Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player

Company Profile
Intelligence
I.T. Integrity
Other Services
CRS Training
Security News
Client Portfolio
CRS Enquiries
Email Us
HOME
 
 
 
 
 
 
 

INFORMATION TECHNOLOGY WITH REGARD TO COMPUTER SECURITY, INTEGRITY AND RELATED CRIMES IN SOUTH AFRICA
Daily, huge amounts of society's assets are being developed, stored, transmitted, and manipulated using computers and their associated data networks.

Information relating to the design of new industrial products, (vehicle manufacturing), medicine, insurance, scientific research, social policy, law enforcement,and national defense has
Information technology is vital to securing your company's secrets!
all been moving from file cabinets and desktops to the virtual workplace presented by computers and computer networks.

The Internet, the largest computer network in the world, was estimated to reach over 25 million people in more than 100 counties on all seven continents, increasing at the rate of as much as 15 percent per month during 1995. (Estimated at probably 200 million in 1998)

This brave new world is not without it's dark side. Most of these applications are likely targets for traditional crimes, including theft, fraud, vandalism, extortion, and espionage. They are also susceptible to new threats specific to computers and networks, such as computer viruses. The people computerising these resources have failed to consider the security requirements necessary to properly safeguard them, or their managers don't understand the risks well enough to fund the efforts. Insufficient training in security, buggy software, and inadequate software engineering methods all may contribute significant flaws to the installed protection mechanisms. The rush to massive computerisation and networking has not given us sufficient time to develop and test workable defenses before they are needed.


Our aim and objectives should be to protect the interests and resources of society as a whole, as well as to protect many of the freedoms and rights we all desire as individual citizens. Political corruption, economic oppression, invasion of privacy and terrorism can all be conducted by computer, too.
One should strive to avoid damage to the property, livelihood, and rights of bystanders and suspect users of computers.


Our intention is for you to gain some understanding of when an outside expert may be needed, both to aid in the investigation and to protect the rights and property of the suspects and victims and further maintain a delicate balance between society's needs and individual rights.
Society cannot allow antisocial or injurious behaviour simply because it occurs in the intangible realm of "cyberspace". There is little time to waste, the highwaymen are already lurking on the Information Superhighway.


"Professor Eugene Spafford"

 

Throughout history, each technological advance has inevitably become the target of those who seek to subvert it or use it for their own purposes.

"Federal officials say Mr. Mitnick's motives have always been murky. He was recently found to have stashed thousands of credit card numbers on computers in the San Francisco Bay area - including the card numbers of some of the best-known millionaires in Silicon Valley.

But there is no evidence yet that Mr. Mitnick had attempted to use those credit card numbers.

Indeed, frequently ignoring the possibility of straightforward financial gain from the information he has stolen, Mr. Mitnick has often seemed more concerned with proving that his technical skills are better than those whose job it is to protect the computer networks he has attacked."

John Markoff

Just as each new technology opens the door to new kinds of criminal activity, each new crime requires that new safeguards be adopted and new law enforcement skills be learned.
The FBI's National Computer Crimes Squad estimates that between 85 and 97 percent of computer intrusions are not even detected. Attempts were made to attack a total of 8932 systems participating in the test, 7860 of those systems were successfully penetrated. The management of only 390 of those 7860 systems detected the attacks, and only 19 of the managers reported the attacks.
"By some estimates, one computer on the Internet is broken into every 20 seconds......"

"..Internet sites are under frequent attack by hackers from Eastern Europe....... there are also more than 20 000 aggressive, deliberately destructive hackers in the U.S.A. and the number is growing at 5% a month ....."

"The Financial Times, 15th April 1996"

Computer criminals are rarely treated with the severity meted out to more conventional types of criminals. Indeed, they are sometimes turned into heroes.

Over the past several decades, the amount of financial, military, and intelligence information, proprietary business data, and even personal communications stored on and transmitted by computers have increased beyond anyone's imaginings.

Governments, the military, and the world's economy couldn't operate without computer automation. Computers that transact this huge amount of business are linked to each other via the Internet or various military of financial networks. And all that information being stored and transmitted is vulnerable to attack. Nobody knows the true scope of computer crime, but it is informally estimated to be in the billions of dollars stolen or lost. Four out of every five computer crimes investigated by the FBI in 1993 involved unauthorised access to computers via the Internet.


TYPES OF ATTACKS:

  • Any organisation may be the target of hackers/crackers (sometimes they're in it for the intellectual challenge, and sometimes they are professionals who may do it for hire.)
  • Business may be targeted by their competitors
  • Any company may be the target of employees or ex-employees.
  • Military and intelligence computers may be targeted by espionage agents.
  • Banks and other financial organisations may be targeted by professional criminals.
  • Any organisation but especially government and utility company computers, may be the target of terrorists.

How can Computer Crime be Prevented.

  • Risk Analysis
    Identifying the threats to a system, the vulnerabilities of the system, and the measures that can be taken to protect the system. Three words come up in every risk analysis: threats, vulnerabilities and counter measures.
  • Physical Security
  • Personnel Security
  • Communications Security
  • Operations Security
  • Computer Security
The modern world and constantly changing environment, produced computers as a valuable tool, for use by the average person, business, computer specialists and technology professionals. Our specialist consultant will assist you in the planning and implementation of your own computer security set-up, relating to both hardware and software in use, by virtue of explaining the security issues, supplemented by proven techniques for protecting these assets.

The consultancy will be conducted under the following headlines, as a guideline tailored to specific client requirements:-


Services:

  • Introduction to computer security and security lingo
  • Threats to computer security e.g. viruses & password grabbers
  • Risk management and analysing thereof; (Risk assessments and risk analysis)
  • Methodology:
    * Physical computer security
    *Access control
    *Password selection
    *Security of word processors/ spreadsheets/databases
    *Restoring & backing up (backup devices)
    *Virus-elimination (anti-virus support)
  • Internet and E-mail security
  • ¨ I.T. Security Support Service
  • Securing of computer files
  • Security documentation and utilities
  • Securing Windows 95/98/2000/NT & other operating systems
  • Specialised security packages for corporate business (virus protection and encryption software)
  • Password recovery
  • Prevention methodology toward hacking
  • Compilation of Information Technology Policy & Procedure documents
  • I.T Crime Investigations
  • I.T. Integrity Training Modules
Costing of these very specialised and professional services, depends largely upon the circumstances surrounding the particular services required. Final figure(s) to be agreed upon by both parties once a proper evaluation of the situation has been undertaken.

COMMENT:

The above merely serves to enlighten the awareness of professional businesses with regard to the magnitude and spectrum of existing computer crime, nationally and internationally.

Consultants of CRS will provide businesses with a professional risk analysis, based on the most modern and recent technology, equipment and software available in order to combat this phenomena, with well planned - and executed proactive measures. New laws in South Africa are currently being investigated, to combat the increasingly real threat of computer crimes in our country. We hope that this new legislation will lead to the prosecution of these "high-tech" computer criminals and bring a new era to our scope of services. In the USA a number of federal laws protect against attacks on computers, misuse of passwords, electronic invasion of privacy, and other transgressions, e.g. Computer Fraud and Abuse Act of 1986 with it's several amendments.

NOTE: The synergy prevailing, between the investigative approach (internal/overt) and the intelligence networking (external/covert), are critical to achieve any results in a crime-fighting/pilferage/information-protection initiative.

We trust that the above summary indicates our commitment and thorough planning towards the professional execution, in a totally integrated and holistic manner, of any undertaking in the best interest of our clients.



 

 

 

 

Site design and layout byi-Ball Media Group
© Copyright 2005 - All Rights Reserved