Bugs Bite ... And Hackers Still Might - Even After Y2K

NEW YORK, NY - January 3, 1999 - So, did your computers function after January 1^st? For most firms, Y2K hysteria turned out to be much ado about nothing. But, a recent survey reveals severe corporate financial loss due to computer theft of corporate proprietary information. Reported financial losses of over $42 million in 1999 showed an increase of over 100% of the 1997 figure ($20 million).

"Computer crime is much more complex than bugs and viruses," states Michael G. Kessler, president and CEO of Michael G. Kessler & Associates, Ltd., one of the world's leading investigative consulting firms. "Y2K enlightened business owners to pitfalls in their systems, but there must also be heightened awareness of the growing number and variety of computer security breaches that can weaken a company's balance sheet. "As CEO, if your New Year's resolution is to exercise," says Kessler, "also resolve to exercise accelerated computer awareness and take those investigative measures now."

Kessler states that his experts in corporate cybercrime detection and computer forensics have examined recent cases from his firm and can advise authoritatively that, "It doesn't take a new Millennium for corporate computer piracy to occur."

Kessler concurs. "There's no such thing as a hacker's holiday. Internet invasions increase with growing computer and Internet popularity. Code can be cracked; systems will be sabotaged. Hacking is a reality, and CEOs who have turned a deaf ear to its existence will be shocked when it happens to their allegedly-failsafe network."

"Y2K behind them, corporations shouldn't be lulled into a false sense of security," says Kessler. "Problems could just as easily occur on January 30th as January 1^st. More than 30,000 threats had been received the FBI and others prior to the new year.

"This trouble knows no time," states Kessler. "Hackers are characteristically young and broke, and have lots of time to devote to their "work." They're also smart enough not to attack when companies are anticipating intrusion."

"January 1^st has passed, but the danger hasn't," says Kessler. "Businesses should brace for outbreaks of sophisticated viruses and hackings from outside and in." Kessler's comments reflect growing concerns about "inside" hacking (perhaps a disgruntled employee). According to a recent Kessler research, disgruntled employees account for 35% of corporate computer intrusions. Independent hackers follow (28%) and other attacks come from US corporations (18%), foreign corporations (11%) and foreign governments (8%).

Law enforcement has special branches to catch criminal hackers, but some claim that governmental movement is too slow to meet the pace of change so rapid. "When we are contacted to investigate a problem, the response is immediate because it must be," stresses Kessler. "Once a breach in computer security has occurred, our research historically reveals much more; a "sub-plot" that can alert corporations to the real root of some serious trouble."

Discretion is also a major consideration. "These are extremely sensitive matters," states Kessler. "A tarnished reputation is virtually impossible to repair." Many companies, especially financial, will not report criminal computer activity for fear of negative publicity. For every break-ins reported, 400 are not. "Corporations should avail themselves of services such as computer forensics and Internet monitoring to help prevent intrusions into their intellectual property while still affording them privacy."

"Don't let that Y2K guard down. Awareness is everything," concludes Kessler. "Companies wait too long to investigate. Find out. Correct it while you still can. What you don't know can hurt your company - badly."