From: "Lynne L. Harrison" <lharrison@mhv.net>
Date: Tue, 11 Feb 1997 22:21:17 -0800 (PST)
To: cypherpunks@toad.com
Subject: Computer break-ins
Message-ID: <199702120621.WAA07619@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

To: cypherpunks@toad.com
Date: Tue Feb 11 22:14:30 1997

      U.S. Experts: Computer Break-Ins Go Unreported    U.S. Experts: 
Computer Break-Ins Go Unreported February 11, 1997, 4:19 PM EST

 WASHINGTON (Reuter) - Security experts said on Tuesday hackers are 
finding it easier to break into computer networks and steal money, 
partly because companies are reluctant to admit that they are 
vulnerable.

 ``If I want to steal money a computer is a much better tool than a 
handgun,'' Daniel Geer, Director of Engineering for Open Market, Inc., 
told a House of Representatives technology subcommittee hearing on 
computer security.

 ``The only way they get caught is if they cross some threshold,'' he 
said. ``They start out stealing $1,000 a day and figure they can get 
away with $2,000 a day and then they get greedy and hit some figure 
which sets off alarm bells.''

 A panel of experts assembled by the subcommittee said many companies 
refuse to report breaches in their security because of they want to 
avoid negative publicity and embarassment.

 ``Most computer crimes are not reported,'' Eugene Spafford of Purdue 
University told the panel. He estimated losses run into ``hundreds of 
millions of dollars'' but said no one really knows since so much goes 
unreported.

 Daniel Farmer, a security consultant, said penetrating a computer 
system was relatively easy. ``Just using simple tests, I could break 
into two-thirds of the systems I tried,'' he said, adding that he could 
easily raise that figure to three-quarters if he wanted.

 Farmer said that during his tests he even discovered a problem with 
the White House World Wide Web site and told the system manager about 
it, but never received a reply.

 ``Defensive programs have been overtaken by offensive programs'' 
developed by hackers, he said.

 Spafford said law enforcement had not been able to keep up with 
advances made by hackers who are able essentially to take over entire 
networks and run them by remote control.

 In addition to banks and corporations, the experts said, government 
secrets can be stolen and threaten national security. They cited recent 
computer network tampering at the Justice Department and the CIA.

 A General Accounting Office study found that there were 250,000 
``hits'' aimed at the Defense Department's computer networks last year 
and 65 percent were successful.

 =A9 Reuters Ltd. All rights reserved. 


     
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMwE1lz5A4+Z4Wnt9AQHlrAQAi4X7MTb8CbWTaQZfdLIfwzkMkzT1g/gi
QPcdaPedbgG6tU8SBS5trqyXu5JvwaVomEUpW+qrKT0JzD8a1Lyf23dgK5qLM+/+
fDWz08KaxsW3uymTRNBZo2gl/ZwpdU7DeQoReOkAqQyBXPWeoBRwYbyGu1pDlHBB
yK3hRY2MrEk=
=Ht0R
-----END PGP SIGNATURE-----

--j0geb1id6lkzfrn2of7klxdtm3pg8j--