net.work

The Way Business Is Moving

net.work published by
Issue Date: November 2002

Cyber crime - the nitty-gritty explained

November 2002
Thomas Hansen: director of small and medium business, Microsoft SA

Over the past few years the business world has been forced to sit up and take notice of cyber crime. Hackers, viruses and malicous code have become increasingly active causing downtime and data loss that cost valuable time and money. Now government organisations are also starting to implement strategic measures to alleviate some of these symptoms and to crack down on cyber 'gangsters'.

Approximately 6% of all business personal computers experienced an episode of data loss in 1998 alone. This percentage is divided between hardware failure, software failure, human error, computer viruses and theft and has almost doubled in volume since then. Additionally, the ubiquity of the Internet provides great opportunity for business but it also provides both incentive and mechanism for malicious attacks. These attacks may take a number of different forms; denial of service attacks, network penetrations and 'smash-and-grab' attacks.
The Electronic Communications and Transactions Act 2002 (ECT Bill) has been developed by the South African government in a concerted effort to protect businesses and consumers against such unlawful attacks. Chapter XIII makes the first statutory provisions on cyber crime in South African jurisprudence. The Bill is introducing statutory criminal offences relating to information systems and includes; unauthorised access to data, interception of or interference with data, computer-related extortion, fraud and forgery.
Additionally the Bill makes provision for cyber inspectors who monitor Internet websites in the public domain and investigate whether cryptography service providers and authentication service providers comply with the relevant provisions. They have been granted the powers of search and seizure, subject to obtaining a warrant, and can assist the police or other investigative bodies on request.
Open with care
e-mail borne viruses have increased significantly, including the more destructive examples like NIMDA and Code Red, and without safeguards they travel extremely fast. One thing characteristic about recent attacks is that they are multidimensional, using multiple routes to enter a system. All security threats can be mitigated to some extent - some more easily than others - by a combination of good security configuration and good security practices.
Because you are exposed to the risk of being infected by a virus any time you receive and open an e-mail, get on the Internet or download and open files, here are some tips and tricks that you can use to protect your business.
Use a firewall! Firewalls act as a protective boundary between a network or individual computer and the outside world by shielding your system when you are online. Do not open attachments from people you do not know and be careful about opening attachments in general, as they can contain dangerous viruses. Even when you receive an attachment from someone you do know you should be careful opening it if you are not sure about what the file contains. Many viruses are spread through being automatically forwarded to all the contacts in a person's address book, which means that you can receive e-mail with files infected by viruses from people you know. Keep your software secure! You need to make sure that your business software remains current in terms of updates, security patches and enhancements.
While these safeguards and the additional protections offered by government agencies are strong protective measures against the threats posed by cyber gangsters, they are not infallible. Businesses should also maintain a documented internal security policy that is adhered to by all members of staff and updated on a regular basis. Security is a journey, not a destination - businesses need to stay ahead of the bad guys who are not sleeping around the corner. You cannot assume that the security solutions you implemented last year are strong enough to meet the threats that have been developed this year.
The technology industry is now developing products and solutions that reflect their awareness and understanding of this problem.
Microsoft South Africa, 011 257 0485, antonj@microsoft.com


Others who read this also read these articles

  • Who owns your IP?

    Companies and individuals who do not pay sufficient attention to the ownership of IP may find down the line that they in fact do not own their IP

    [ November 2008 ]

  • Addressing wireless challenges

    The use of multihop relaying in cellular networks is considered a key practice for increasing data transmission rates and maximising coverage in 4G wireless systems

    [ March 2008 ]

  • Is Big Brother a big bother?

    Although this Bill is a serious infringement of privacy rights, the checks and balances built into the Bill would probably pass constitutional scrutiny on the basis that the right to privacy has to be balanced with the duty of the government to protect its citizens

    [ September 2002 ]

  • Legal matters

    The objects of the Bill include giving legal certainty to electronic communications and transactions, to develop a safe, secure and effective environment for the consumer and business to conduct and rely on electronic transactions and to afford better protection to the consumer and to promote online transactions in South Africa

    [ June 2002 ]

Search Site





Subscribe

Previous Issues