Ransom With a Flair for Customer Experience| By |Mikhail Dubov

Good experience means more money. Even for criminals.

WanaCrypt0r 2.0 WanaCrypt0r 2.0

The latest global cyber attack has already sparked hundreds of debates on topics from IT security to healthcare spending. Needless to say, we at Chattermill thought about what this says about Customer Experience. After checking our own computers are safe that is.

Attackers have hijacked thousands of computers with vulnerable versions of the Windows operating system. The Trojan virus spread quickly through phishing emails that tricked users into downloading an infected file. Once a computer is infected all personal files on the computer’s hard drive are encrypted and a modestly polite ransom note (image above) is displayed to the user.

This is old school ransom with a user interface – Ransom 2.0. It is not using the letters cut out of the newspapers and fortunately nobody is kidnapped but this kind of crime causes huge damage

This is old school ransom with a user interface – Ransom 2.0. It is not using the letters cut out of the newspapers and fortunately nobody is kidnapped but this kind of crime causes huge damage and puts lives at risk given the healthcare systems were infected.

Ransom Note

But what was fascinating about this 21st century ransom note is how the criminals have obviously learned from some of the best practices in modern software. Let’s break it down:

  • Clear messaging: the note obviously skims over the fact that it is a crime, does not mention the word “ransom” but other than that it is clearly written with concise instructions and answers to common questions for and by real humans.
  • Multiple languages: given that the attack targets some of the least sophisticated PC users, having it available in the native language is a nice touch.
  • Free Trial: Apparently, you can decrypt some of your files for free. “Try now by clicking Decrypt”. Admittedly we have not tested this feature and don’t really want to have to do so…
  • Contact Us link: I could not find how this works, potentially the attackers use some form of encrypted chat or email. Still, I can’t count how many times I’ve been on a website of an actual big company where contact information was conspicuously hidden.
  • Helpful UI: Explanation links, color-coded timer, button to copy the bitcoin address etc. There isn’t much functionality, but what’s there is as easy as possible even if the design is not great.

Bitcoin is far from user-friendly in its current iteration and I doubt most people who were affected by the attack would be savvy enough to be able to work it out in only 3 days. Still, it’s a huge improvement (from a Customer Experience point of view) compared to having to drive to a remote location and leaving a bag of money, in small denominations.

Why are criminals, particularly ones as so inconsiderate they would attack the NHS and potentially endanger human lives care about their victims’ comfort? Obviously not because of their warm and fuzzy feelings or because they want a nice review. It is because they know, good customer experience means more money. Even in their twisted business.

via Technology & Innovation Articles on Business 2 Community http://ift.tt/2pIpSpJ

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s