- Email: [email protected]
Risk vs reward in computer crime
COMPUTER
MATING?
Donn B Parker has for a long time predicted that the first computer murder is not far away. Now in Los Angeles, the police have arrested a man who was running a pornography ring using a computer to keep track of his clients and their special interests. The villain's Heathkit Electronic computer, complete with floppy discs, worked on two files. The first was a customer data base, with names, addresses etc and the second an "interest data base" recording interests, kinks, etc. Cross reference of the two files would allow him to select variable lists of clients and services he had to offer. The police, using their computer system, have arrested four people including John Likens, an electrical engineer.
COMPUTER SMUGGLING
When you next arrive back from holidays in the sun, with that extra bottle of gin hidden in the suitcase and a gold watch stuffed in a sock, spare a thought for the poor old smuggler of computer parts, circuit boards and chips. The Customs men are on his trail. There is a duty of between 7 and 9%, plus VAT of 15%, on most electronic parts imported into the UK and the attractiveness of a quick smuggle to a small firm or sales rep (who claims duty he has not paid on his personal expenses) is high. The Customs are watching. Between July and October 1979 there were 10 cases picked up at London Airports of such smuggling attempts on goods valued between $700 and $3200. Most involved US companies and are thought to reflect the urgency of the business and the commercial pressure to get things done. The high-powered computer people were more interested in getting through the customs quickly than in evading duty, or so they said. Delays in customs clearance can be infuriating - you need to get a tape of data or a critical part to Zurich the same day and you find that it will take 5 days to clear customs. What can you do? A new company has been formed that specialises in fast customs clearance of computer related matter. Further details can be obtained by contacting the Editorial offices.
RISK VS COMPUTER
REWARD CR I ME
IN
A bank employee, David Reginald Allan, with a clean record for over 30 years was convicted at Birmingham Crown Court in March of defrauding his employers, National Westminster Bank Limited, of over E7000. Forty-six year old Allan was found guilty on seven charges of theft and false accounting. The offences were alleged to have commenced in 1972 and ended with his detection in 1979. The mechanics of the fraud were explained by the Prosecuting Council, Mr Malcolm Lee. He said that Allan had opened a number of fictitious accounts to which he granted overdraft facilities and then milked, rolling debts between accounting periods and between accounts. Mr Allan was jailed for 2 years and ordered to repay E7156. This, in the light of other recent sentences, may appear harsh and Mr Allan was perhaps unlucky to have gone to prison. British readers will be aware of the recent political discussion on overcrowded prisons and the encouragement given to Judges and Magistrates to avoid custodial sentences for other than violent crimes. In other words non-violent, fraudsmen are being given an
COMPUTEB~~~m~&SECUBITYBULlfiW
Vol2 No7
9
Disastrous
course
Crime of the future
unofficial guarantee that, if caught, they will retain their freedom. If this is not a disastrous course of action, we don't know what is. Look at the equation of risk versus reward to a potential computer criminal. First of all he can choose when and how he defrauds; the battle is on his home ground and under his rules. The probability of detection is low, and if detected, many companies will not report the facts for prosecution. If they do, there is a greater than 50% chance of acquittal and if convicted an extremely low chance of a imprisonment. The balance is loaded in favour of the white collar and computer criminal, particularly in times of economic difficulty and inflation when many families are being stretched to made ends meet. Non-violent crime is the crime of the future. In May 1980, the UK's Attorney General, Michael Havers, announced that courts and police should not be too concerned over the activities of "fringe criminals" and should concentrate on the major crimes and the people who commit them. He was concerned at recent Old Bailey trials where vast conspiracies have come before juries. In some, the organisers and leaders have escaped and the costs of convicting just the minor players has been considered to be too high a burden on the tax payer. All these things encourage rather than detract from crime and place an added burden on corporations to take sensible preventive action - then to have systems that will detect violations quickly and effectively. The prevention of corporate fraud is becoming more and more a corporate responsibility.
OAD,
CRANK
CLOD0 ON
AND THE
WARPATH
Although computer frauds have received little general publicity until very recently, European readers will already be aware of some disturbing trends in overt and violent crimes against computers. In Italy, for example, the Red Brigades have attacked and destroyed a number of computer installations, announcing that it is their policy to stamp out these symbols of repression. Now French data processing facilities are coming under attack from two militant groups: OAD (Direct Action) and CLOD0 (Committee for the Liquidation and Neutralization of Computers). It is thought that some members of these groups - as with the Red Brigades - are data processing staff. The Philips Electrical plant at Toulouse, the CII Honeywell Bull Installation and the National Traffic Centre at Paris have all suffered heavy losses at the hands of these groupsI who are alleged to have coordinated their policies with the Red Brigades. CLODO, which claims to represent computer workers, Some of their attacks have resulted is one of the most dangerous. in burned out equipment, and destroyed data bases and programs. Their targets have generally been European rather than American companies; so far they have left American multi-national companies untouched.
SLJmboz-ictargets
Although at the higher levels, the Red Brigades see computers as both symbolic and strategic targets - in the sense that Government would find it difficult to operate without them - the lower order organisations such as CLOD0 simply view computers as tools that do away with jobs. Their aims may be more short term. OAD has used a bazooka to knock out a computer installation in the
10
COMPUTEBV~3Q~DISECUBITY~
Vol2 No7
MATING?
Donn B Parker has for a long time predicted that the first computer murder is not far away. Now in Los Angeles, the police have arrested a man who was running a pornography ring using a computer to keep track of his clients and their special interests. The villain's Heathkit Electronic computer, complete with floppy discs, worked on two files. The first was a customer data base, with names, addresses etc and the second an "interest data base" recording interests, kinks, etc. Cross reference of the two files would allow him to select variable lists of clients and services he had to offer. The police, using their computer system, have arrested four people including John Likens, an electrical engineer.
COMPUTER SMUGGLING
When you next arrive back from holidays in the sun, with that extra bottle of gin hidden in the suitcase and a gold watch stuffed in a sock, spare a thought for the poor old smuggler of computer parts, circuit boards and chips. The Customs men are on his trail. There is a duty of between 7 and 9%, plus VAT of 15%, on most electronic parts imported into the UK and the attractiveness of a quick smuggle to a small firm or sales rep (who claims duty he has not paid on his personal expenses) is high. The Customs are watching. Between July and October 1979 there were 10 cases picked up at London Airports of such smuggling attempts on goods valued between $700 and $3200. Most involved US companies and are thought to reflect the urgency of the business and the commercial pressure to get things done. The high-powered computer people were more interested in getting through the customs quickly than in evading duty, or so they said. Delays in customs clearance can be infuriating - you need to get a tape of data or a critical part to Zurich the same day and you find that it will take 5 days to clear customs. What can you do? A new company has been formed that specialises in fast customs clearance of computer related matter. Further details can be obtained by contacting the Editorial offices.
RISK VS COMPUTER
REWARD CR I ME
IN
A bank employee, David Reginald Allan, with a clean record for over 30 years was convicted at Birmingham Crown Court in March of defrauding his employers, National Westminster Bank Limited, of over E7000. Forty-six year old Allan was found guilty on seven charges of theft and false accounting. The offences were alleged to have commenced in 1972 and ended with his detection in 1979. The mechanics of the fraud were explained by the Prosecuting Council, Mr Malcolm Lee. He said that Allan had opened a number of fictitious accounts to which he granted overdraft facilities and then milked, rolling debts between accounting periods and between accounts. Mr Allan was jailed for 2 years and ordered to repay E7156. This, in the light of other recent sentences, may appear harsh and Mr Allan was perhaps unlucky to have gone to prison. British readers will be aware of the recent political discussion on overcrowded prisons and the encouragement given to Judges and Magistrates to avoid custodial sentences for other than violent crimes. In other words non-violent, fraudsmen are being given an
COMPUTEB~~~m~&SECUBITYBULlfiW
Vol2 No7
9
Disastrous
course
Crime of the future
unofficial guarantee that, if caught, they will retain their freedom. If this is not a disastrous course of action, we don't know what is. Look at the equation of risk versus reward to a potential computer criminal. First of all he can choose when and how he defrauds; the battle is on his home ground and under his rules. The probability of detection is low, and if detected, many companies will not report the facts for prosecution. If they do, there is a greater than 50% chance of acquittal and if convicted an extremely low chance of a imprisonment. The balance is loaded in favour of the white collar and computer criminal, particularly in times of economic difficulty and inflation when many families are being stretched to made ends meet. Non-violent crime is the crime of the future. In May 1980, the UK's Attorney General, Michael Havers, announced that courts and police should not be too concerned over the activities of "fringe criminals" and should concentrate on the major crimes and the people who commit them. He was concerned at recent Old Bailey trials where vast conspiracies have come before juries. In some, the organisers and leaders have escaped and the costs of convicting just the minor players has been considered to be too high a burden on the tax payer. All these things encourage rather than detract from crime and place an added burden on corporations to take sensible preventive action - then to have systems that will detect violations quickly and effectively. The prevention of corporate fraud is becoming more and more a corporate responsibility.
OAD,
CRANK
CLOD0 ON
AND THE
WARPATH
Although computer frauds have received little general publicity until very recently, European readers will already be aware of some disturbing trends in overt and violent crimes against computers. In Italy, for example, the Red Brigades have attacked and destroyed a number of computer installations, announcing that it is their policy to stamp out these symbols of repression. Now French data processing facilities are coming under attack from two militant groups: OAD (Direct Action) and CLOD0 (Committee for the Liquidation and Neutralization of Computers). It is thought that some members of these groups - as with the Red Brigades - are data processing staff. The Philips Electrical plant at Toulouse, the CII Honeywell Bull Installation and the National Traffic Centre at Paris have all suffered heavy losses at the hands of these groupsI who are alleged to have coordinated their policies with the Red Brigades. CLODO, which claims to represent computer workers, Some of their attacks have resulted is one of the most dangerous. in burned out equipment, and destroyed data bases and programs. Their targets have generally been European rather than American companies; so far they have left American multi-national companies untouched.
SLJmboz-ictargets
Although at the higher levels, the Red Brigades see computers as both symbolic and strategic targets - in the sense that Government would find it difficult to operate without them - the lower order organisations such as CLOD0 simply view computers as tools that do away with jobs. Their aims may be more short term. OAD has used a bazooka to knock out a computer installation in the
10
COMPUTEBV~3Q~DISECUBITY~
Vol2 No7