One of the most common weapons in the cybercriminal’s arsenal is the DDoS attack. According to the network security experts at Digital Attack Map, “A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They target a wide variety of important resources, from banks to news websites, and present a major challenge to making sure people can publish and access important information.”

While many have heard of these attacks or suffered from the outages they cause, most people do not understand the true business risks these incidents pose. To get a better picture of the threat, Internet security firm Incapsula surveyed 270 firms across the U.S. and Canada about their experiences with DDoS attacks. On average, they found, 49% of DDoS attacks last between 6 and 24 hours. “This means that, with an estimated cost of $40,000 per hour, the average DDoS cost can be assessed at about $500,000—with some running significantly higher,” the company reported. “Costs are not limited to the IT group; they also have a large impact on units such as security and risk management, customer service, and sales.”

Check out the infographic below for more of Incapsula’s findings on the actual costs of DDoS attacks:


Winter is suddenly upon us. In Buffalo, New York, four deaths have been attributed to a winter storm that dumped up to six feet of snow. The storm was blamed for three more deaths in New Hampshire and Michigan. Whether commuting to work, driving a long-haul truck or overseeing a fleet of vehicles, winter presents business hazards. To stay safe and on the road during inclement weather, experts advise keeping vehicles in top condition with frequent safety checks. The National Highway Traffic Safety Administration reports that “failure to keep in proper lane or running off the road” and “driving too fast for conditions” are the two of the most frequent driver behaviors causing accidents.

For safe winter driving, the NHTSA urges drivers to:

• Check your battery

• Check your cooling system

• Fill your windshield washer reservoir

• Check windshield wipers and defrosters

• Check floor mat installation to prevent pedal interference

• Inspect your tires

• Check the age of your tires

• Stay vigilant while driving

Long-haul truckers have special concerns. ShiftintowinterBC urges drivers to be on the lookout for black ice. Ice buildup on windshield wipers is a sign that conditions are favorable for black ice. Drivers should also slow down when approaching shaded areas, overpasses and bridges—portions of the road that freeze sooner than others. The organization recommends dropping speeds to match conditions, leaving more distance from the vehicle in front and pulling off the road if driving conditions become too extreme.

To avoid potentially dangerous situations, the Insurance Information Institute (I.I.I.) offers these winter driving tips:

  • Give yourself enough time to arrive at your destination. Trips can take longer during winter than other times of the year, especially if you encounter storm conditions or icy roads.
  • Bring a cellphone so that those awaiting your arrival can get in touch with you, or you can notify them, if you are running late. But avoid the temptation of using the phone while driving, as it can be a dangerous distraction—pull over first.
  • Drive slowly because accelerating, stopping and turning all take longer on snow-covered roads.
  • Leave more distance than usual between your vehicle and the one just ahead of you, giving yourself at least 10 seconds to come to a complete stop. Cars and motorcycles usually need at least 3 seconds to halt completely even when traveling on dry pavement.
  • Be careful when driving over bridges, as well as roadways rarely exposed to sunlight—they are often icy when other areas are not.
  • Avoid sudden stops and quick direction changes.
  • Be sure to keep your gas tank full. Stormy weather or traffic delays may force you to change routes or turn back. A fuller gas tank also averts the potential freezing of your car’s gas-line.
  • Keep windshield and windows clear. Drivers in cold-weather states should have a snow brush or scraper in their vehicle at all times. Your car’s defroster can be supplemented by wiping the windows with a clean cloth to improve visibility.
  • Do not activate your cruise control when driving on a slippery surface.
  • Do not warm up a vehicle in an enclosed area, such as a garage.
  • Keep your tires properly inflated and remember that good tread on your tires is essential to safe winter driving.
  • Check your exhaust pipe to make sure it is clear. A blocked pipe could cause a leakage of carbon monoxide gas into your car when the engine is running.
  • Monitor the weather conditions at your destination before beginning your trip. If conditions look as though they are going to be too hazardous, just stay home.



Here’s a provocative question for all the risk managers out there: what did you pay last year in workers compensation medical bill review charges?

Stumped? The answer may be more elusive, and more expensive, than it would initially appear.

Medical bill review is an essential service typically performed by an insurer, claims administrator, or outside vendor. The service provider reviews medical bills related to claims and audits the bills for accuracy, duplication of charges, and reasonableness. The costs for these services are allocated claim expenses, meaning they get charged directly to the claim file. This makes figuring out what you’re paying more difficult, as bill review charges tend to blend in with other expenses and bills.

Bill review charges are typically calculated in two ways. First, for each bill, there is a standard review charge. This could be a flat rate or calculated by the number of lines. Second, for bills that are outside of medical provider networks and are negotiated, a percentage of the savings are charged.

This last piece is critical, because it means that charges for a single bill review can be thousands and sometimes even tens of thousands of dollars.

Here’s an example. Suppose an employee injures his back and is forced to have surgery, but does so at an out-of-network facility. The hospital bills $200,000, an amount it has no illusions of receiving. As part of the medical bill review process, the bill is negotiated down to $50,000, netting a savings of $150,000. The charge for the bill review is a percentage of the savings, typically between 20-30%. If we assume conservatively that the rate is 20%, in this example, the charge for the bill review service would be $30,000. For self-insureds and those with large retentions, this a cost paid directly out of pocket.

This example highlights two important facts. The first is that network penetration is of prime importance—when a patient is treated at an in-network facility, the bill is generally reduced to the pre-negotiated rate at no cost to you. Second, the medical billing process in this country has created an immensely profitable enterprise for skilled medical bill reviewers.

This is not to say that paying a percentage of negotiated savings is unfavorable to a risk manager. This system aligns the interests of the bill reviewer and the party paying the bill. The more the bill reviewer can lower a bill, the more you save, even if you are ceding a percentage of that savings to claim handling expenses. And to be fair, the above scenario is more of an anomaly than the norm—in most cases both the savings and fees are much lower.

Still, the entire medical billing strategy employed by hospitals is rather discomforting. In what other industry are bills sent out and routinely negotiated down by 50, 60, or even 75%? Certainly, there are financial motives for hospitals, many of which are owned by private equity firms, to bill higher amounts than they ever expect to receive. Not only will the unsuspecting recipient occasionally unwittingly pay the full amount, higher bills allow hospitals increased write-offs for charity care and other unpaid services. And while fee schedules in some states have attempted to address this problem, this has further contributed to hospitals and insurers, each employing competing billing experts with the respective goals of maximizing and minimizing amounts paid for the same services. The net result is higher processing expenses for everyone.

Accepting the fact that the medical billing system in this country is the way it is, let’s return to the $30,000 medical bill review charge. As risk managers, we need to continuously be concerned with our expenses. At the same time, these fees represent only a percentage of savings, and theoretically, the higher the bill review charge, the higher the savings. But the knowledge of that fact may not be enough to eliminate the sticker shock. Because medical bill review services are so essential, the only recourse is a better negotiation of fees—paying a lower percentage of savings is a good start, and a hard cap on the maximum charge for a single bill is even better. Of course, the first step is sitting down with the data and figuring out how much you’re actually paying.

That way, when someone asks you the question about how much you’re paying, you’ll not only have the answer, you’ll also have a plan to make it less.


darkhotel cyber attack

Traveling business executives have been falling prey to cybercriminals acting through hotel Internet networks since at least 2009. In an ongoing, sophisticated “espionage campaign” nicknamed “Darkhotel,” thousands of people traveling through Asia have been targeted and hacked through infected hotel WiFi, cybersecurity company Kapersky Lab reported Monday. About two-thirds of the attacks took place in Japan, while others occurred in Taiwan, China and other Asian countries.

“For the past few years, a strong actor named Darkhotel has performed a number of successful attacks against high-profile individuals, employing methods and techniques that go well beyond typical cybercriminal behavior,” said Kurt Baumgartner, principal security researcher at Kaspersky Lab. “This threat actor has operational competence, mathematical and crypto-analytical offensive capabilities, and other resources that are sufficient to abuse trusted commercial networks and target specific victim categories with strategic precision.”

So strategic, in fact, that the hackers appear to know the names, arrival and departure times, and room numbers of the targets. While maintaining an intrusion on hotel networks, the hackers used this information, waiting until the victim checked in and logged on to the hotel Wi-Fi, then submitting their room number and surname to log in. When the hackers saw the victim on the network, they would trick the executive into downloading and installing a “backdoor” with the Darkhorse spying software disguised as an update for legitimate software like Google Toolbar, Adobe Flash or Windows messenger. Once installed, the backdoor can be used to download other spying tools, such as an advanced keylogger and an information-stealing module.

“These tools collect data about the system and the anti-malware software installed on it, steal all keystrokes, and hunt for cached passwords in Firefox, Chrome and Internet Explorer; login credentials for Gmail Notifier, Twitter, Facebook, Yahoo! and Google; and other private information,” Kapersky explained. “Victims lose sensitive information likely to be the intellectual property of the business entities they represent.”

While the company has identified the means of attack and many of the victims, the hackers carrying them out remain active, the company warned. The attackers did leave a footprint in part of the malicious code—two Korean characters—but, while the cryptographic skills suggest there may be a government entity behind it, some elements of the attacks could be performed by the most basic cybercriminals, and no one has been identified.

Kapersky Lab offered tips to guard against Darkhotel and other cybersecurity threats targeting travelers:

When traveling, any network, even semi-private ones in hotels, should be viewed as potentially dangerous. The Darkhotel case illustrates an evolving attack vector: individuals who possess valuable information can easily fall victim to Darkhotel itself, as it is still active, or to something similar to a Darkhotel attack. To prevent this, Kaspersky Lab has the following tips:

  • Choose a Virtual Private Network (VPN) provider—you will get an encrypted communication channel when accessing public or semi-public Wi-Fi
  • When traveling, always regard software updates as suspicious. Confirm that the proposed update installer is signed by the appropriate vendor
  • Make sure your Internet security solution includes proactive defense against new threats rather than just basic antivirus protection