[ISN] Organised crime targets ALL IT staff

From: InfoSec News (isn@private)
Date: Mon Oct 06 2003 - 23:10:16 PDT

  • Next message: InfoSec News: "[ISN] FBI Didn't Follow Proper Procedures"

    http://www.vnunet.com/News/1144074
    
    By Iain Thomson 
    [03-10-2003]
    
    Employees persuaded to infiltrate IT systems, warns High Tech Crime 
    Unit
    
    Organised syndicates are targeting IT staff to carry out online 
    crimes, according to the National High Tech Crime Unit (NHTCU). 
    While companies have been aware of the need to protect key management 
    staff such as board members and IT directors, there has been less 
    progress in protecting and monitoring IT and administrative staff. 
    
    And now these lower level staff are increasingly vulnerable to being 
    subverted. 
    
    "Business has become host to organised crime parasites," said 
    Detective Chief Superintendent Len Hynds, head of the NHTCU.
    
    "There is infiltration. We haven't found a single case of this being 
    through intimidation or other means; it's about making money."
    
    Staff are typically targeted over a period of months in a social 
    rather than work setting. Once recruited, IT staff are selling 
    corporate secrets or allowing access to corporate systems for illegal 
    use. 
    
    This can range from using the company's email servers to store illicit 
    material or send out spam, to major breaches where funds or company 
    secrets are stolen. 
    
    Since its inception the NHTCU has arrested over 100 people, ninety per 
    cent of whom had an IT background. 
    
    It has found criminals are devoting significant resources to 
    penetrating IT departments over long periods of time.
    
    "We've had cases where an organised gang has put someone through an IT 
    degree just to infiltrate a company," said David Porter, head of 
    security and risk at security consultant Detica. 
    
    "Once in a job they had access to all kinds of sensitive information."
    
    Hynds also called for more staff to deal with the increase in computer 
    crime around the country, and praised the level of international 
    co-operation the NHTCU was receiving from police forces around the 
    world. 
    
    Recent successes for the unit include becoming a member of the south 
    east Asian police information sharing network.
    
    The NHTCU is also redesigning its website to become a single point of 
    contact for businesses suffering from computer crime.
    
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Oct 07 2003 - 01:31:04 PDT