New Paths to Old Crimes

Your bean counters have been crunching numbers on the corporate bank account throughout the night, but they keep coming up with the same nauseating result: The account is overdrawn by $600,000 and everyone wants an explanation from you. It happened, to a meatpacking company in North Carolina.

Or maybe you’re an administrator for an online computer company who tells subscribers that their personal information is secure. The FBI disagrees. It seems that someone downloaded a “sniffer” program off the Internet and used it to steal 100,000 of your subscribers’ credit card numbers.

Those events are part of a national crime shift that has caught many politicians, business people and government officials off guard. They fight the wrong legislative battles, cut costs in the wrong areas and don’t understand the risks. That’s a recipe for disaster.

Not very long ago, for example, a skilled criminal needed weeks or months to create high-quality plates for counterfeit currency. Now, it can be done in minutes with inexpensive computer-driven scanners and high-resolution color copiers. That has helped create a new class of criminal.

Computer break-ins were once the exclusive province of the rare, techno-nerd hacker. Now, amateurs can pull ready-made hacking tools off the Internet and the instructions on how to use them. Examples include “sniffers” that quietly collect information from a computer network.

The result is a surge in old-style crimes: fake payroll checks and credit cards, bogus air travel and lottery tickets, counterfeit stock certificates and more. All it takes is one corrupt employee who sells an official company check. Or an accomplice who gets put on the payroll. Sometimes the crooks will flood businesses with fake bills, knowing that some poor sap will cut a company check and mail it to the thieves, who really aren’t interested in being paid for the fake bill. What they want is the check itself, which can be mass-produced on a personal computer system. That might have happened to the North Carolina meatpacking company.

Businesses contribute to the problem by using cheap and easily duplicated check paper that lacks safeguards such as watermarks, reactive ink or an optical security device.

Too many companies fail to see any potential risks at all. They don’t understand that a computer network does not have to be connected to the Internet to be vulnerable to computer crime, especially by insiders.

“Better security is necessary, but a lot of people just don’t think about it. Often, management still isn’t willing,” said UCLA professor Eugene Volokh, a specialist in cyberspace crime.

There is much that ought to be done. Federal law enforcement is scattered among the Secret Service, the FBI, the Treasury Department and more. Some coordination of responsibilities is in order. State and local governments also ought to better equip and train their law enforcement agencies so that fewer have to turn to the FBI for assistance.

The Treasury Department should reconsider its laggard schedule of producing only one new counterfeit-protected bill or currency denomination each year. Credit card companies could speed up consideration of computer chips that would make each card more secure.

Finally, business, often loath to report computer crimes and security breaches for fear of losing customers, must realize that this makes it impossible to get a handle on the extent of the problem. What is known is this: There has been a tenfold increase in counterfeit check fraud in recent years. Its cost may reach $2 billion annually by the year 2000.

Fortunately, there are ways to fight back. By one estimate, U.S. businesses could reduce the billions of dollars they lose each year to computer-generated fraud with the simplest of measures, such as using more secure documents and teaching employees how to spot fake checks and currency. That’s a small price to pay, now that the everyday criminals have decided to join the Information Age.