David Shapshak
The real economic damage caused by computer crime is committed by insiders who already have access to networks, not hackers trying to prove their technical prowess, computer experts warn.
Most computer crime is practised by organised crime syndicates, disgruntled employees, embezzlers and, rarely, hackers.
The South African Police Service says it investigated an estimated R326- million stolen through computer crime last year and expects an increase this year. This is more than what was taken in bank robberies and violent cash-in- transit heists put together.
Internet-related crime represented 4% of the investigations by the police’s computer unit. Fraud, on the other hand, accounted for 34% of investigations, with fraud involving corruption representing 12%, and theft and fraud 5%.
Bank fraud is often the result of people with inside knowledge exploiting existing holes in the system. Nedbank’s Martin Pienaar says where bank fraud does occur, it is as a result of collusion between criminal syndicates and insiders.
Hackers, however, tend to be bright young computer users who test their abilities by breaking into networks or server computers, usually belonging to big corporations, banks and occasionally military institutions.
This weekend newspapers reported hackers had gained access to the server companies like Acenet and the Internet service providers Internet Solution and MWeb. The organisations confirmed the attacks but stressed the information was not critical and their security has been plugged.
A common “hack” is to tie up a server with repeated requests for irrelevant data, causing it to crash or to be unavailable to anyone else.
This means shutting down an organi- sations’s Internet operations. This type of hacking often involves downloading software that “pings” the server, a radar-like means of sending a pulse to a computer to establish whether the machine is active.
Firewalls, the protective encryption software which prevents unrecognised computer users gaining access to isolated networks, are designed to shut down when they are hacked, a computer expert says. The Pentagon, the expert points out, is hacked three times a day.
“There has never been one successful commercial hack in South Africa,” says another computer expert. This means no hacker has made a profit through stealing money or information.
Earlier this year, Israeli teenager Ehud Tenenbaum hacked into Nasa and the Pentagon. In a classic case of hacking hysteria, FBI agents could only identify him as “The Analyser” and knew he came from the Middle East, before the Tel Aviv resident turned himself in.