Verint Engage 2019: AI, security and genius hacker stories
Verint Systems is a New York-based analytics company, founded in 2002. The company sells software and hardware products for customer engagement management, security, surveillance, and business intelligence. Its products are designed to assist clients in data analysis, specifically large data sets.
We attended the company’s US user event, Verint Engage 2019 in Orlando, Florida in May.
Verint’s products include speech analysis software (used to analyse call centre recordings), IP surveillance cameras and “smart” video surveillance analysis software.
Verint’s Reliant software provides law enforcement agencies with the ability to monitor and analyse voice, video, and data for a large number of “targets” on all types of large, complex computer networks, in order to collect evidence for Communications Assistance for Law Enforcement Act (CALEA) wiretaps. Multiple national governments including the US, UK and various European, Asian, and Pacific nations have purchased millions of dollars in Verint surveillance software and equipment.
It is obvious that these type of sophisticated analytics capabilities are becoming more useful and attractive to banking and financial institutions worldwide.
Verint has also received millions of dollars in government contracts to outfit airports, ports, and government facilities with intelligent video surveillance systems with tracking, biometrics, and video analysis features. Unisys chose Verint as a subcontractor on its contract with the Transportation Security Administration, to install video surveillance devices in secure areas of airports across the US.
In its most recent financial statements, Verint came out with quarterly earnings of $0.73 per share, beating the Zacks Consensus Estimate of $0.62 per share. This compares to earnings of $0.53 per share a year ago.
This quarterly report represents earnings of 17.74%. A quarter ago, it was expected that Verint would post earnings of $1.01 per share but it actually produced earnings of $1.08, delivering 6.93%.
Over the last four quarters, the company has surpassed consensus EPS estimates four times posting revenues of $324.16 million for the quarter ended April 2019, surpassing the Zacks Consensus Estimate by 2.27%. This compares to year-ago revenues of $291.97 million. The company has topped consensus revenue estimates four times over the last four quarters.
Verint’s Virtual Assistant uses artificial intelligence (AI) and machine learning (ML) to create an easy engagement experience. “Our conversational AI can predict what a customer wants, personalise the interaction, and determine the best next action to deliver a successful outcome,” it says.
President, CEO and chairman of the board of directors, Dan Bodner, speaking at the Engage 2019 event said: “Times are tough for many organisations out there, they cannot afford to hire many new staff so they are increasingly turning to AI solutions, which are following an increasingly upward popularity with the users who interface with them. Many people prefer to interact with AI when they get a great user experience and their questions answered quickly and accurately. Millennials particularly prefer to interact with AI and robo-chats because that is what they are used to.”
According to Dan McCann, CEO of SymTrain, who was attending the event: “Banks used to be able to make quick lending decisions when they knew their customers personally. You could walk into your local bank, talk to the bank manager and get a decision within a within a day or two based on his or her local know how. Surely, this day and age, when every bank has ten times more knowledge on all of their customers, all processes should be faster? But they are not.
“The more we move from a world where phone was the core communications component, maybe 15 to 20 years ago, to now, when digital interactions are becoming the high growth area, the transactions users want information about are becoming more complex. And that’s what Kate Leggett of Forrester, the analyst, was saying in a seminar this morning – the users who do want to talk to a human need the call centre to have their background information provided through AI, and through digital transactions. These are all the repetitive tasks that humans used to have to dig out of unfriendly call centre CRMs and now these are all moving to digital. So now what’s happening is that when a customer or a prospect has a real challenge or a real issue, that’s the only time they’re picking up the phone and looking for a human.
“So those humans have to be more highly skilled, they have to be able to handle more complex transactions. And they end up often talking to customers who just spent the last week and a half or two weeks navigating a digital journey. To answer their questions they have to be intelligent about that – they often repeat everything they need to tell the agent, learned over those two weeks, in the course of a three to four minute phone call. But the bank should be providing new data, new information and answers quickly based on the analysis of available data by AI. So it puts a lot more than what puts a lot more complexity onto the human element.”
Cybercrime: how changing a phone number can change everything
Eric Michaud, CEO and founder at RiftRecon, took part on a very interesting panel discussion on hackers. Amongst other revelations he made included fascinating detail – since 2014, an international cyber criminal group has been targeting banks around the world and has made off with well over $300 million – by compromising the banks’ systems with malware and using the information they have mined. The outfit was caught by Kaspersky Lab, according to the New York Times.
The gang, which includes Russian, Chinese and European individuals, is not sponsored by a nation state, but cyber criminals that specialise in financial crime. The targeted financial institutions are located in Russia, Japan, US and Europe. The gang – called Carbanak by the researchers – start their attacks with spear-phishing emails to bank employees, who are instructed to open an attachment which contains malware, which the hackers use to infiltrate the bank’s networks and do extensive reconnaissance about the inner workings of the bank.
Armed with that knowledge, they masquerade as employees, and steal money in ways that they hope will not won’t raise an alarm.
For example, by impersonating the employees the criminals would inflate an account’s balance, then transfer the extra money to an outside account. The legitimate owner of the account and the bank would usually not notice immediately what happened, because the legitimate funds were still there.
Another effective way to extract money, according to Michaud, is to instruct ATMs to dispense cash to an associate of the gang at a predetermined time. Apparently, one Kaspersky client lost $7.3 million through ATM withdrawals alone.
However no bank has come forward and publicly acknowledged a breach.
Michaud said: “And also, the average time to detection, you can quote me on this, is about 200 days. So, by the time the bank had discovered them they had already got in and got their spoils out. And they’re still there. Yes, 200 days later, you might not believe it but it’s true. I was called in a while ago to help fill out the security programme of a cryptocurrency exchange. They had detected some phishing emails.
“They have developers all over the world, such as the Philippines, Thailand, but they have no clue really, who these people really are. They’re in the industry they read code for so they must be valuable in some way. They decide not to use us.
“But we also decided to pull away because they were asking weird questions. It seemed like the CEO didn’t know what he was doing. And he had a track record of supposedly knowing what he was doing on LinkedIn. But the questions were just not right. We were also concerned since there’s a very high physical crime rate against cryptocurrency executives, at least 300 kidnappings at gunpoint around the world last year. One executive can be worth a ransom of over $10 million.
“But anyway, months later, we got a call. Their currency holdings got wiped out in an hour. What happened was that criminal hackers found all the executives phone numbers on social media and enough information on the names of their pets and other things from password breaches from LinkedIn and other services, where your password reset was probably going to be the one for your phone.
“And so, they were using SMS as their two factor authentication. So for password recovery for your email, your phone is your identity, because that’s where everything goes. And so the CEO and the CFO got nailed, then all the other executives at the same time, their numbers got ported, within two minutes it’s imported to a new SIM card, and then all of their passwords got reset to another number. It turned out the CEO was storing his private keys for his cryptocurrency in his phone with passwords. And then the hackers went to the CFO who did similar stuff, and then the comptroller got nailed. And then basically, they wired all of the money out into the network, and then all of a sudden, they pulled in all their email systems, everything went down. And all that money lost just because someone’s able to change your phone number.”
The Verint event had a wide remit and there was a lot of user satisfaction with both the content, which went from basic user-advice to good sessions on everything from cloud to security to digitisation. But the sessions on security showed very graphically that this is one area everyone has to tighten up on.
By Don Van McTraffic