Archive for November, 2009
Hackers: Barbarians at Your Corporate Gate
The risk of hackers penetrating your company’s database and exposing your commercial secrets – if not some dirty linen as well – was brought home recently when the internal musings of Britain’s leading climate science research centre were laid bare. Thousands of private emails between top climate change scientists were made public, revealing the bitter disagreements over the cause of this contentious phenomenon. It’s like a paper trail from hell. Whether or not your company is involved in a controversial industry, make sure that hackers don’t plant malware in your system that allows them to monitor what you’re doing until they feel the time is right for a massive exposé. Computer forensics and a host of other state-of-the-art technology can save you from such an ignominious fate.
The climactic downpour in the UK, which included some 2,000 emails and 3,000 related documents, first appeared online on November 20, courtesy of an anonymous Russian server. While there’s nothing surprising about that, there is in the degree of spite that some of the communications display. One top man at the Climate Research Unit, based at the University of East Anglia, wrote in 2004 that he was “cheered” by the news that a prominent climate change sceptic in Australia had suddenly died of a heart attack. Another says he would like to meet his adversaries in a dark alley one night. Other experts refer to their colleagues in highly unflattering terms.
Scientists who support the theory of man-made climate change are lined up against their heretical opponents, each side armed to the teeth and ready to fight the War of Roses all over again. One rues the fact that his team can’t account for the lack of warming at the moment, which he sees as a travesty. He cites data published only a few months ago that shows that there should be even more warming. The data must surely be wrong, he suggests. The sceptics hurl missiles back, claiming that the emails are evidence of a conspiracy to bully into submission those who challenge the man-made hypothesis. With Copenhagen just around the corner, something is clearly rotten in the State of Denmark.
Guarding Your Company’s Customer Records
Mid-November brought an embarrassing admission from a mobile phone company in the UK. T-Mobile had to inform Commissioner Christopher Graham, Britain’s watchdog responsible for safeguarding personal information that staff had passed on millions of records from thousands of customers to third party brokers. Graham, whose office is currently preparing a case for prosecution, said the data breach was the biggest of its kind. A T-Mobile spokesman admitted that the data was sold “without our knowledge”. If you want to ensure that this doesn’t happen to your firm, consider calling in a team of experienced professionals straightaway. They are skilled in using sophisticated methods of investigation – like computer forensics and transactional analysis – to identify and reinforce the weakest links in your operational chain.
The Commissioner has explained how the brokers involved sold the data on to other phone companies, which in turn cold-called the customers as their contracts neared their expiry date. He also said that the case highlighted why there should be a prison sentence to dissuade people from trafficking in private data in this way. Britain’s Minister for Justice supported him, recommending custodial sentences to prevent the illegal trade in data. Graham believes that the existing “paltry fines” – £5,000 following a successful prosecution – are simply insufficient to deter people from engaging in this lucrative criminal activity.
Moreover, he said that data theft wasn’t just about mobile phone companies. It’s also about blagging information from databases to use to “put the frighteners on witnesses, attempt to knobble juries, pursue ‘nasty neighbour’ disputes, interfere in family courts, and in difficult divorce settlements. Personal data has value and there are people out there exploiting it.” The Conservative Party in Britain wants to go even further. It’s calling for the Commissioner’s authority to be beefed up, with him being provided with “a full set of punitive strings to his bow, including the power to fine organisations.”
Ten Ways to Protect Against Payroll Fraud
Australia’s Daily Telegraph ran a useful report in mid-November on payroll fraud, a form of financial crime that is often particularly difficult to detect. One victim, a whitegoods and electrical retailer, managed to retrieve the $A20 million stolen by its payroll officer, but most companies never see their money again. And the crooks involved don’t always gamble the proceeds away. In this case, the officer invested the money in property. If you want to avoid being targeted by a clever operator it pays to bring in a team of experienced professionals who use state-of-the-art technology, like computer forensics, to help you secure your system.
An Australian expert has stated that while cases of payroll fraud have increased in the past year, it is impossible to be sure what is happening. Estimates indicate that around 90 per cent of cases go undetected. That should set alarm bells ringing.
Clearly, top priority is to choose the right person for the job in the first place, which means careful screening and checking of references and background. Interestingly, the majority of those caught for payroll fraud have no criminal history as such. But they may have committed similar acts in the past, then been encouraged by their employer to quietly move on – without prosecution. Whether money is paid back or not, many companies avoid embarrassment by not reporting fraud to police. This merely passes the problem on to other employers.
The Contagion of Fraud: Best Nipped in the Bud
Only a few months ago, mention of the name Bernard Madoff brought to mind America’s biggest-ever Ponzi scheme. The sheer scale of the financial fraud involved and the audacity with which it was carried out dazzled most people. Fast forward to now and Madoff as an individual has largely faded from sight. Instead, it’s the ramifications of what he did that keep throwing up his name. The latest is the revelation that the former head of Optimal, the Geneva-based hedge fund investment wing of Satander, the Spanish bank, has been charged with criminal mismanagement of client funds placed with Madoff’s operation. The charge carries a maximum sentence of five years jail under the Swiss penal code.
The Spaniard concerned is one of the most senior wealth managers known to be confronting criminal charges as a result of the Madoff scandal. Central to the case against him, as well as to accusations against Satander, is that investors were misled by false claims that adequate due diligence had been conducted on Madoff’s activities. As one legal observer notes, the court investigation will have to establish why people were closing their eyes and not asking enough questions.
The problem is, that’s what people do when things seem to be going smoothly and everyone’s happy with their return. The only solution is to have systems in place that set bells ringing that simply can’t be ignored. It’s dangerous to wait until suspicions are aroused, or intensify to the degree that action is imperative. Rather, it pays to bring in a team of professionals that can apply sophisticated methods of computer forensics and financial analysis to give you the early-warning system you can’t afford to be without. The technology involved and its reach will surprise you.
Duel of the Designers: New Industrial Espionage War Zone
Economic and commercial espionage has a much lower profile than it deserves – dangerously low. It’s an area where many companies remain unaware of their vulnerability, believing that unless they’ve invented something like a cure for the common cold, no one is likely to be interested in what they’re doing. That’s definitely not the case, for it’s often just a missing link in a chain that a competitor is after. But despite the seriousness of the matter this arena does sometimes produce the oddest of perversities. Here’s a story that takes a lot of beating, even if it doesn’t involve a commercial James Bond having a flat tyre at a crucial moment.
One of China’s major car companies, Great Wall, which is Hong Kong listed and also one of the biggest non-state motor manufacturers, has accused Fiat of secretly photographing its production line and stealing information on its new models. Perhaps there’s nothing unusual about that, but for the fact the Chinese argue that Fiat engaged in this perfidious activity while gathering evidence for its own claim that Great Wall had copied one of the Italian company’s models. This is where things get sticky, as well as perverse.
Fiat has a compact car called Panda, and an Italian court handed down a finding in 2008 that a similar vehicle called the Peri that is produced by Great Wall was in fact an imitation of the Italian model. As a result, sales of the Peri have been halted in Europe. The Chinese are currently in litigation to have that decision overturned. Meanwhile, they claim that while Fiat was gathering evidence on the Panda case, it secretly engaged in industrial espionage at one of Great Wall’s production facilities. The Chinese are now suing Fiat and they’re citing as evidence the very evidence that Fiat itself has presented to a Chinese court to prove that it was Great Wall that did the dirty deed in the first place. Now that’s the sort of convolution that gives convolution a bad name.
The Cyberspace Explosion: Five Tips for Survival
The new digital world of easy communications and social networking is so surprisingly open that many no longer see the problem as one of Big Brother watching us. It’s more a matter of us being obsessed with watching each other. And sharing, too. As The New York Times put it in September, “Your parents probably told you that sharing was simply the right thing to do. But on the Web, inducing people to share links has become big business, all about driving traffic back to a site and increasing revenue.”1 This is music to the ears of cyber-crooks and hackers.
The notion of being open and passing everything on is bolstered by stories like the following, which suggest that because everyone’s participating in one way or another, we can easily sit back and enjoy the freedoms that come with this ‘global electronic community’.
Until recently, the wife of the new head of the British Secret Intelligence Service – the country’s external spy agency, commonly known as MI6 – had a Facebook page. It had no privacy protection so details of the family’s London home, daily transport arrangements, vacations and friendships with other senior British officials were freely available to some 200 million users around the globe. The page was speedily removed when its contents were published in the media, raising more than a few eyebrows in the intelligence world in London and beyond. You see, Sir John Sawers, who was Britain’s ambassador to the United Nations when his appointment was announced in mid-2009, was once an MI6 officer himself and should have been aware of the implications of his family’s networking profile well before his new job was broached. After all, he had worked in places like Yemen, Syria, Egypt and Iraq, and also been closely involved at the policy level with Iran, Iraq and Afghanistan.
McKinsey Partner’s Arrest Spotlights White-Collar Crime
The elite US consulting firm of McKinsey & Company, long known for its prudence and caution, must have been low on anybody’s suspect list of those likely to be involved in financial crime. Even the suspect himself was shocked when federal officers arrived at his California home recently to arrest him on charges of conspiracy and securities fraud. As The Financial Times reported on October 22, Anil Kumar fainted and had to be briefly hospitalised. Court documents reveal that he has been accused of passing inside information to Raj Rajaratnam, head of the Galleon Group, arrested in New York last week on insider trading charges.
Shocks like this come out of a clear blue sky. As McKinsey’s worldwide managing director, Dominic Barton, has said, “This issue is completely virgin territory for us. We have very clear policies that you do not invest in clients or situations even where it is legal.”
There are, however, protective measures that firms can take. Experienced professional teams of experts exist that can apply sophisticated investigatory methods and state-of-the-art technology to warn top management of possible fraud. Tell-tale signs are often buried in patterns of contact and in other areas where no one else would think to look. Expert financial analysis, coupled with computer forensic work, for example, can usually provide you with a running image of what’s actually going on inside your company, much as infra-red night-vision goggles allow you to “see in the dark”. Without any support of this nature, you’re basically flying blind. Far better to be pro-active and not sorry.
