13 Aug Are You Prepared To Lose Your Identity?
MILWAUKEE — Attacks on computers, phone systems, and other such technologies are coming from anywhere in the world at any time. Attacks are launched from within the enterprise as well out. The frequency, variety and severity, of these computer attacks are increasing at an alarming rate, a panel of security experts told those attending the August meeting of eInnovate.
On the very day computer worms attacked innumerable computers around the world, the message to this group wasn’t startling. Many attendees were shocked at the specifics about how huge the number of nefarious actions, and the variety of ways to combat them are increasing on the Internet. The efforts and ineffectiveness of law enforcement makes a person feel like a victim with almost nowhere to turn for help.
“The perpetrators of crime using technology are limited only by the limits of their perversity,” said Harry Kohal, head of the Wisconsin Association of Computer Crime Investigators, who works with the Federal Bureau of Investigation on computer crime.
Kohal talked at length about identity theft because the average victim doesn’t notice the crime for 18 months and spends 175 hours and $810 plus attorney’s fees over two years to repair the damage. They also suffer negative impact on loan financing, employment search, and other areas using credit records.
Work places may serve as the most fertile soil for technology crimes because of the huge resources involved and the ease of attack. “People in companies have spent a lot of time cleaning up big messes they didn’t need to,” said Thomas Szews, of Norlight Communications.
Another panelist, John Fons, founder and head of LawServe, LLC, added, “Most companies most important assets, trade secrets such as pricing and other financial data and vendor and customer information, are on computer systems where computers are simply left on, software is not updated, and no policies about access exist or are enforced.”.
The panelists cited:
– people dumping pornography on computers without computer owners’ consent
– loading of unauthorized software or files on systems to steal resources and content
– systems administrators hacking systems they oversee
– wireless buffs war-driving (cruising to find wireless networks they can hack) and war-chalking (using chalk to mark the hot spots) and using antennas to boost the range of their hacking by 2,000 feet
– hackers stealing credit card numbers from Best Buy stores that were using unprotected wireless systems to transmit the numbers, and
– people using camera phones to photograph computer screens and other things on-site to capture information
What can the average person do? For starters, DON’T:
– carry a Social Security card
– put your SSN or drivers’ license number on checks
– give out those numbers and other personal information such as birthdates, military ID numbers, and mothers’ maiden names
– use simplistic passwords for credit cards and computers, update computer virus software
– leave computers on constantly
– have a locked U.S. mailbox
– be aware of “shoulder surfers” looking to acquire the information they need by eavesdropping
– update computer virus software, and
– contact authorities when defrauded.
Kohal urged people to report to the Internet Fraud Complaint Center, at www.ifccfbi.gov.
What about companies? “You can have the best equipment and software,” Norlight’s Szews said, “but most important are people.” They need to follow well-established guidelines and procedures and use common sense. He cited well-meaning employees installing their own wireless hubs on company networks. “This just leaves the networks wide open to hackers who don’t even need to walk in the door.”
Companies also should perform background checks on MIS employees and those with network access and control, tailor access to limit what any one employee or group of employees sees, diligently update and monitor firewalls and other security features, and implement and enforce comprehensive and effective compliance programs, some of which are now required.
Tim Cowling is an independent consultant on growth and development to small businesses and other enterprises, with particular expertise in finance and communications. A former daily newspaper reporter and editor, small business owner, and investment broker, he also is a free-lance writer. He can be reached at EGSTim@Hotmail.com.