The recession, lay offs and ease of accessing information drives up cyber crime. It’s happened to someone you know. Like your friend who wanted to transfer some money out of the country to a relative. Used a money transfer service and next thing she knew all her funds were cleared out of the credit card.
Jenny Dugmore, CEO of FireID has heard quite a few of these stories and says they are becoming more commonplace: “I know of a person who had their whole access bond cleared out. They had a one time password that was sent to them by email that was intercepted. While this person was logged on they watched their money being transferred out of their account and there was nothing that could be done to stop it,” she says.
Like most industries, the global financial meltdown is affecting the cyber crime sector as well. Except what the recession is doing is feeding in more and more people who have the potential to commit fraud online. Bankers, financiers and computer experts are being laid off in droves and given they have lifestyles to maintain are using their skills for nefarious means.
No surprise then that the Internet Crime Complaint Center, a partnership between the FBI and the National White Collar Crime Center in the US, report that online crime hit a record high in 2008, increasing by 33.1% increase over the previous year.
Dino Covocsos, Founder and CEO of information security provider Telspace says that local fraud figures are likely to be higher. “At the moment it is a lot easier to commit a crime online than it is to physically commit a crime. Our clients are noticing that criminals are moving from physical robbery to the online robberies because it is easier and they are a lot less likely to be caught.”
Aside from the vast number of financial and technology experts now without jobs, another factor driving crime is the ease and pervasiveness of information. The internet’s liberation of knowledge also means that books, information, networks and shared resources on launching attacks are more readily available online. “People who have been retrenched can access this information fairly easily, it is just a matter of learning the techniques,” says Covocsos.
The biggest challenge in South Africa is trying to apprehend and bring criminals to book, and the lack of a regulator come emergency response team that helps when attacks take place. “It is extremely difficult to catch the criminals because it costs so much money, and time is needed to interact with ISPs, pick up logs and get subpoenas.” Covocsos says by that time the logs have been recycled or the criminal has moved on.
Locally there are no laws that stipulate that if a company gets broken into, this has to be declared. “This will change with new legislation and international laws that will come into effect soon. If there is a break in that affects users, organizations will be compelled to declare that the user’s information is at risk and may have been compromised. Up until now many companies haven’t disclosed breaches of security to save face.”
And until such time as those laws are passed and our country organizes a better response to online crime, the cyber fraudsters are getting away with millions.
ORIGINALLY COMMISSIONED BY BRAINSTORM MAGAZINE.
I read with interest that the biggest challenge in SA is bringing these criminals to book. In my view, the biggest challenge is effectively promoting Safe and Secure Computing principles to the South African Government. I deal with Government on a weekly basis and it is frightening the state of Security or complete lack thereof in South African State Deps. IT Security is not understood at Government level in this country.
Posted by: Mark | 29 July 2009 at 10:51
Thanks Mark. Interesting comment. And security should be better understood by government given that their policing, law making and other organisations are directly responsible for bringing criminals to book.
Posted by: Mandy de Waal | 30 July 2009 at 11:37