home *** CD-ROM | disk | FTP | other *** search
- FROM: PR NEWSWIRE Wednesday July 17, 1985 Update: 16
-
- CGA SOFTWARE PRODUCTS GROUP ON COMPUTER CRIME
-
- INTERNAL COMPUTER CRIME PROVES GREATER THREAT THAN 'HACKERS'
- NEW YORK, July 17 /PRNewswire/ -- For every outsider who
- accesses Pentagon telephone numbers or makes fraudulent credit
- card purchases, like the seven New Jersey teenagers arrested re-
- cently, it is estimated that far greater numbers of disgruntled
- or dishonest employees damage their employers' computer systems
- internally every day.
- "Teenage 'hackers' are just the tip of the computer crime
- iceberg," says Carol Molloy, a computer security specialist with
- CGA Software Products Group, Holmdel, N.J. "These computer
- crimes get the spotlight because the perpetrators get caught and
- the victims are willing to prosecute."
- More insidious data fraud and malicious damage occurs inside
- corporations than any hacker ever committed, Molloy continues.
- "Employees have far greater access to sensitive information, and
- many times are so well acquainted with procedures and security
- features that they leave no trail at all," she adds. "Unhappy
- employees can leave a programming 'time bomb' in a computer that
- causes trouble long after they are fired or leave for another
- job."
- Carelessness, rather than malice, often causes even more
- problems, according to Molloy. "Many computer security systems
- are based on passwords, and people can be very lax about protect-
- ing them."
- Employee computer crimes, however, receive far less attention
- than outside break-ins, Molloy says, because victimized organiza-
- tions are unwilling to publicize the matter through arrest and
- prosecution. "Revealing damage from internal sources doesn't do
- much for a company's image," she says.
- "Customers, corporations feel, will start to wonder about
- just how secure relevant information may be and may decide to go
- elsewhere. Also, insurance premiums often go up after a theft is
- revealed."
- The question facing data processing and information managers
- is not whether a security system should be installed, but how to
- go about it, says Molloy. "Many organizations believe that secu-
- rity is solely the concern of the managers," she says. "They
- don't realize that implementing security requires extensive
- internal support."
- Security systems also demand ongoing maintenance, she says.
- "Just installing the system doesn't mean data is secure from then
- on," she points out.
- "Our experience at CGA has shown that installing security is
- an organization-wide effort," she says. "Many corporations con-
- sider compliance with security procedures part of regular perfor-
- mance reviews, and adhering to regulations is routinely included
- in job descriptions. This usually results in active, widespread
- employee support for security procedures, especially when it's
- obvious that the company takes security seriously."
- Molloy is product manager for Top Secret, a security software
- package from CGA, and is a recognized authority on planning and
- implementing computer security systems.
- Provided by Elric of
- Imrryr & Lunatic Labs& UnLtd.
-
-
-
-
-
-
-
-
-
-
-
-