Cybercrime skyrockets, say security reports
- — 09 July, 2001 09:20
Cybercops say computer crime incidents more than doubled last year, creating a virtual crime wave across computer systems all over the world.
More than 21,000 incidents, up from nearly 10,000 in 1999, were reported in 2000 to Carnegie Mellon University's Software Engineering Institute, which tracks online criminal activity in the United States and helps victims. This year's first quarter saw more than 7000 reported incidents.
The Internet Fraud Complaint Center, which was established by the U.S. Federal Bureau of Investigation and the National White Collar Crime Center in May 2000, reports increasing amounts of Internet fraud. Its reports total more than 20,000 complaints from its inception until early November. In addition to fraudulent transactions, cybercrime ranges from hacking to stealing credit card numbers and planting viruses.
The Fraud Complaint Center, which acts as a "cyber-community watch group," reports that online auction fraud comprises nearly two-thirds of the complaints.
"[Computer crime] will continue to grow as long as [online] commerce and business increases," says Richard Power, editorial director of the Computer Security Institute, a private group that conducts annual cybercrime surveys of U.S. businesses and institutions. "It's growing because most people don't understand security."
Most Crimes Avoidable
Sometimes victims know what they need to do to prevent problems. For example, almost all companies surveyed report incidents of viruses, and nearly all say they use antivirus software, Power says.
The bulk of the reported incidents and complaints are problems that can be prevented, agrees James Dempsey, deputy director of the Center for Democracy and Technology, a group that promotes civil liberties on the Internet.
"These are known problems for which there are known fixes," Dempsey says. "A large percentage of these incidents can be categorized as kid stuff. Only a small percentage of the incidents are serious crimes."
Of the 538 businesses surveyed by the Computer Security Institute, 64 percent say they experienced financial losses from computer breaches. About 70 percent of the respondents report their Internet connections are a frequent target of cybercriminals, rather than their internal systems.
Despite the increasing numbers, Dempsey and Power agree that tougher cybercrime laws are not the answer because the government has a bad track record in online security.
"This is not a law enforcement problem," Dempsey says.
More Eyes on Crooks
Besides the Internet Fraud Complaint Center, which only deals with fraud, other programs created by the government to fight these crimes include the National Infrastructure Protection Center, which handles incidents that involve someone trying to break into a computer's infrastructure, such as hacking.
The U.S. Department of Justice and the FBI are active in computer-related crime investigations as well. Also, Congress is debating a series of proposed laws involving computer safety issues such as privacy and copyright infringement.
"The federal government has done a good job in terms of making federal law enforcement available to reported computer crimes," Power says. But Dempsey urges keeping the government's role in cybercrime-fighting limited, saying the private sector should be responsible for computer and Internet security.
"The government has done a terrible job protecting its own systems," Dempsey says. "Any call for greater government would end up being something we would all regret."
(Lauren Dunn writes for the Medill News Service, a PC World affiliate.)