Information Security News mailing list archives
Many victims of hacks clam up
From: William Knowles <wk () C4I ORG>
Date: Tue, 28 Nov 2000 02:08:06 -0600
http://www.usatoday.com/life/cyber/tech/cti839.htm By Greg Farrell USA TODAY 11/27/00- Updated 08:35 AM ET Across Corporate America, the hacker attack is the crime that no one wants to talk about. According to the FBI and security consultants, only a few of the many companies that suffer Internet-related security breaches or whose databases are compromised by hackers ever approach law enforcement for help. As a result, awareness of Internet-related crime is much lower than it should be, industry professionals warn. ''The World Trade Center bombing woke companies up to the issue of physical security,'' says Ted Fraumann, an ex-FBI agent who works at Stroz Associates. ''It's going to take another event like the World Trade Center bombing to wake people up to the importance of Internet security.'' FBI surveys on cyber crimes show that extortion is a growing problem. ''A significant number of victim companies do not report this to law enforcement but go ahead and pay the extortion,'' says FBI spokesman Joe Valiquette. ''As a business guy, I understand why companies don't like to admit that they've been hacked into,'' says Bruce Schneier of Counterpane Internet Security. ''But as a security guy, I wish people would go public, because we all need to learn the dangers that are out there.'' The world knows that hackers got into Microsoft's system in October, and that a virus brought several e-commerce sites to a halt last winter. But those high-profile incidents are the tip of the iceberg. ''These incidents are so public that they have to get out,'' says Emily Freeman of Marsh, an insurance company that offers coverage for Internet-related damage. ''But there are probably thousands of incidents that never get reported.'' The problem is that many corporate chieftains think of cyber crime as less tangible and dangerous than crimes like burglary and embezzlement. ''The kinds of activity taking place in the digital environment are the same as those that have been taking place since people existed,'' says Cal Slemp, director of global trust at IBM. ''All we've done is move from a face-to-face environment to a digital one.'' In addition to defacing a company's Web site, cyber crooks have the ability to pilfer a company's crown jewels, such as its customer list or its customers' credit card numbers. Such attacks not only cost money but can damage a firm's credibility. ''The more network-reliant your business is, the more this should be on your radar screen,'' says Alan Brown of Chubb, another firm that offers ''e-risk'' insurance solutions. The lack of knowledge about the dangers of Internet-related crime is a double-edged sword. Some companies are ignorant of their exposure, while others fear the unknown. ''The fear of cyber crimes is a major inhibitor to firms going into e-commerce,'' says IBM's Slemp. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Many victims of hacks clam up William Knowles (Nov 28)