Growing Threat Of Computer Crimes

Running head: THE GROWING THREAT OF COMPUTER CRIME The Growing Threat of Computer Crime Diana Ritter Baker College of Cadillac May 9, 2001 Abstract Computers have been used for most kinds of crime, including fraud, theft, larceny, embezzlement, burglary, sabotage, espionage, murder, and forgery, since the first cases were reported in 1958. One study of 1,500 computer crimes established that most of them were committed by trusted computer users within businesses; persons with the requisite skills, knowledge, access, and resources. With the arrival of personal computers to manipulate information and access computers by telephone, increasing numbers of crimes--electronic trespassing, copyrighted-information piracy, vandalism--have been committed by computer hobbyists, known as hackers, who display a high level of technical expertise. For many years, the term hacker defined someone who was a wizard with computers and programming. It was a challenge to all hackers, and an honor to be considered a hacker. But when a few hackers began to use their skills to break into private computer systems and steal money, or interfere with the system's operations, the word acquired its current negative meaning. With the growing use of computers and the increase in computer crimes, early detection, deterring computer crimes, and new laws regulating and punishing these computer crimes are necessary. Without it, chaos will be the end result. The Growing Threat of Computer Crime Do you think your company’s computer systems are secure? Think again. Billions of dollars in losses have already been discovered due to computer crimes. Billions more have gone undetected. Trillions more will be stolen, most without detection, by the emerging master criminal of the twenty first century --The computer crime offender. What’s worse yet is that anyone with a computer can become a computer criminal. Crimes such as embezzlement, fraud and money laundering are not new. However, each of these crimes now has a new partner in crime-the computer. Crimes that have become unique due to the availability and widespread use of computers include: a. unauthorized use, access, modification, copying, and destruction of software or data; b. theft of money by altering computer records of theft of computer time; c. theft or destruction of hardware; d. use or conspiracy to use computer resources to commit a felony; e. intent to obtain information or tangible property, illegally through use of the computer. (Fraud Survey Results, 1993) Although incidents in this second category of crimes do present a serious problem, embezzlement is by far the major threat to small businesses. This is evident by the frequency of reports in the local media. Cash is the most vulnerable asset as it is the easiest for the perpetrator to convert to personal use. Firms most vulnerable to theft of money are firms that must rely on one individual to perform the duties of office manager and bookkeeper. Having more than one employee in the office provides an opportunity to effect certain internal controls, particularly separation of duties. Small business owners should review their insurance coverage for employee dishonesty. While there are no standards to determine precisely the amount of coverage necessary, the marginal cost of adding an extra $1,000 of coverage decreases as the coverage increases. A business owner should consult with an insurance agent and err on the side of caution, just to be safe. Although theft of money is a major subject when speaking of computer crime, there are also many other areas to be concerned about. Some of the computer crimes for the 21st century will include: Communication crimes (cellular theft and telephone fraud). Low-tech thieves in airports and bus terminals use binoculars to steal calling card access numbers. Thieves will park their vans along busy interstate highways and use specialized equipment to steal cellular telephone access codes from the air. This is just the tip of the “iceberg”. Business. Most banking today is done by electronic impulse. Therefore, access to business computers equals access to money (and lots of it). Convicted computer hacker, John Lee, a founder of the infamous “Master’s of Deception” hacker group stated that he could change credit card records and bank balances, get free limousines, airplane tickets, and hotel rooms (without anyone being billed), change utility and rent rates, distribute computer software programs free to all over the internet, and easily obtain insider trading information. ImagineвЂ¦Ð²Ð‚¦Ð²Ð‚¦this is just one person. Think of all the hundreds of “hackers” that are out there. Computer stalking. One type of computer criminal rapidly emerging is the “cyber stalker”. One such stalker, the pedophile, surfs the net looking to build relationships with young boys or girls and then sets out to meet them in person to pursue his/her sexual intensions. This type of activity also leads to sellers of child pornography over the internet. Virtual crimes. Stock and bond fraud is already appearing on the internet. Stocks and bonds that appear on the market are actively traded (for a short period of time) and then disappear. These stocks and bonds are nonexistent-only the electronic impulses are read. One must note, however, no matter how clever the hacker, the most serious security threat in most enterprises is password theft. Password stealing is the “holy grail” of hacking. Once a username/password combination has been found, the hacker has free rein to exploit that user account. Firewalls, intrusion detection systems, encryption, and other countermeasures are powerless. Here, hackers an get a hold of a valid user name and password, plus the right URL or dial up number, and can use these to steal your sensitive data. Hackers can also use programs such as “sniffers” to steal your sensitive data. These programs look for particular information such as passwords or credit card numbers in which the hackers turn around and use to their benefit. Last year, a so-called “sniffer” was used to steal more than 100,000 credit numbers which were stored on the server of an internet service provider. The top ten types of high tech criminal activity are reported as: 1. Virus infection 83%; 2. Abusive use of the internet 69%; 3. Laptop theft 58%; 4. Unauthorized insider use 40%; 5. Telecommunication fraud 27%; 6. Information theft 21%; 7. Network break-in 20%; 8. Sabotage 14% 9. Financial fraud 12% 10. Active wiretap 4%. (Computer Security Institute for the FBJ) As you can see, computer crime isn’t limited to any one area or business. And nothing boosts awareness of computer security better than a few widely publicized breaches. In 1998, a federal prosecutor charged

...