The Global Problem of Computer Crimes and the Need for Security

Article excerpt

Today's widespread use of computers in daily activities has also added to the increased possibilities of computer manipulations and crimes. This has become a big strategic as well as legal issue where a lot of money is being lost due to computer crimes. In this article various types of computer crimes are explained and some of the factors are discussed which are contributing to this growing problem. Although there are things that could be done and steps that could be taken to cut down the pervasiveness of computer security problems, because of the rapid advancements in computer technology the "awareness" of the problem and periodic security audit is probably the most important measure against computer crimes. Computer crime has become a big issue in today's society, with losses of large amounts of money and valuable data. Ernst & Whinny estimates computer fraud losses at more than $3 billion a year (Crysler & Keller, 1988). This sum is very great and costly to many corporations. Computer tampering is now a crime in 48 states; Virginia and Vermont being the only exceptions. The penalties range up to 100,000 in fines and/or 10 years in jail (Aaland, 1988). But are these penalties enough to cut back on the crime when one considers that most of these cases are not even reported, and the pay-off is often times very great. Many companies fear adverse publicity, lawsuits by persons whose records have been exposed, and charges that their computer systems are not secure. Therefore, only a few companies choose to press charges against computer trespassers (Gilbert, 1989). While the average bank robbery nets a thief about $5,000 the average loss per computer crime is $300,000. Personnel involved in computer break-ins generally know the system applications. Having worked or are working in the firms where the break-ins take place (Irwin, 1989).

Athough some acts of computer crimes by employees may be partly motivated by the hope of financial gain, most appear to have been committed for other reasons. A primary motivation for many such crimes is retaliation against management for policies or personnel actions (Crin & Leap, 1989). This brings up the question of the importance of computer security. The importance of computer security is evident in the increased spending since 1985. In 1986 8 percent of the average security budget was devoted to computer protection, while in 1988 that number reached 12 percent (Lydon, 1988). Nevertheless, the comprehension of computer security needs are still low. In a recent study it was found that out of 1200 small businesses using computers extensively, only 15 percent had developed computer security measures of some sort (Bradford, Norris & Kahai, 1990).

The advent of the personal computer has greatly affected the outlook toward computer security. Now with 35 to 40 million PCs in the work place, companies large and small alike, are vulnerable to computer crimes (Aaland, 1988).

This paper discusses some of these computer crimes, what causes them and some other factors relating to problems affecting computer security. According to Farhoomand (1989) the percentage of the firms affected by one or more computer related problems in 1988 were as follows: utilities failure (80.8 percent), inadequate control (75.6 percent), compliance failure (73.1 percent), improper guidance (67.9 percent), environment support breakdown (64.1 percent), electromagnetic discharges (43.6 percent), liquids (29.5 percent), electronic intrusion (29.5 percent), fraud and embezzlement (16.7 percent), gases (11.5 percent), physical intrusion (10.3 percent), service loss (7.7), vandalism (7.7 percent), sabotage (6.4 percent), living organisms (2.6 percent), projectiles (2.6 percent), and earth movements (1.3 percent). It is obvious that a sizable number of computer related problems occur due to deliberate criminal acts.

Is Ignorance Bliss?

Against such a background it is not surprising that computer crimes have become increasingly attractive for individuals targeting their present or former employers or other organizations, as well as for corporations trying to gain a competitive advantage. …