NCJ Number
164594
Journal
FBI Law Enforcement Bulletin Volume: 65 Issue: 12 Dated: (December 1996) Pages: 1-8
Date Published
1996
Length
8 pages
Annotation
This article examines the prevalence and characteristics of computer-related crime, followed by an assessment of various computer security countermeasures.
Abstract
Research shows that computer crime poses a real threat, both in terms of prevalence and damage. Money and intellectual property have been stolen, corporate operations impeded, and jobs lost as a result of computer crime. Similarly, information systems in government and business alike have been compromised. The economic impact of computer crime is significant; British Banking Association representatives estimate the global loss to computer fraud alone as approximately $8 billion each year. Security measures that have been used include encryption, operations security, cash accounts security, employee training, and firewalls. Encryption of a file and data make it more difficult for anyone to access them, so encryption should be considered an important tool for protecting confidential information. Operations security includes such measures as monitoring users, creating audit trails of system users, and conducting physical surveillance of users and systems. A number of measures are required to secure cash accounts, including changing passwords regularly, using numerical access control systems, upgrading authentication software, monitoring employees, maintaining audit trails, and regularly reviewing cash accounts for small losses. Across the board, increased employee training has consistently helped minimize computer-related theft. "Firewalls" are software controls that permit system access only to users specifically registered with a computer. Data have shown no significant relationship between this countermeasure and information protection. Law enforcement agencies must develop specialized criminal investigative units and prevention programs for computer crime. Also, police departments should take immediate steps to protect their own information systems. 12 notes