollars.

His customers, would-be cybercriminals, could then begin using the product to infect and hijack other computers over the Internet.

“The stuff was very sophisticated,” Mr. Davis said in a telephone interview. “When they arrested the guys in Spain, the police recovered, like, millions of stolen credit card numbers. They were supposed to be unemployed, but they had nice apartments, new cars, flat-screen TVs. I mean, they were high school dropouts. One of them, when he went on vacation, he chartered a yacht.”

When police bring down botnets, they typically charge the middlemen, the guys who bought the malware, but fail to get the real criminal, the malware author, for lack of evidence. This time was different, thanks to Mr. Davis and a group of like-minded security officials at other organizations who worked with law enforcement officials to tease out details of the scheme.

Two years ago police in Slovenia charged Dejan Janžekovic, a former computer technology student in his early 20s, with computer crime.

I started to dig into where the [traffic to the malware sites] was coming from and I noticed that it was coming from all over the world

He was granted bail but, surprisingly, as soon as he was free he went right back to selling his malware kits. So the police re-arrested him. This time they took a firmer approach.

“The FBI had a guy who came along and the story is that a Slovenian cop showed up dressed in riot gear with a ladder over his shoulder. He puts the ladder up to the back of the guy’s apartment, climbs up, throws a flash-bang into the room, climbs back down and disappears with his ladder.”

The suspect was so surprised he forgot to log off when the police burst in.

At the time Mr. Davis was running a start-up computer security firm based in Ottawa called Defence Intelligence. He had been looking into Internet traffic, specifically connections to sites he suspected were associated with what he later figured out were the criminals in charge of the botnet.

“I started to dig into where the [traffic to the malware sites] was coming from and I noticed that it was coming from all over the world. I saw queries from Canadian banks, Canadian government departments, from U.S. government departments, from the U.N. You know, all over the place.”

It seemed like a good idea to contact some of the companies that had been victimized. “We had our people call up and say, we’re not trying to sell you anything, this isn’t a crank call. You have a compromised computer and here’s how to fix it,” Mr. Davis said.

But instead of gratitude, often they were met by hostility and disbelief.  “It was pretty frustrating,” he acknowledged.

The Canadian Bankers Association acknowledged at the time that while the malware might have found its way onto computers within the big banks, no customer data had been stolen or compromised.

As recently as three years ago, such malware was mostly focused on stealing personal information rather than corporate data. As such, the consequences weren’t necessarily so severe for companies. But the bad guys have upped their game, according to Mr. Davis, and as a result that has changed.

Mr. Davis is currently director of partnerships at CrowdStrike, a computer security firm based in Irvine, Ca.

Scott Steinberg: The New Rules of Advertising, Marketing and PR

In an age of constant change and connectivity, everything has changed for working professionals, brands and businesses. Regardless of your chosen industry or field of expertise, famed social media expert and Altimeter Group analyst Brian Solis proposes a better approach to navigating these increasingly choppy and uncertain waters in his new book What’s the Future of Business? Outlining what it takes to lead in tomorrow’s commercial world, and create better strategies for connecting with and engaging consumers, the volume reminds organizations of every size and scope that success comes when we focus on the customer experience as much as the tools (specific technology, trends, etc.) we use to provide it. In the following interview, Solis outlines the future of marketing, advertising, and customer relationship management, and offers hints, tips and advice for meeting the challenges associated with operating in a world of shrinking visibility and growing competition.

Q: Since you took it there, we’ll bite – what is the future of business for modern working professionals and executives or entrepreneurs, and how vastly different does it look from the landscape today?

A: This is a more philosophical conversation. The future of business is different for every company, but it’s rooted in one thing, resilience. When it comes down to professionals, executives and entrepreneurs, I remind them that they’re embarking on a hero’s journey where no path is defined and no template is complete. These are times of vision and courage and those who seek answers to the questions everyone is asking and those who answer new questions that have yet to be asked will find direction and opportunities.

Trying is no longer good enough. Working hard is no longer good enough. Following in the footsteps of others will only lead you on a path of business as usual. This is a time to see what others cannot and do what others will not.

It all begins with understanding where your customers and prospects are, what they value, how they make decisions, and what it takes to earn alignment. This is why the hero’s journey is different for everyone. But in What’s the Future of Business, I refer to Joseph Campbell’s work to help people understand that the change they’re seeking requires a great effort, passion, and perseverance. I’ve adapted his Hero’s Journey to help readers understand that they will face obstacles, but that there are also tremendous opportunities for those who walk their own path.

Q: How drastically has the marketing/sales funnel changed for modern enterprise, and how does this impact the way in which we should working to interact and engage consumers?

A: The funnel only cares about the funnel. That’s one of the cartoons that Hugh Macleod (@gapingvoid) created for WTF. The idea of a linear path is absurd. And while some will argue that businesses don’t really think customers follow a linear path, they do manage funnel-related activity from disparate parts of the organization.

Marketing is broken out into paid, earned, and owned, and sometimes also divided by analog, digital, social, and mobile. Service departments man dated technology to address issues. And even with new channels, they apply prehistoric methodologies to contend with connected customers. As for sales, loyalty teams, etc., everything and everyone is run from its own fiefdom. No one talks to one another and therefore by default, the experiences a customer has throughout the lifecycle are disjointed, inconsistent, and designed to introduce friction.

Q: What does today’s journey really look like from any given brand’s audience’s perspective then?

A: The customer journey today is much more dynamic and it’s always on. People make decisions using different touchpoints, they value input from peers, they rely on shared experiences to validate or inform actions, and they contribute their experiences back to a growing collective of customer impressions and expressions. It’s not just about the traditional venues and methods. It’s not just about adopting new technology and finding creative ways to get people talking. This is a fundamental shift in philosophy to understand how customers behave, not just the tech that they use, but rather to feel empathy and to uncover context.

Screens, social networks and websites are not all created equally. It’s our job to better understand what their journey looks like today so that we can plot new courses, open new touchpoints, and optimize the journey so that it’s efficient, delightful, and beneficial to all involved. I recommend that businesses employ social scientists such as digital anthropologists and ethnographers to map today’s customer journey and understand the culture and behavior associated with engagement in each channel to design programs and strategies that matter. This is customer journey management (CJM), the future of CRM. From there, we can think about customer journey optimization (CJO) in order to make each touchpoint perform better and to promote shared experiences to appear and inform in every moment of truth.

Q: What’s the single biggest mistake you see modern organizations and professionals making when attempting to speak to customers?

A: Businesses underestimate customers by engaging from a technology-first perspective. Social, Mobile, Real-time, Cloud, it’s all about the trends and not about the experience. When you study the customer journey, you quickly realize that the context of engagement is related to the stage of the lifecycle and not what current strategies employ.

Just look at how businesses use social networks. It’s largely applying the same old marketing in channels that require more than broadcasting guised as conversations. Charlene Li and I published a report recently that explored how businesses were largely not aligning social media strategies with business objectives. We were blown away but not surprised at the same time. You can download it for free here.

The point is that we need an empathy-first approach and then digital second or third. Understanding aspirations, desires and challenges allow us to work together internally to deliver a cohesive, frictionless, and optimized brand experience externally…that only improves throughout the lifecycle!

Q: Why this book? Why now?

A: The last thing the world needs is another book on social and mobile media. I know we certainly don’t need another book that shares the same business examples from Zappos, Virgin America, American Express, Starbucks, et al. We need a blank canvas. We need to solve for problems that are unique to us not just like us.

This is a time for leaders not managers or followers. To demonstrate my point, I took the concept of what a business book could be in an era of connected consumerism. Take the fancy sleeve off of any hard cover business book and you’ll see a book that looks like every other, made up of the same cheap paper and small uninspired fonts and graphics. In a book that talks about how Generation-C, or connected consumerism, is changing, why would I communicate that story the same old way? I wouldn’t. And to make my point, I had to step outside of my comfort zone, just like you will have to do, to learn how to connect to connected customers.

I had to change how I write and speak. I had to create imagery and infographics to communicate messages that wouldn’t work in text. I set out to create a book that was in of itself an experience. I studied UX and designed what I call an analog app. It features a nav bar to take readers through the book their way. It’s square in shape similar to a tablet window. The pages are designed with four color, rich with graphics, shorter bursts of text and white space, all designed to make it easier and more fun to get through without losing the core message.

The creative team at Mekanism helped me bring the design to life. Hugh MacLeod and @gapingvoid, summarized each chapter with a clever cartoon. The book is as much a testament to innovation as it is a helpful guide to bring about meaningful change.

If I could do this with a book, imagine what you can do.

CFTC finalizes plan to boost oversight of fast traders: official

CHICAGO (Reuters) – The U.S. Commodity Futures Trading Commission is preparing to reveal a laundry list of potential options to increase oversight of high-speed and automated trading, an agency official said on Friday.

Steve Rhode: I’m Disabled With 20 Year Old Law School Debt I Struggle to Pay

Huffington Post Reader Question

Dear Steve,

I have amassed a huge student loan debt from law school over 20 years ago. I never completed law school because of mental health issues.

My loans went into default and I have not been in an economic position to make regular payments all of these years. The student loan company (American Student Assistance) takes money from my SS Disability and the IRS gives them my tax return every year.

I filed bankruptcy several years ago but was unable to discharge the school loans.

How do I go about trying to get relief from these loans without having to pay an attorney?


Don’t miss my free my weekday email newsletter with the latest tips and advice on how to beat debt and do better financially. Subscribe now. – Click Here

Dear Tony,

The ability for bankruptcy lawyers to deal with student loans in bankruptcy is still a very new issue. Most people, and bankruptcy attorneys incorrectly assume there is no hope for addressing student loan debt in bankruptcy. That is simply not true.

Your case sounds very similar to that of Mike Hedlund, who also went to law school but never became an attorney. Mike was able to get a substantial partial discharge of his student loan debt in bankruptcy. You can read all about his case here.

It sounds as if these are federal student loans if they are garnishing your tax refund. There are several good options for dealing with this debt.

First, if you get a refund each year then adjust your withholdings so you breakeven at the end of the year. That way there is nothing to take from the IRS.

Second, it sounds as if Social Security has issued you a disability determination and you may be eligible for a disability discharge of your federal student loan debt. You can learn more about that option in the free guide The Ultimate Guide to Dealing With Student Loans You Can’t Afford.

Finally, even if you struck out on the two options above it sounds as if you would be eligible to participate in a federal income based repayment plan and in that case your payment could be as low as $0 per month. The guide above has links and more information on this option.

Get Out of Debt Guy – Twitter, G+, Facebook

If you have a credit or debt question you’d like to ask, just click here and ask away.

If you’d like to stay posted on all the latest get out of debt news and scam alerts, subscribe to my free newsletter.

JPMorgan curbs business with banks to tighten controls

(Reuters) – JPMorgan Chase & Co, the biggest bank in the United States, will not take on more correspondent relationships with foreign banks in a move to comply with orders from regulators to tighten risk controls, including safeguards against money laundering.

Senior U.S. Democrat urges air strikes against Syria

WASHINGTON (Reuters) – The top Democrat on the House of Representatives Foreign Affairs Committee urged President Barack Obama on Friday to order air strikes against Syrian President Bashar al-Assad’s government after the apparent gassing deaths of hundreds of civilians.

Fort Hood shooter convicted of massacre, could get death penalty

FORT HOOD, Texas (Reuters) – A military jury convicted U.S. Army psychiatrist Major Nidal Hasan on Friday of killing 13 people and wounding 31 others in 2009 when he walked into a medical facility at Fort Hood, Texas, yelled “Allahu akbar” and opened fire on unarmed soldiers with a laser-sighted handgun.

Obama Takes Swipe At Mitt Romney

President Barack Obama took a swipe at his former rival Mitt Romney on Friday, saying Obamacare was actually the former Massachusetts governor’s idea.

“It used to be Republican idea. There was a Republican governor in Massachusetts who set it up. It’s working real well,” Obama said during a speech in Scranton, Pa.

On April 12, 2006 at a ceremony in Boston, Romney signed a law mandating that nearly every Massachusetts resident carry health insurance. Obama later cited that law as a model for his own health care reform plan, causing the move became a point of attack for his rivals as he ran for the presidency in 2012.

Click here for more on Romney’s change of heart on health care.