With advances in technology providing positive impacts to society such as improved collaboration, distributed computing, increased productivity and advanced communications, negative impacts to society are also created as people find ways to leverage those advances for their personal gain over innocent victims. Some common computer crimes include viruses, malware, denial of service, identity theft and fraud.
There are new examples of computer crime in the media daily – from stolen Target credit card data to Veteran’s Administration patient records. President Obama estimated the annual cost of computer crime to the global economy was $1 trillion dollars (a number disputed by many as the value of stolen data can be hard to calculate – for instance, what is the value of a stolen medical record? Hard to put hard dollar and cents around the asset, but very valuable to the person to whom the record refers.)
I was personally affected from stolen student records from the University of Nebraska-Lincoln; the former student responsible was just sentenced to 6 months in prison and $100,000 in restitution for his actions. When the perpetrator is caught, the penalties can be stiff, but many computer crimes go unpunished as the criminals stay one step ahead of law enforcement through new technologies and techniques.
There are three major areas of focus around computer crime affecting organizations: Prevention, Detection and Administration.
Prevention
The best way to deal with computer crime is to protect your organization and Associates from being victims in the first place. Secure infrastructure, application and database architectures are the foundation of prevention to ensure hardware and software are configured and developed in ways to prevent security breaches. Encryption of laptops is key in case of loss or theft. Firewalls filter network traffic and prevent unauthorized access to an organization’s systems. Anti-virus software prevents malware from taking hold on machines and servers. Restricted permissions ensure only authorized users can make changes to mission critical systems.
Detection
It is best to be proactive regarding IT Security, but it is impossible to stay technologically ahead of all computer crime. Because some form of computer crime is nearly inevitable, it is important to detect security breaches as soon as possible so they may be remediated. This is accomplished through systematic monitoring for security events, such as malware detection and unauthorized access attempts. Scanning and penetration testing help find security weaknesses and access points before they are exploited by unfriendly forces.
Administration
Policies, rules and training help Associates understand their responsibilities regarding their systems and give them tools to use in combatting computer crime. Policies create a framework for what is allowed and required, such as approval to install software, frequency of password changes, password strength and access to secure sites and programs. Training of Associates to understand basic security principles helps users make good choices regarding websites to visit, emails to open and software to install.
As Uncle Ben told a young Peter Parker, “With great power comes great responsibility.” This phrase can take on new meaning in today’s digital age with the unbelievable advances technology provides to society. The Computer Ethics Institute developed the Ten Commandments of Computer Ethics, perhaps it can be a guide to us to consider when exploring these new technological powers.
MGMORENO 
Prevention, Detection, Administration … I might add a fourth – Education. An educated workforce can certainly assist in safeguarding themselves.
I almost bit on a phishing email last week … and I consider myself pretty saavy. Yet I got what looked like a typical iTunes receipt for the purchase of a downloaded movie. I started to click the “I did not buy that” link when I noticed the url was outside the USA. So instead I logged into Apple Store and saw that no transaction had taken place. The thieves had built a convincing receipt, and I suspect that if I had clicked, I would have had the “opportunity” to log in to Apple … thereby giving away my passwords.
But I am educated enough to know not to go into pay sights straight from email.
LikeLike
Great quote!
I am still amazed at how well some of those gatekeepers protect us from computer crimes. I would imagine without them, we would not use technology as we do today. There seems to be an increasing number of “layers” to protect individuals. In the case of the Target records being compromised on one of the busiest shopping days of the year, I trusted my information with the retailer. That responsibility then switched to my credit card company, who I trusted when they first alerted me that my account was safe. I then trusted them again when they felt it was best to replace the card. I see so many advertised services that individuals are able to buy yet another layer of protection. Watching our identities, credit scores, and protection any type of personal information is available for purchase.
My parents previously had a long and upsetting ordeal over the past two years in which they were contacted by a company say that they, along with several thousand others, owed $2,000 for illegally downloading a pornographic video. They knew they had not done this and let the company know it was an error. They began receiving phone calls and letters from a “mediator” trying to get them to “settle” by paying the $2,000, otherwise, they would be sued. They were very upset, as the correspondence and calls would stop for a period of time, only to start up again. They considered just paying the money just to make it stop, but decided they would rather pay an attorney than this company. They did find an attorney who knew about this scenario and called it “trolling.” She described it in detail, matching my parents experience exactly. The next time they received a phone call, they referred the mediator to their attorney. Needless to say, they have not heard from them since.
In cases like these, they are playing the percentages, as they will hit some folks that do not understand, or are not educated on these matters. It was interesting to find out some places where privacy did not exist, such as information that was able to be legally obtained from their internet provider, explaining how they were able to contact so many people.
One thing I am realizing through everyone’s research this week is how overwhelming it can all be and I see how easily one could become preoccupied with these issues. It seems that almost everyone I know has been a victim of some type of computer crime, but it also does not stop us from continuing with our daily lives that incorporate technology. It could be quite easy to become paranoid about our own protection. I found myself wondering about where the balance should be so that we are doing our best to protect ourselves, while not having it takeover.
LikeLike
First off, love your title. I’m a huge comic book fan. Love it!
Let me share two stories with you about my experience with this. The first has to do with the Target incident that you mentioned. My wife had a debit card compromised at Target during the Christmas season. Not a fun experience. She has yet to go back to Target to shop because they breached her trust.
The second has to do with my father. He was on a trip and his card started to get declined. He found out from the credit card company that an organization that he had done business with believed their credit card information to be compromised. That organization notified the credit card company and the credit card company closed all of the affected accounts. My dad asked the credit card company what company it was. They would not tell him because that information was private between the credit card company and the organization. How frustrating! If a company is lax on security, shouldn’t we be allowed to know about it.
Just two examples of a much larger issue. No doubt, with great power…
JK
LikeLike
Agreeably so, it is difficult to put a dollar amount to the vulnerability experienced when one has been stripped of their privacy. I have been a victim of identity theft and I have no clue how this even happened. About 8 years ago, my debit card had been compromised. Although I thought I took all precautions, clearly I had not. I only used my debit card in the grocery store, never making large or frequent purchases with my card. One day, after reviewing my bank statement, I learned that someone had been paying utilities, car payments, cell phone payments, and eating in restaurants in Texas (I was living in New York at the time)!!! How on earth did this happen? How could I prevent such violation from occurring again? Again, there is no dollar amount equivalent to the disruption, damage, and violation felt during this time.
LikeLike
Hi there – you know, that quote sounded older to me than the Spiderman movie (I wondered if Uncle Ben was quoting someone else!) and I found that versions of this quote have been attributed to FDR (in a speech the day before he died), Churchill, Voltaire and even Jesus in scripture… Apparently it’s a powerful, continuing concept, and one we need to remember!
LikeLiked by 1 person