Although the actual extent of computer crime is difficult to measure, most experts agree that it is one of the fastest growing areas of illegal activity. The principal reason for both the growth and the lack of accurate measurement is the difficulty in detecting a well-executed theft. Losses per incident thus tend to be higher than in other types of theft. 1.Once the computer criminal has compromised the system, it is just as easy to steal a great sum as it is to steal a little,and to continue stealing long after the initial theft. Indeed, the computer criminal may find it more difficult to stop his illicit activity than to start it.
2. Computer criminals are.for the most part,well-educated and highly intelligent,and have the analytical skills that make them valued employees. The fact that computer criminals do not fit criminal stereotypes helps them to obtain the positions they require to carry out crimes. Being intelligent, they have fertile imaginations,and the variety of ways in which they use equipment to their advantage is constantly being extended. In addition to direct theft of funds, the theft of data (program-napping") for corporate espionage or extortion is becoming widespread, and can obviously have a substantial effect on a company's finances.3. Another lucrative scheme,often difficult to detect,involves accumulating fractions of pence from individual payroll accounts,with electronic transfer of the accumulated amount to the criminal's payroll. Employers are hardly concerned with pence, much less fractions of pence. In addition, of course,the company's total payroll is unaffected.
Guarding against computer abuse --whether deliberate or accidental——involves attention to the following areas: (1) Protection of hardware from physical damage; (2) Protection of software and data.
4.The protection of hardware from accidental or intentional damage is a function of the environment in which the equipment is kept.The computer must be isolated from other company facilities, and access should be strictly controlled.No unauthorized person should ever be admitted to the computer area.Many insurance companies and security firms offer free evaluation of the physical protection of computer installations.
The protection of software is a more difficult problem.5.Some risks are reduced by controlling physical access by unauthorized personnel,but most damage to software,accidental and intentional,is caused by those whose jobs require at least some access to the computer. The writer of the program is often the one responsible for its misuse. Programs devised exclusively for a particular company are therefore far more vulnerable to abuse and accident than standard software packages produced by external suppliers.
A unique program is both difficult and expensive to replace. Accidental erasure, sabotage, or physical removal of a single disk or tape could mean that a whole system has to be rebuilt,followed by a lengthy testing process. 6.The creators of a custom-made program are almost always company employees, who may or may not have a vested interest in the program's function. Moreover, they can alter the program at will,and there is little management that one can do to make sure that alterations in a unique program are always legitimate.
