recommended reading

Cybercrime Wave

The backbone of the global economy is exposed.

A few months ago, I returned from a trip overseas to find a startling e-mail from my credit card company in my inbox. It wanted to confirm that I had called recently to obtain a PIN, which would allow me to withdraw cash advances, and that I had put a new password on my account.

I called the company and assured the operator at the security center that I had been out of the country, without access to a phone. As it turned out, someone had called in with my password - how he found it, I still don't know - which gave him full access to my account. During the course of a few days, the thief made about $900 in purchases and cash advances. The bank promised to cover the charges, as well as the cost of a credit fraud protection service.

About a week later, a package arrived in the mail from Kaspersky Lab, a computer security software maker. It contained a CD of its Internet security program, a package of antivirus software and other tools meant to keep people from remotely snooping through my computer and removing information, such as my credit card account numbers. Later, I examined my credit card statement and saw that one of the fraudulent purchases was to Kaspersky. Whoever stole my account information, it now seemed, might have obtained it from my computer and wanted to send a message:

You really ought to be more careful.

I told this story to several security professionals, particularly those knowledgeable about online fraud and identity theft. The tale struck them as all too familiar.

The rate of online crime is increasing at a frightening pace, by a number of measures. Criminals are targeting their attacks more often at individuals, stealing their identities or "hijacking" their accounts, which is what happened to me. And it's not only credit cards. Cyber thieves are siphoning money out of individual checking accounts and moving the money overseas.

Due to the pernicious nature of the threat, cybercrime will be an issue of national and economic security for the new administration. That's the growing consensus of intelligence and security officials in government, experts in the private sector, and, undoubtedly, the perpetrators of these crimes who enrich themselves in a vast underground economy.

The Bush administration has launched an ambitious cybersecurity initiative to shore up the defenses of government networks. But officials in charge of this plan are more concerned about the online threat to banks and individual consumers, and the potential for cybercrime to destabilize the global economy, which runs on information networks. Intelligence officials are so concerned about the security of financial data that they say a hacker, terrorist or a foreign government could undermine the U.S. economy by electronically altering the price of stocks or falsifying - maybe even erasing - troves of financial information.

The global financial crisis has revealed the inherent fragility of interconnected markets. At a time of extraordinary instability, the backbone of the world's economy cannot remain exposed. The new administration has little choice but to view cybersecurity as an essential pillar of economic security.

Shane Harris, a staff correspondent for National Journal, wrote about intelligence and technology at Government Executive for five years.

Threatwatch Alert

Network intrusion / Stolen credentials

85M User Accounts Compromised from Video-sharing Site Dailymotion

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.