E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants

Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.



Posted on April 25, 2000

      A survey of systems professionals shows 70% report being victimized by serious computer crimes, especially on the Internet.

      When equipment theft, viruses and other pilfering are factored in, the figure rises to 90%, according to the fifth annual survey by the FBI and the Computer Security Institute (CSI) of San Francisco.

      Those claiming financial losses reported totals exceeded $265 million, more than double that of 1999.

      "There is exponentially more money and value being placed on the Net," says Martha Stansell-Gamm, head of the Justice Department's computer crime section, "and that is attracting a kind of crook in the model of Willie Sutton."

      Sutton was notorious for nearly 100 bank robberies in 30 years. Upon his arrest in 1952, he is said to have explained why he robbed banks: "Because that's where the money is."

      "If Sutton were around today, he most certainly would say, 'I rob e-tailers because that is where the money is,' " says Kawika Daguio of the Financial Information Protection Association.

      The numbers in a new survey of systems professionals bear him out. The fifth annual Computer Crime and Security Survey shows that the Internet is termed a "frequent point of attack" by 59% of those responding; in 1996, only 37% cited the Net. In the past year alone, those reporting crimes involving breaches of Internet security rose from 62% to more than 70%.

      Law enforcement and private sector officials long have insisted that Internet prosperity combined with maturing, skilled cybercriminals would fuel an online crime spree against businesses.

      "There aren't a lot of good data to really measure the scope of criminal activity on the Net," Stansell-Gamm says. "But I can tell you, anecdotally, we're seeing lots and lots of extortion -- not merely hacking, but crimes for profit or malice."

      Her view is reflected in the trends of rising online crime shown in five years of member surveys conducted by the CSI, which provides security training for corporations and governments.

      "Nationally, crime is going down, but in cyberspace crime is rising, and it's going to continue rising because there's always more crime on the frontier than there is in long-established communities," says Richard Power, who directs the annual CSI survey in cooperation with the FBI.

      Not wanting to jeopardize public faith associated with the Internet's growth, business has treated online crime losses as a cost of doing business. Like shoplifting suffered by traditional retailers, Net companies label the losses as "inventory shrinkage" and rarely report them.

      According to the new survey, that practice has changed little in recent years. Among companies suffering Internet losses, those reporting to authorities dropped from 32% to 25% over the past year. Why? More than half cited negative publicity, while 39% worried about competitors.

      Some businesses and "many bankers fear that all the attention" being paid to online crime could become an excuse for government to more closely regulate and patrol the Internet, Daguio says.

      Meanwhile, the Justice Department has budgeted $1 million for next year to develop methods for collecting closely guarded data on computer vulnerabilities and security breaches.

      Alan Brill of Kroll-O'Gara, an international security and investigations firm, calls online extortion "a very real problem" that's made more complex by criminals' recognition that businesses will go to great lengths to avoid publicly acknowledging a weakness. "In some cases, merely an extortionate threat gains value without ever having to commit the underlying act," he says.

      He notes that online extortion typically involves a former employee departing with some secret, perhaps the code for essential corporate data, and returning weeks later as a "consultant" demanding a king's ransom for the code.

      "Now we're seeing more and more cases of outsiders getting into systems, lifting important data and demanding a ransom for its return," Brill says. "Next I expect they will attack (child) porn sites, grab customer lists and threaten to expose the customers' surfing habits."

      That's what made two attacks in January unique. When online music store CD Universe and Visa International in London refused to pay off, the extortionists went public, boasting to the media that they had stolen hundreds of thousands of credit card accounts using the Net.

      "Clearly, the kind of losses suffered by CD Universe is nothing new," says Drew Williams of BindView Corp., a security marketing firm in Houston. "Is this a new trend in computer attacks? No. Are we going to see more of these kinds of attacks? Yes. It's simply the result of more businesses coming online and having those assets exposed.

      "Organizations have to do basic homework before they do business online," Williams says.

      But even with the best protection money can buy, thieves will always follow the money, Power says: "As long as we have had storefront businesses, you've had people in the neighborhood trying to sell you protection. Why should it be any different in cyberspace?"

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.