Page 59 - index
P. 59
Plans for a break-in to minimize the damage should be developed and tested. Backup tapes
should be compared to current data and the changes should be reviewed.
This helps minimize the spiteful or revenge-driven developer who may plant a virus time bomb
or “booby-trap”, programs that run on computers and destroy evidence if someone other than
the criminal uses it.
Periodic security audits should be conducted by an outsider to review the overall security and
readiness of the computer environment. This should include the organizations policies and
procedures, disaster and business continuity plans and ascertaining that user accounts only
have access to systems needed.
Law Enforcement Challenges
Sophisticated computer criminals are aware of the low risk of being caught and prosecuted; this
low risk threat further exploits the insider vulnerability.
It is usually difficult to link criminals to the online crimes they commit. The process of doing this
is like tracking a frequent flyer from his point of destination and only knowing his city of arrival.
There are many stops along the way. The same is true with users on the Internet; there is a
maze of servers and connections that route to a destination.
Privacy laws, obtaining Internet Service Provider (ISP) records and hosting company records of
the suspect require a subpoena and often a notice is sent to the suspect. Law enforcement
officials in their search and investigation of the organization’s records may find sensitive and
confidential records that can be made publicly known. This can cause an organization
embarrassment and bad publicity. Assuming that the organization continues this pursuit, it can
take weeks to get subpoenas issued, therefore, causing much of the saved data from ISP’s and
hosting companies to have been erased. The incident becomes significantly more complicated if
the crime is committed in a foreign country. International laws will need to be considered; rogue
nations may not enforce any laws.
Summary
Despite the “doom and gloom” of the insider vulnerability, a hopeful future lies ahead if the
necessary precautions are taken. Lawmakers are also aiding in the process. Recent legislation
mandates that organizations keep their computer environments secure.
The Health Insurance and Portability Accountability Act (HIPAA) sets standards that require
healthcare providers to protect the confidentiality of customer records. The Gramm-Leach-Bliley
Act (GLBA) requires the same from customers in the financial sector.
59 Cyber Warnings E-Magazine – July 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
