and able to spend the money to do it. It can cost at least $50 million for a bank to secure a website. Every day, ten thousand new websites are added, 94 percent of which are not secure. Despite this, most of us fail to acknowledge the fact that the computer is like a weapon. For the purposes of robbing someone, it's the same as a gun. The only difference is semantics. With a gun, it's called armed robbery. With a computer, it's called white-collar crime.
THEY SHOULD FRISK FOR A MOUSE
Computers have become such a potent weapon that in 1999, the U.S. Parole Commission made some telling changes in its rules. High-risk parolees can now be restricted from using computers and the Internet without written approval. In other words, don't just keep guns out of the hands of repeat offenders; keep these guys away from the computers.
And for good reason. In 1994, Vladimir Levin, a thirty-year-old Russian payroll programmer with thick glasses, used a rather primitive computer to steal $10 million from Citicorp's wealthier customers. With the help of some confederates, he managed to transfer the money into accounts with phony names scattered among obscure banks in the Middle East, Europe, and elsewhere. Then accomplices would go in and withdraw the sums. A stool pigeon ultimately turned him in, or he might never have been caught. He was arrested when he left Russia to go to London for a computer exhibition. Levin was generally considered to be the first online bank robber, and his theft was the largest computer crime on record.
As Levin's crime illustrates, a big difference with electronic fraud is the quantities involved. With regular fraud, the amounts are often fairly small and only add up over time. With electronic fraud, we're often talking about losses of millions of dollars in each caper. The FBI says that total losses from computer-related crime exceeded $250 million in 2000, double what they were in 1999, and since so much of it is under-reported, it could be in the billions.
Unfortunately, law enforcement has not kept pace in its training of agents in how to combat computer crime. One recent study of cybercrime found that only a tiny amount of the federal government's law enforcement budget is spent on computer-crime training and staffing. Many police officers don't even have e-mail.
Incidentally, outright theft of computers - the actual machines themselves - is itself a big problem. Security experts say computer theft is now second only to auto theft, and it's much easier getting your car back than your computer.
HACKERS AND CRACKERS
If you have any doubt about the seriousness of electronic theft, think about this: six out of ten American companies and government agencies have been hacked so far, including the FBI, the CIA, the Secret Service, and the White House.
A twenty-year-old computer hacker confessed to breaking into two computers of the National Aeronautics and Space Administration (NASA) that were normally used to design satellites and for e-mail and internal functions. The hacker installed a program onto the computers that allowed him to host a chat room. On his chat room, he advised people to visit a particular pornographic website, and he earned eighteen cents for each visit someone made to it. Before long, he was making three hundred dollars to four hundred dollars a week.
A sixteen-year-old Miami boy broke into computers of the Defense Department and NASA, downloaded software, intercepted messages, stole data, and caused some of the computers to be shut down for three weeks. He repeatedly penetrated computers that monitor threats to the United States from nuclear, biological, and chemical weapons, as well as traditional arms. Too bad they didn't monitor attacks from sixteen-year-old hackers. Fortunately, the government said none of the affected computers was related to the command and control system, so the kid wasn't on the brink of launching a rocket or knocking a satellite out of orbit, but I hear these things and have to wonder, what's next?
A few years ago, a band of German hackers wrote their own Microsoft ActiveX control. The control designed by the Germans made a slight adjustment in the popular personal-finance program Quicken. Whenever the user paid a bill online using Quicken, he would also make a small contribution to the account of the hackers. Stealing money a small slice at a time like this is known as a "salami" attack, and a computer can make a lot of salami.
There's so much invasion of computers that distinct subcultures have emerged. The term "hacker"