Imagine you’re the finance director of a quoted financial services company. You receive an anonymous invitation to a ‘Party of a Lifetime’ in the form of a USB memory stick. Hopeful of some welcome distraction, you plug it into your office computer. But unbeknown to you, the stick has been sent by a criminal gang seeking a way into your company’s IT system. The stick searches your directories, sends private files to the gang, inserts a ‘keylogger program’ which records your keystrokes and passwords, and sets up a way for the gang to attack your network. Farfetched? No, it isn’t.
Earlier this year 500 UK finance directors received memory sticks in this way and 47 per cent of them ran the application contained in it. Fortunately for them, the sticks had been sent by IT Security group NCC as part of a security awareness campaign. According to NCC, a hacker could have gained access to the directors’ email systems and personal details, and to unreleased trading statements which could have been used as a basis for insider share dealing.
Online crime has become a multi-billion-pound business. It isn’t just companies who have something to fear: anyone with an internet connection is vulnerable to identity theft and financial loss in our interconnected world. Spend an hour with a computer security professional and you may want to resort to pen and ink for all future communication. ‘The size of the footprint you leave online is growing ever larger. It’s incredibly easy to find out who works at a company, what they do, whom they’re connected to on MySpace. A hacker can use this knowledge to many evil ends,’ says Information Risk Management’s Chief Technology Officer Phil Huggins.
Huggins says the world of computer security has been transformed from geeky teenagers playing War Games to a global industry run by organised gangs.
Already a subscriber? Log in
Comments
Don't miss out
Join the conversation with other Spectator readers. Subscribe to leave a comment.
UNLOCK ACCESSAlready a subscriber? Log in