Tuesday, March 20, 2012

Computer Fraud and Countermeasures

March 14, 2010

I just read an article in slicon.com about corporate cyberespionage (Cyber espionage: Firms fail to take threat seriously, by Shelly Portet, http://www.silicon.com/technology/security/2011/03/09/cyber-espionage-firms-fail-to-take-threat-seriously-39747112/).

Computer fraud has been responsible for a massive number of cases of identity theft over the last decade, and there is no end in sight. Both my wife and I have had our identities stolen, and sold to criminals. As a result, we needed an attorney’s help to work with the IRS, which thought we had an offshore bank account funding terrorism. Nasty.

Has this happened to you or someone you know? Do you track your credit reports to stop identity theft (after it’s occurred)?

From the article, it appears most corporations haven’t awakened to the possibility that a cybercriminal has hacked their corporate website and stolen proprietary information for resale or competitive response.

The author of the report recommends that corporate users not copy files to their own computers, since it would provide more targets for a hacker. But there’s a problem in not having multiple copies out there: A single copy on a cloud server provides less work for a hacker who desires to modify the file so it either contains viruses or, even worse, is no longer an accurate depiction of the thoughts of its creator. Without multiple copies, reconstructing the original version would be difficult or impossible. Seems to me, offsite, offline copies would be a better alternative.

I wrote an article years ago entitled “Cash Management Data Security,” for the Journal of Cash Management (under my real name: Volume 4, Number 5, page 74). I also was quoted on the subject of computer fraud corporate cybercrime in Pension & Investment Age on November 12, “Workstation Technology Dominates Conference,” 1984, page 26): “Nothing in the field of data security has really changed over the past seven years, only the prominence of the problem.”

Now, with cloud computing becoming prevalent, it appears we’re ripe for a bigger problem than ever.

What do your think? If the company you work for is prepared to defend itself against cybercriminals, I’d like to know about it. BUT, don’t leave your company’s name (in your blogspot comment). We wouldn’t want to tempt fate now, would we?

No comments:

Post a Comment