[ISN] Organised crime targets ALL IT staff

From: InfoSec News (isn@private)
Date: Mon Oct 06 2003 - 23:10:16 PDT

Next message: InfoSec News: "[ISN] FBI Didn't Follow Proper Procedures"

Previous message: InfoSec News: "[ISN] US port 'hit by UK hacker'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.vnunet.com/News/1144074

By Iain Thomson 
[03-10-2003]

Employees persuaded to infiltrate IT systems, warns High Tech Crime 
Unit

Organised syndicates are targeting IT staff to carry out online 
crimes, according to the National High Tech Crime Unit (NHTCU). 
While companies have been aware of the need to protect key management 
staff such as board members and IT directors, there has been less 
progress in protecting and monitoring IT and administrative staff. 

And now these lower level staff are increasingly vulnerable to being 
subverted. 

"Business has become host to organised crime parasites," said 
Detective Chief Superintendent Len Hynds, head of the NHTCU.

"There is infiltration. We haven't found a single case of this being 
through intimidation or other means; it's about making money."

Staff are typically targeted over a period of months in a social 
rather than work setting. Once recruited, IT staff are selling 
corporate secrets or allowing access to corporate systems for illegal 
use. 

This can range from using the company's email servers to store illicit 
material or send out spam, to major breaches where funds or company 
secrets are stolen. 

Since its inception the NHTCU has arrested over 100 people, ninety per 
cent of whom had an IT background. 

It has found criminals are devoting significant resources to 
penetrating IT departments over long periods of time.

"We've had cases where an organised gang has put someone through an IT 
degree just to infiltrate a company," said David Porter, head of 
security and risk at security consultant Detica. 

"Once in a job they had access to all kinds of sensitive information."

Hynds also called for more staff to deal with the increase in computer 
crime around the country, and praised the level of international 
co-operation the NHTCU was receiving from police forces around the 
world. 

Recent successes for the unit include becoming a member of the south 
east Asian police information sharing network.

The NHTCU is also redesigning its website to become a single point of 
contact for businesses suffering from computer crime.




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] FBI Didn't Follow Proper Procedures"
Previous message: InfoSec News: "[ISN] US port 'hit by UK hacker'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Oct 07 2003 - 01:31:04 PDT