Sarbanes Oxley Compliance Journal

Jacques Martin

Subscribe to Jacques Martin: eMailAlertsEmail Alerts
Get Jacques Martin: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Security, Firewalls, and Keeping the Door Locked

Ashcroft "Identity Theft Carries Heavy Price and Enormous Cost to America's Businesses"

As the world becomes progressively more comfortable with e-business as a business model for the 21st Century, criminals are also gaining a level of comfort in stealing information at a progressively alarming rate. Information theft is a global problem that will continue to grow as criminals become more adept at using technology as a tool to a achieve their goals.

To get a flavor for how widespread this problem could become, you only need to remember that most users have been using the same password for years on many systems.

Also, there is no way to control who an employee may knowingly or unknowingly share critical security information with. Last, the entire crime is virtual - the criminals can be located anywhere in the world, strike without warning at anytime, and disappear back to wherever they came from.

You only need to look at what the U.S. Secret Service has been up to with domestic and foreign law enforcement officials, the U.S. Department of Justice, and investigators from the financial services industry. Recently they have announced the arrests of 28 individuals. The suspects were located across eight states and six foreign countries and were involved in an organized global cybercrime network. Charges against the suspects include identity theft, computer fraud, credit card fraud, and conspiracy.

The following excerpt is from a recent announcement of a successful investigation. "Led by the Secret Service Newark Field Office, investigators from nearly thirty domestic and foreign Secret Service offices and their global law enforcement counterparts have prevented potentially hundreds of millions of dollars in loss to the financial and hi-tech communities" said Secret Service Director W. Ralph Basham. "Information is the world's new currency," he continued. "These suspects targeted the personal and financial information of ordinary citizens as well as the confidential and proprietary information of companies engaged in e-commerce."

 "Identity theft carries a heavy price, both in the damage to individuals whose identities are stolen and the enormous cost to America's businesses," said Attorney General John Ashcroft.

Working in cooperation with the U.S. Attorney's Office for the District of New Jersey, the Computer Crime and Intellectual Property section of the Criminal Division of the Department of Justice, and other U.S. Attorneys' offices and law enforcement agencies, the indictment is a result of a year-long investigation.

Operation Firewall began in July 2003 as an investigation into access device fraud. The case evolved into a highly technical, transnational investigation involving global credit card fraud and identity theft over the internet. The criminal organizations operated Web sites used to traffic counterfeit credit cards and false identification information and documents. These groups are highly organized international criminal enterprises that use Web sites to promote and facilitate a wide variety of criminal activities including electronic theft of personal identifying information, credit card and debit card fraud, and the production and sale of false identification documents.

After initial contact via the Internet, the suspects exchanged stolen information and counterfeit documents such as credit cards, driver's licenses, domestic and foreign passports, and birth certificates. Beginning in early 2004, data obtained through court authorized intercepts revealed The assistance of international law enforcement - particularly the United Kingdom's National Hi-Tech Crimes Unit, the Vancouver Police Department's Financial Crimes section, the Royal Canadian Mounted Police, and Europol - has been and will continue to be critical to the success of Operation Firewall. In addition, specific support was provided by Secretary General Boiko Borisov of Bulgaria, as well as police agencies in Belarus, Poland, Sweden, the Netherlands, Ukraine, and the U.S. Department of State.

Here is what is important - it took hundreds of people from over a dozen U.S. Government agencies and who knows how many foreign government agencies over a year to catch 28 people. As criminals become more adept at e-business, they will quickly overwhelm all of the available law enforcement resources and you and I will be on our own. Just as in the material world, you will have to make sure you lock your own door.

See Sarbanes-Oxley Compliance Journal

More Stories By Jacques Martin

Jack Martin, editor-in-chief of WebSphere Journal, is cofounder and CEO of Simplex Knowledge Company (publisher of Sarbanes-Oxley Compliance Journal, an Internet software boutique specializing in WebSphere development. Simplex developed the first remote video transmission system designed specifically for childcare centers, which received worldwide media attention, and the world's first diagnostic quality ultrasound broadcast system. Jack is co-author of Understanding WebSphere, from Prentice Hall.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.