Roresishms

A Virtual World of Live Pictures.

You Are Here

Technology

ISP thwarts cyberterrorists

no Comments

[The Crisis]

“We believe that someone calling himself ‘Mr. Zilterio’ may have accessed our customer records, to include credit card numbers. He is threatening to release that information to our customers and to the press if we don’t pay him a large amount of money”. “

That was the initial call I received from Marc Benzakein, one of the founders of linkLINE Communications, a sprawling, relatively small (15,000 subscribers), but profitable Internet service provider based in Mira Loma, California (note: in his business, “profitable” is strange).

In that phone call and in a subsequent meeting with the linkLINE crisis management/response team, I learned that:

* According to federal authorities and information available to anyone searching the Internet for “Zilterio,” the same person may have extorted as much as $4 billion from other organizations that wanted to sweep the situation under the rug for fear of losing business. .

* linkLINE, under the direction of law enforcement, had been pressing Zilterio for some time to identify how he managed to circumvent his security. In the process, they traced the bank account Zilterio wanted to transfer money to via Russia (where he said it was from) to Yemen, a known hotbed of terrorism.

* The ISP felt strongly that it was ethically and morally wrong to give in to what could clearly be construed as “cyberterrorism.”

* linkLINE had taken steps to ensure that the security hole that Zilterio may have exploited was plugged.

* A significant loss of customers could be devastating for linkLINE due to its still small size.

[Crisis Response Team Meets]

As a crisis response team, we agree that:

* linkLINE customers had to be notified of the threat before Zilterio contacted them. This meant that the entire “response package” had to be ready between our Thursday afternoon meeting and the following Monday night. We all wanted to move even faster, but double-checking some security preparations prevented any further haste. The team member in contact with Zilterio felt that he could hold him off for as long as it took.

* The best approach, very much in keeping with linkLINE’s operating philosophy, was to sympathize with the concern this might cause customers, provide them with the information they would need as a result of the situation, and at the same time call them to join linkLINE in the fight against cyber terrorism.

* Close coordination with the security bureaus of the four major credit card companies would be needed so that (a) linkLINE customers have as little work as possible regarding the potential exposure of their credit card numbers and (b ) that linkLINE numbers relationships with credit card companies remained strong.

Pre-Announcement Activities

During three intense days of preparation:

* linkLINE management contacted the four credit card companies, who were very appreciative of linkLINE’s proactive response, agreed to especially monitor linkLINE customers’ credit card numbers for fraudulent abuse and They assured linkLINE that customers would not be held responsible for any such fraud.

* A client alert letter was drafted for distribution on day 1

* A press release was written for distribution at dawn on the 2nd

* Drafted a customer Q&A session for posting on the linkLINE website on the 2nd

* Created a special Customer Service Answer Guide and trained customer service representatives on its use.

* The linkLINE crisis response team identified other key stakeholders, in addition to customers, who might need to be called or contacted when the news broke, and prepared to make those communications.

* Marc Benzakein was trained to be the main spokesperson on the situation, with another member of the team as a backup spokesperson.

The announcement and the results

Zilterio did not act during the preparation period and linkLINE was able to launch its crisis communication campaign.

* In the late afternoon of Day 1 and early morning of Day 2, respectively, the Customer Alert was sent via email and the PR Newswire press release (California circuit only, as the 95% of their customers were in-state and they knew that even the California circuit also visits Internet news sites and other key outlets).

* While customer call volume increased, it was not overwhelming; linkLINE had contingency plans for what to do if a backup occurred, but the customer’s alert, combined with the customer’s questions and answers, seemed to satisfy the vast majority of customers.

* Most of the calls and emails you received were very appreciative of linkLINE’s response. Some examples:

* “In today’s world of competition and LOVE for money, very few companies are honest when they have a problem that could affect their business. YOU ARE THE EXCEPTION. Thank you for letting us know the truth. Thanks to people like you, I feel very sorry safer on the NET. THANKS AGAIN.”

* “I would like to commend you on your handling of the Zilterio blackmail incident. Prompt and full disclosure via email and your website is the exact way to go. This kind of professionalism makes me happy to continue with linkLINE as my ISP. Nothing is 100% secure, what differentiates the professionals from the rest is the response to a security breach. Their response is up to the mark in all aspects.”

*There were some people who were initially very unhappy, but the linkLINE executives did a great job of communicating in a caring and informative manner that made customers feel more comfortable.

* Some credit cards were suspended voluntarily (by customers) or involuntarily (by banks, when they were also ATM cards), but even those customers were understanding. And as part of their preparation, linkLINE made it easy to switch to another credit card (securely) or use another payment method.

Two weeks later, linkLINE had no net customer loss and continued to enjoy its usual level of growth thereafter.

Leave a Reply

Your email address will not be published. Required fields are marked *