There were plenty of companies, both old and new, at this year’s Mobile World Congress in Barcelona that offered creative new ways to enhance the mobile-phone multimedia experience. From semiconductor chips to software applications to new online services, a dozen of the hottest companies at the show had been picked up.
by Aaron Ricadela
It’s nearly enough to make you long for the days of typo-ridden e-mails pretending to come from your bank.
As Internet users display more of their personal information on social networking Web sites, and office workers upload more sensitive data to online software programs, computer hackers are employing increasingly sophisticated methods to pry that information loose. In many cases, they’re devising small attacks that can fly under the radar of traditional security software, while exploiting the trust users place in popular business and consumer Web sites.
In September, the names and contact information for tens of thousands of customers of Automatic Data Processing and SunTrust Banks were stolen from Salesforce.com CRM, which provides online customer management software for those two companies. The incident occurred after a hacker tricked a Salesforce employee into disclosing a password.
The assaults on consumer sites are getting more unnerving as well. A security researcher reported Nov. 8 that hackers had hijacked pages on News Corp.’s social networking site MySpace, including the home page of singer Alicia Keys. Clicking nearly anywhere on the page would lead viewers to a Web site in China that tries to trick them into downloading software that can take over their PCs. “We’re going to see a lot more of this in the consumer space,” says John Pescatore, an Internet security analyst for Gartner IT.
These kinds of targeted attacks on Web-based services may constitute the top computer security threats of 2008, according to security experts. “One of the biggest challenges of 2008 will be, how do you do business online when you know there’s a bad guy in the middle?” says Chris Rouland, chief technology officer in IBM’s Internet security systems division. “The personal computer isn’t the target of 2008; it’s the browser,” he says. IBM sees the landscape changing profoundly enough that the company plans to spend $1.5 billion next year to develop security suites that can address a broad array of threats rather than different products aimed at specific security risks.
Although a rash of e-mail-borne virus outbreaks in recent years have made most PC users wary of opening attachments or clicking on links in suspicious messages, it may be harder to prevent attacks that exploit the Web-based lists of friends and business contacts that users store in widely used services and social networks. “We’ve definitely seen the bad guys use malware to go after friends lists on MySpace and Facebook,” says Pescatore. “They’re exploiting trust.”
By targeting a relatively small number of users at a time—tens of thousands vs. millions—new hacking strategies can elude efforts to detect them. Hackers also are employing more professional approaches to maximize damage without being caught. These include division of labor by hacking expertise and wider use of black-market sites to hire programmers and purchase professional malware-writing tools.
Hackers Shift Attacks
Factor in the growing variety of places where people are connecting to the Internet—from work, from home, from Starbucks —and the growing array of devices they’re using to do so, and the coming year could present a potent brew of problems.
Although traditional PC software such as Microsoft’s Windows operating system and Office programs still present the broadest target because of their hundreds of millions of users, hackers are increasingly attacking online services, says Scott Charney, Microsoft vice-president for trustworthy computing. Worse, traditional virus attacks that crash PCs or issue floods of commands to overwhelm Web sites are being augmented with malicious software that can swipe personal information, such as bank and credit-card numbers.
To be sure, it’s in the interest of companies that sell security software to maximize fears that there’s a cyberthreat lurking behind every mouse click. At the same time, the sheer size of attacks is getting larger, and the Web’s incursion into nearly every facet of daily life presents attackers with more ways than ever to strike.
Cellular and Corporate Caution
For consumers, it’s not just their profiles on social networks that can be mined for personal information. Sophisticated smartphones that run full-fledged operating systems and e-mail applications, and hence store more valuable data, could present tempting targets. Security researchers have found numerous ways to break into prominent mobile-phone platforms from Symbian and Microsoft, and quickly demonstrated ways to hack into Apple’s new iPhone. “All of a sudden on that phone is the stuff the identity
thieves go after,” says Gartner’s Pescatore, noting security vendors have been hyping the cell-phone threat for years, while the damage hasn’t amounted to much.
In the corporate world, criminals are hunting for more of the valuable information stored on companies’ servers. A computer breach at T.J. Maxx in 2005 and 2006 may have handed hackers access to credit- and debit-card numbers for up to 94 million of the retailer’s customers—double what the company originally reported, according to court documents filed by Visa and MasterCard in October.
Cyberthieves are also attacking corporate databases in search of undisclosed financial data or proprietary design and engineering information that can be sold, says Phil Dunkelberger, CEO of security software company PGP. “The really big money now is going to be in stealing intellectual property,” he says.
Viruses: More Sophisticated Bait
Hackers are also unleashing viruses that can recruit armies of consumer PCs into larger networks of remote-controlled machines. These “botnets” can distribute spam, attack database software, or keep a record of users’ keystrokes. One of the worst, Storm Worm, has infected tens of millions of PCs this year.
Even the messages containing virus payloads are getting slicker. In the past, as compared with the sophistication of the viruses, the e-mails carrying them were rather crude. That made users less likely to follow their instructions, says David Perry, director of global education at security software vendor Trend Micro. “These were really well-written viruses, but nobody in the U.S. would click on them because they sounded like they came from Boris and Natasha,” he says, referring to Cold War characters from the old Rocky & Bullwinkle cartoons. Now, he says, “they’re hiring professionals” to write the e-mails.
Given the assortment of nasty behavior befouling the Internet, what’s a PC user to do? BusinessWeek.com consulted the experts, who offered the following advice:
- Don’t give away any valuable or sensitive personal information on your MySpace or Facebook profile, or within messages to other members of the network. And don’t click on any links in social network messages from people you don’t know.
- No reputable company will ask for your password, account number, or other log-in information via e-mail or instant message.
- Use one of the many antivirus, antispyware, and firewall programs on the market. Often, vendors offer all three functions in a single package. And many Internet service providers offer them free with your monthly subscription.
- Upgrade your browser to the most current version. From Microsoft, that’s Internet Explorer 7, Mozilla’s Firefox is on version 2, as is Apple’s Safari browser.
- Pay attention to the messages from Windows that pop up on your screen, especially in the new Vista operating system. They often contain helpful security information that many users overlook.
- Turn on Windows’ automatic-update function to get Microsoft’s regular security patches.
By Rachael King
The web has long been hailed as the next great marketing frontier for entrepreneurs. But even with the best Web site, it’s tough for little-known companies to attract online visitors. Sure, pay-per-click campaigns and search engine optimization strategies are a start, but they won’t do much to help you find the customer who isn’t aware he needs your product or service.
That’s where a whole host of new technologies comes in. These low-cost marketing and communications tools let you reach customers and clients across the Web—in many cases, even those who don’t know they’re looking for you. The idea is to transform a static Web site into a constantly evolving experience, better engaging customers with audio, video, photos, and even community-generated content.
Two of the best known of these tools, Webcasts and blogs, are already being used by more than 400,000 small and midsize businesses, according to a March study by consulting firm AMI Partners. About 260,000 more companies are using podcasts. That’s 660,000 entrepreneurs maximizing the capabilities of the Web to market and advertise themselves to new customers. After reading the following profiles of five who’ve used these tools successfully, maybe you’ll be convinced it’s time to make it 660,000—and one.
TRAMP THE GRAPES, WRITE THE BLOG
In 10 years since starting the Dover Canyon Winery, Mary Baker and Dan Panico have learned to expect surprises. But last March, when Baker heard someone yelling from her driveway at 3:30 a.m., her heart pounded. “Truly freaked out, I awakened Dan and I suggested (in case it was a homicidal maniac) that he should go check it out,” wrote Baker on her blog the next day, adding that the maniac turned out to be a truck driver whose rig was stuck on the road to the Paso Robles (Calif.) winery.
Baker’s humorous and informative posts give readers a peek into life at the two-person, $400,000 winery, which makes zinfandel and syrah. Mail-order sales have almost doubled in the past year, and the blog is an inexpensive way to reach the growing number of online buyers. “It’s more important than ever to create a personal connection,” says Baker.
Baker started her blog in April, 2006, using a software package called TypePad Pro that costs $149.50 a year. She got the blog up in a half-hour and spent two weeks tweaking the design. “It grew into this place where I could be creative and tell what we’re all about,” says Baker. Beyond the daily happenings at the 10-acre winery, she posts articles on sulfites and tannin, grilling recipes, news about Paso Robles, and anything else she feels might pique her readers’ interest. That’s just what a blog such as hers should do, says Debbie Weil, owner of WordBiz.com, a blogging consultant in Washington. “Nobody cares about your widgets,” says Weil. “People care about what they can do with your widgets or the lifestyle surrounding your widgets.”
To get people reading her blog, Baker drops a postcard with the blog’s address into bags with customer purchases. She includes a link in the winery’s e-mail newsletter, and has joined a community of bloggers who in turn link to her. Weil suggests building an audience by making insightful comments on the feedback sections of other blogs and including your blog’s address. Just be subtle: Asking influential bloggers to trade links, says Weil, is “totally bad form.”
It’s a good idea to post at least a couple times a week, but Baker often doesn’t have time. TypePad allows her to schedule posts, so she can write several entries at once that appear several days apart. As she juggles the many tasks of running a winery, Baker takes comfort knowing she can at least blog about them in the morning.
SIT DOWN. LOG ON. TALK RECRUITING
The folks at Hireability wanted to get people talking about their Londonderry (N.H.) recruiting software and services business. So they created a place for recruiters to meet and chat.
In May, the $1 million, 12-person company launched The Recruiting Network, a social networking site. In two months, some 500 recruiters signed up, with about 90% creating profile pages detailing their specialties. Members can link to friends in the network, post videos and blogs, and participate in discussion forums about everything from techniques for finding candidates to job interviews gone horribly wrong. “We’re hoping that, because we’ve put in this time and energy to build a community, we have another vehicle to promote and highlight our offerings,” says Craig Silverman, HireAbility’s head of sales and marketing. His employees post company news in the site’s forums, and information about HireAbility is displayed in Silverman’s blog and in a section of the site called the Recruiter’s Toolbox. Silverman says a handful of the site’s members already have become HireAbility customers.
Silverman built the site in about a week using a free service called Ning. (Others include PeopleAggregator, GoingOn, and CrowdVine.) Creating a more highly customized site could run up to $100,000 for developers, servers, and software.
HireAbility announced the site’s launch in the monthly newsletter it sends to 35,000 recruiters. Several of its employees have profiles on the site, while others post questions on forums and answer members’ questions. Silverman says he’s happy with the response, but that launching such a site is like having a housewarming party before you have all your furniture—you have to trust that the guests have as much vision as you do.
THE WIKI AS ONLINE CONVEYOR BELT
Much as Henry Ford’s assembly line let him crank out the Model T efficiently, Dan Woods employs a strict division of labor at Evolved Media in New York, but with a digital twist. The $1.2 million, five-employee company creates technology-related books, guides, and marketing materials. Woods coordinates about 20 editors, writers, project managers, and graphic designers around the world.
He gets a big assist from a wiki, online collaboration software that lets anyone with access to a particular Web site edit content. Woods uses TWiki software (some Linux knowledge required) to create about 50 secure online workspaces since starting Evolved in 2002.
Woods divides a project into small chunks, and the wiki functions much as a conveyor belt. One person may conduct interviews and post digital audio files. An alert is then sent to the transcriber, who downloads the file, transcribes it, and posts the results. Writers then use that information to craft chapters, and so on. Clients sign on via Evolved’s Web site to see the progress of their project. TWiki can be downloaded free from http://www.twiki.org, but there are other costs. Woods’ server runs about $150 a month, and he has a systems administration consultant come in occasionally to check the wikis and deal with any problems.
Small companies that don’t want to run their own servers have other options. PBwiki and Netcipia are two free hosting services offering private wikis. Other companies, such as Socialtext and Atlassian, offer wikis for $49 to $449 a month with features such as extra security. “Hosted services are excellent for quick sites,” says Woods. “But I have multimedia files that are very large, and the access control [offered by hosted services] is not nearly as good.”
Now, with editors and contractors working together more efficiently, projects get published in a fraction of the time it used to take. Seven people recently completed a 452-page book in six months, instead of the 18 months to two years it might have taken in the past. Says Woods: “I couldn’t run my business without it.”
Christopher Penn belts out the news with the smooth delivery of a professional radio broadcaster. But he is actually chief technology officer of Edvisors Network, a 20-person, $6 million company in Quincy, Mass., that works with banks to market student loans. Nearly every weekday since 2005, Penn has recorded a 10-minute podcast about financial aid and scholarships for college students and their parents.
Each episode attracts about 3,500 listeners in the 90-day period Penn tracks responses. Edvisors earns fees by referring people seeking loans to banks, and Penn credits the podcasts with boosting revenues by about 5% last year.
Penn spends an hour a day on the podcasts. To record, he uses a MacBook Pro equipped with GarageBand podcasting software, broadband Internet access, and a $99 microphone from a music store. He has built an audience by e-mailing people who receive the company newsletter, and by setting up a blog, FinancialAidPodcast.com, on which he posts notes about each episode. The blog also helps people searching on Google to find the podcast, as most searches are built around text, not audio. Penn registered the podcast on Apple.com, so people can find it via iTunes. And in 2006, Edvisors started an affiliate program to syndicate the program to other Web sites. Penn also plays music from new artists at the end of each show. “When you promote someone else, they are likely to promote you, too,” he says, adding that 5% to 10% of traffic comes through links from those musicians’ sites. After about 550 episodes, Penn is going strong: “I still look forward to it, and I still have lots to talk about.”
THE LITTLE AD THAT COULD
Dirk slaps a post-it note on Brent’s backside that says “reboot.” Brent retaliates by stapling Dirk’s tie to the desk, causing him to fall backward when he tries to stand. So begins what the two twentysomething interns call Cubicle War 2006.
Dirk and Brent aren’t real employees, of course. They are characters in a two-minute online video promoting Boulder (Colo.) software maker Windward Studios. The video, posted on YouTube and Digg.com, has been viewed more than 2 million times since 2006 and won an award for creative excellence in advertising from the American Advertising Federation in 2007. David Thielen, CEO of 12-person Windward Studios, says the company had a 20% increase in downloads of its demo software in the six weeks after the video was posted. And 2006 revenues jumped 100% from the prior year, to $1 million.
Thielen doubts he could have achieved such excellent results had he used a traditional campaign. Aware that software developers are largely immune to direct mail or phone pitches from companies such as Windward, Thielen thought that a funny video would be a better way to promote his software, Windward Reports, which takes information such as customer names from databases and puts it into templates. For $2,500, Thielen hired Corner Booth Productions, a video production company in Spokane, Wash., to make a humorous video about what even he calls “the absolute most boring software segment in the universe.”
Thielen liked the initial script but surprised Corner Booth’s Luke Barats and Joe Bereta by saying it mentioned Windward Reports too many times. The final version included only one reference. Thielen posted the video on Windward’s site, and urged by the enthusiastic response, had it up on Digg.com and YouTube within a few days. Word of mouth took care of the rest.
Doing it yourself can be cheaper, depending on which digital video camera, computer, and editing software you choose. Posting a video is free on YouTube, Revver, and about 70 other online video sharing sites.
Cubicle War boosted the careers of Barats and Bereta as well. The pair signed a one-year development deal with NBC, and their rates are now well beyond Thielen’s advertising budget. Says Thielen: “Once we realized it was a giant hit, we should have contracted for three more.”
Source: BusinessWeek Online