A new wave of crime, buoyed by the proliferation of advanced technologies, can only be addressed with the support of IT shops which are being invited to participate in Federal Government initiatives to stem the tide.
To tackle Australia's annual $3.5 billion electronic crime bill, the Australian Institute of Criminology (AIC) is conducting a series of workshops for IT managers to improve private sector education.
While industry analyst Gartner estimates B2B electronic commerce will top $US6 trillion by 2004, AIC director Dr Adam Graycar said no one wants to pull the plug on electronic commerce but the challenge lies in designing smarter, more secure systems.
He said e-crime targets are those companies with an inadequate system of communication within the organisation, a lack of transparency to outside observers, the absence of financial control systems, where the board of directors is handpicked by the CEO, poor leadership, inflated financial targets and unrealistic incentive structures.
However, Graycar said there are technologies to prevent corporate fraud that involve a range of hardware security measures, the use of access controls such as smartcard tokens, protection of computer cables from interception when digital signatures and encrypted data transmissions take place and fraud detection software. He said a "culture of compliance" needs to be reinforced.
Speaking to the Australian Institute of Management, Graycar said the process begins with an ethical business culture and effective corporate governance as some companies don't report fraud because, "they do not wish to draw undue attention to their own illegal activities".
These views were supported by a survey released this week by electronic payment provider eFunds International, which shows that while identity theft is growing, few in the private sector are taking it seriously.
The company's Asia-Pacific region managing director Ray Whiteside said sophisticated computer software and scanners has made it easy for criminals to obtain personal information to open bank accounts and undertake fraudulent transactions.
While IT professionals in financial services have a high level of awareness Whiteside said this does not occur elsewhere.
"IT professionals need a level of awareness and understanding to protect their own organisations," he added.
The need to bite the bullet
Examples from the Australian Institute of Criminology (AIC) show why Australian organisations need to bite the bullet.
- In a case reported to the Australian Federal Police in 2001 hackers gained access to computer switchboards of 12 of Australia's largest corporations and incurred $12 million worth of untraceable phone calls.
- Most of the large scale electronic funds transfer frauds involves the interception or alteration of electronic data messages transmitted from the computers of financial institutions. In many cases offenders have worked within financial institutions themselves and been privy to the operation of the security systems in question.
- A Melbourne man was able to use false identities -- opening accounts, obtaining drivers licences -- to establish companies, set up payrolls and get tax returns. The offender made half a million dollars in a short space of time.
- Advertisements on the Internet promoting the availability of bank accounts based on false identities to perpetrate fraud.