Era of the inside job is past

[InfoSec News <isn () C4I ORG>]

http://www.afr.com.au/reports/20000620/A19746-2000Jun19.html

By Bill Bennett
Jun 19 2000 20:14:10

Willie Sutton would have understood. The US bank robber's main claim
to fame is that when somebody asked him why he robbed banks, he is
reported to have said: "that's where the money is".

If Sutton (who stole about $US2 million in his 20-year life of crime
until his final arrest in 1952) were alive today, he'd be plugged in
to the internet. Indeed, it appears many of Sutton's philosophical
heirs have reached exactly the same conclusion. Criminals cottoned on
to the online world quite early in the piece. Hackers have been active
almost as long as computers have used telephone lines to swap data. In
fact, the early computing underground grew out of phone phreaking - a
murky, highly technical game where the aim was to access the world's
telephone lines without paying tolls.

The first widely reported cases of computer crime were in the 1960s.
Generally, in the early days, electronic misdemeanours were inside
jobs. The recent explosion of online communications has seen the
problem grow. Insiders remain a large component of computer crime, but
these days the emphasis is more on external activity.

Recent United States Department of Justice statistics show that
reported online crime cases increased by 43 per cent between 1977 and
1999. However, the statistics also note that online crime is
notoriously under-reported.

The nature of under-reporting means nobody knows for certain, but
anecdotal evidence says that many companies pay blackmailers and sweep
theft under the carpet in the hope that other online criminals don't
notice their vulnerabilities. Some hope.

[...]

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".