The War on Ransomware

THE RANSOMWARE THREAT IS ESCALATING AND IS A THREAT TO OUR WAY OF LIFE…

PDF Version of this Post Available Here: https://www.pcpitstop.com/PDF/Ransomware/
Who is Rob?
rob

Hi. I’ve had a great career and a great life. After college, I moved to Austin, TX to work for Texas Instruments (TI) responsible for international material requirements planning. I got my MBA at the University of Texas, and was promoted to run sales, marketing and support for TI’s Latin American Division. Those were two great jobs.  The places I traveled, the people I met, and the things I learned.

TI had introduced the Texas Instruments Personal Computer and through that, I met a pony tailed gentleman named Ted Waitt. We struck up a friendship, and he would later create a computer company called Gateway 2000. I packed up my bags, and moved to South Dakota and became Gateway’s first director of marketing. Gateway was a rocket ship, and I like to think that I provided some of the fuel that made that ship soar. I left Gateway in 1999 as the SVP of Gateway Consumer responsible for sales, marketing and support worldwide.

I then started my third and last job, CEO of PC Pitstop in 1999. We created PC Matic in 2009, and put it on TV in 2010. In 2013, taking a page from Gateway’s page book, I put myself in the TV spots. Now I am the PC Matic guy.

PC Pitstop timeline

We’ve had a lot of curves and turns in our existence. It certainly wasn’t my plan to have the world’s best security. And I would never have predicted that ransomware would become a threat to the way we live our lives. But here I am. We have a plan to defeat ransomware. Please take a look because it is important.

The Ransomware Threat Explodes

Ransomware is on the rise in a scary way. The FBI has received notifications of $24M ransoms paid for all of 2015. That number jumped to over $200M in Q1 2016. The alarming part is that this is only what has been reported to the FBI. To put this in perspective, that is more than the food chain giant, Chipotle, reported as net income in the last three quarters (Yahoo Finance). That’s the magnitude of the problem.

fbi report

We are so dependent on computing to run our lives, our businesses and our government that we have had little choice but to pay the ransom. The more ransom we pay, the greater the threat becomes. It is happening as we speak. Every strain of malware that we block, is a little more sophisticated then the prior one.

Ransomware is proof that we really have no security in our technology infrastructure. We have developed, right here in the USA, the only credible commercial offering that can effectively counter the ransomware threat.  The ransoms paid are the oxygen, and if we can stop paying the ransoms ultimately the threat will die off. That‘s nice to think about it, but we are far from that. But to be clear, that is the goal. We need to make ransomware extinct.

On the other hand, if we are unsuccessful, then ransomware will become ubiquitous and the cyber terrorists will successfully hold our economy and our way of life for ransom. The stakes are high.

ransomware google trends

Why me? I think that.  I was a successful executive at Gateway Computers responsible for sales and marketing and support worldwide. Certainly my resume has nothing to do with software and security, although I enjoyed programming computers as a boy and throughout college. Back when we launched PC Matic in 2009, we had black list security just like everyone else. But then our customers started getting infected. It was an early form of ransomware called the FBI and CIA viruses. In fact, both my wife and my Dad got infected despite having PC Matic running. Black list and PC Matic had failed my family. We had to figure out a way for our customers not to get infected and we made Super Shield which is still today the only white list approach to end point security.

I own 90% of this company and I am the only investor. The problem is that investors only care about money. We are in a war, and yes we need money to fight the war, but the goal is to win the war. I believe that we can win this war, and then, and only then will we make a lot of money. That‘s why all PC Pitstop employees have stock options.

Our black list competitors all have investors. They view security as a cash cow and they are milking the cow. That‘s why every security company except ours does their research and development outside of the US. They care more about the cost of making their product than the quality of the product. They care more about money than winning the war. We already have the best product and we stop ransomware. But there is more to do. As mentioned above, the cyber terrorists are evolving and we must evolve with them. Our customers do not get infected, but if they ever do, we will NOT throw up our arms and say “Oh well”. A customer getting infected is a big deal and we will figure out why they got infected with our product so that other customers do not get infected. We will continue to invest in making our product better and better until the war is won. Full stop.

We got the best product and the world is not beating a path to our door. Don‘t get me wrong, we appreciate our loyal customers that have purchased Tech Sentry and PC Matic. I appreciate the people that shake my hand in the airport, and the occasional “Selfie with a Stranger“, but we have to be protecting a lot more computers in order to win the war. We have a marketing problem.

Isn’t that ironic? At Gateway, I started as the Director of Marketing and then left as the SVP of Consumer. Aside from Ted Waitt, Gateway‘s charismatic founder, I would say a lot of the marketing direction of the company was determined by myself. And here I have a marketing problem, which I have not quite cracked. But crack it, we will.

marketing manifesto

Our Customers

I have often thought that our #1 asset is our proprietary white list of good files and our algorithms that allow us to block all bad files while maintaining a 99.9% accuracy on good files. Under further analysis, we have another asset that is far more valuable to the company – our customers. We need to communicate with our customers more deeply and frequently.

I am proud of the fact that our customers do not get infected with ransomware while the world around us is in a panic. At times, it feels like little consolation. For example, I know that I will never be infected because I check for my Super Shield icon in the tray before I begin work each morning. However, the school system that my kids attend was infected with a nasty and highly publicized ransomware. Basic functions such as grading and attendance were impacted until the ransom was paid. Ouch.

Our customers are our most important advocates in the war on ransomware. They already write fantastic reviews on Facebook and Amazon, but now we need to ask them to do one more thing. They need to tell everyone they know how they are protected by the world’s best security software. That’s right everyone. Their friends, family, co workers and so on. Everyone needs to get protected now.

TV Advertising

As Steve Jobs would have put it, we’ve made a dent in the universe with TV advertising. We have a way of communicating with the world. Shortly after the launch of PC Matic, we began advertising on TV in 2010. Our big break happened in October 2010 when we had a successful meeting with Fox News. They took a chance on us, and over time we had to prove that we would always pay our bills. To be clear, you can lose your butt in TV advertising, and we had to prove that we were not one of those companies. Once we could put Fox News as a credit reference, we were able to really grow. I want to thank Lisa, Jenna and Michael for being great people to work with at a great company.

At this point, we have a growing and profitable consumer facing business. It is this highly profitable business that is funding our future development into white list security and our expansion into the business and government segment.

Our focus has been exclusively on cable news. We are on Fox News, MSNBC, CNN, Headline News, CNBC, Fox Business, Bloomberg and others. Cable news is highly skewed to older white males regardless of party affiliation. This is our sweet spot, and whenever we have strayed from this core, it has allowed us to grow but at the expense of cash balances.

Our message has increasingly focused  ransomware, the threat to the nation, white list security and Made in America. We have come a long way from the daughter who needs her father to fix her computer while watching a football game. We will continue to invest in new creatives that hopefully deliver our message a little clearer or more stridently.

Testing Results

In late 2013, I attended the Virus Bulletin Conference in Berlin Germany. At that point, we decided that we would test our white list with Virus Bulletin and the VB100 RAP (Reactive Proactive) test. In July 2014, we received the highest score on both the reactive and proactive axes. Our sales flew and we are happy but not satisfied. It is one thing to beat all of our competitors by wide margins, but the market wants total protection. That is the potential of the white list, to block every malware current or in the future. The white list is software that we are continually perfecting. We have won two VB100 tests in a row. But we are still not perfect. We are working harder than ever to prove not that we are the best, but we are perfect. And on top of that, with negligible false positives (< .1%). We believe we are so close and we will submit in late June to Virus Bulletin and hopefully (cross your fingers), we will see the result in September. I wish that getting a perfect VB100 RAP score was the promised land but unfortunately it is not. There are flaws in the Virus Bulletin test. There are two big ones. First, despite the fact that the test is free, many of our competitors including some of the largest ones routinely do not participate. Secondly, Virus Bulletin does not categorize their samples. Despite having a huge sample set, one cannot discern which product blocks the ransomware samples best or worst. This is what the market wants. One comprehensive test that has every viable product against every category of malware from adware to ransomware. The test must be transparent, fair, objective and administered by an independent third party. There must be a feedback loop so a product can dispute a categorization or a sample. No one vendor including us can influence the test nor the samples that are used. I am making this my mission. First to create the test, and then to win it. If the stars line up right, it could happen on the first time. If not, I am sure we will get it the second time. As I said, we are continually investing in making our product better. If the test points out a flaw or hole, we will close it and perfect our white list. It‘s what we do.

dec vb100

Synnex

Earlier this year, we created a new business product line and launched it through Synnex located in South Carolina. A not so well  known fact is that we do our malware research and key development activities in South Carolina. Synnex out of Greenville, SC seemed like the perfect match. Synnex and their network of resellers are a critical part of winning the war. I view our resellers as the front line to show the world that we can win the war against ransomware. There is hope and we can secure our endpoints, our servers and our data. Synnex, unlike Gateway, is a distributor in the channel. They sell to resellers and then the resellers sell to real customers. It takes time and money to make this happen. We are investing heavily here. If you are a reseller and reading this, please sign up. We cannot win the war without resellers. Lots of them.

IDG

If you think back into the 90‘s, any PC publication that ended with the words Week or World was owned by IDG. Think Computer World, PC World, Information Week, and so on. They were once one of the most profitable corporations on earth. I lament the fall of the PC publications and more importantly computer related journalism. At Gateway, if a journalist took a liking to your company or your products, it was pure gold. That no longer exists. When we had the highest security score on an important test in 2014, there was not one mention from the PC press. Not even a yawn.

Under that backdrop, I met with an colleague that once worked for me in Gateway Europe. He now is in senior management in IDG. We forged a partnership to create content about white listing and the ransomware threat. Our first project was a comprehensive survey of IT security in America. The findings were of 211 American IT professionals. The highlights:

• American IT invests heavily in security both at the hardware and software level.
• Despite this investment, 46% of respondents reported a severe impact security event.
• The most respected security test is Virus Bulletin. Close second to AV Test
• The most trusted source for security decisions were resellers with a close second to internal IT staff
• 92% of respondents would consider a white list solution

The money quote is “The market is ripe for a white list solution.” They are also working on another article called “White listing is the new Black”.  Shortly after that, I learned of another organization in IDG called IDG Enterprise. We are working on them on two more articles, one of which is an interview with me. More importantly, they are working with us to amplify the message. They are using technologies called BlabChat and Advocacy Accelerator. Despite their corny names, I sure hope they are effective. If not, we will keep on trying until we figure out how to get the message out. Giving up in a war is not an option.

Research Firms

In May of this year, we forged two more partnerships with Forrester and Gartner two of the leading research and analyst firms in the nation. What I have learned is that Forrester and Gartner are relationship firms. They have relationships with all of my competitors and many of them for decades. It is not reasonable to think a small company to come in so quickly and change the landscape. I am a patient man and I believe that I can win their respect but it will take time. Sometimes it is hard to be patient when fighting a war.

canary

Conclusion

One of Gartner’s top security analysts told me that ransomware is the canary in the coal-mine. Coal miners often bring a canary in a cage down in the mine when they start the work. If the canary dies, it is an early warning of a gas leak, and if they don’t get out, they all might die. I think his message is that ransomware is an early warning of larger dangers ahead. It’s painfully clear the world needs better security. We have it, but need your support to stop the gas leak before the explosion occurs.

 

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles