Computer Crimes Create a New Market
For chapter 15

The proliferation of organizational computing and the Internet has also led to a proliferation of cybercrimes. The most damaging of these crimes is not the physical destruction of computer equipment, but rather the stealing of information from company systems. This could be proprietary product specifications, company payroll information, personnel passwords, or any other type of information that the company would like to protect from direct competitors or others who should not have access to it.

As a result of this increase in cybercrimes, the computer security and Internet security markets have grown substantially in the last few years and are expected to continue growing into the near future. In an effort to help organizations worldwide deal with cybercrime, the International Chamber of Commerce (ICC) has established the Cyber Crime Bureau (CCB) under its Commercial Crime Services division. The CCB will track which companies are being attacked, how the attack was carried out, what weakness or problem was exploited, and how the problem or weakness was fixed. The CCB is concerned with more than just hacking, though hacking will be a major concern. They are also concerned with money laundering, pyramid schemes, and fraudulent ventures. The hope is that organizations, and specifically computer security companies, can learn from all of the information collected and then better plan and prepare for potential attacks in the future. Go to http://www.iccwbo.org/iccrime.htm for more information on the ICC and the Commercial Crime Services division.

As far as hacking in particular, a new product has just been made available from Netect Inc. called HackerShield. HackerShield, available at $695 per NT server, scans both the server(s) and network devices for potential hacking weaknesses and then recommends specific actions to be taken to fix the problem(s). HackerShield compares favorably to other products already on the market from Internet Security Systems Inc., Security Dynamics Technologies Inc., and Network Associates Inc. A key feature of HackerShield is its ease of use as well as its ability to automatically fix numerous problems. Another feature is the ability to add additional tests as they become available from the manufacturer, further strengthening the power of the program in finding potential problems before they become problems. Potential adopters of this product should be clear that HackerShield and its rivals do not protect against real-time hacking. For this type of protection, additional products are needed such as Internet Security Systems Inc.´s RealSecure or Internet Tools Inc.´s ID-Trak. In addition, Netect is planning on entering this market in early 1999 with their HackerAlert product. See http://www.netect.com/ for more details on the products available from Netect Inc.

Points to Ponder:

1. Have you ever worked in an organization that experienced a computer break-in? How did the hacker(s) get in? What did the company do afterwards to prevent further loss?
2. If you had to rate the importance of dealing with security concerns such as the ones mentioned above, how would they rate? How would they compare with concerns of privacy?