aksana chornenkaya, sherin hassan, & meagan moore

Hacking-Economic

EspionageAksana Chornenkaya, Sherin Hassan, & Meagan Moore

Explain how cyber hacking and

economic espionage has evolved over the past century

Examples of hacker groups Examples of victims of hacking and

economic espionage Acts and Regulations Prevention

Goals of Presentation

Importance to accounting students and

business professionals.

Huge threat to companies, domestic and global.

Growth of technology and reliance on information-based systems.

Importance

What is a Hacker?

“A person who finds weaknesses in a computer

system and exploits it.”

“Someone involved in the exploration of technology.”

Hacker Groups

• Warelords• Midwest Pirates Guild• 414’s• Legion of Doom• Many more…….

Until it was passed, breaking into

computer systems was not an illegal or criminal act.

Passed by Congress in 1986

Hacking IS a CRIME!!!!

Computer Fraud & Abuse Act

Operation Sundevil - 1990

Secret Services began raiding and arresting hackers

Involved in credit card theft, telephone and wire fraud

Operation Sundevil

DOS attacks

Viruses

Malware - Worms

Evolution of Hacking

Black Hat Hackers – Malicious

White Hat Hackers – Ethical hackers

Grey Hat Hackers

Types of Hackers

Misappropriation of assets Inventory theft Insider trading Credit card fraud False invoices Revenue misstatement Expense account abuse

Effects of Hacking on a Co.

Accountants must be aware of the

threats Internal auditors must develop

processes and controls to prevent hacks Must work with external auditors to

identify security controls Advances in technology increased

opportunities for fraud

Importance for Accountants

Fierce competitive pressures

Improvements in eavesdropping technology

Weakest link: Employees

Motivation for Economic Espionage

Most Publicized Cases

Toshiba vs. Lexar

Davis vs. Gillette

Reuters vs. Bloomberg

Passed in 1996

Failed to curtail the problem

Companies were reluctant to seek prosecution

Economic Espionage Act

SOX Section 404 Proactive and reactive approach Strong internal auditing

department Strong IT controls Physical access controls Employee training

Ways to Reduce Hacking and EE

Companies that implement strong

IT controls, physical access controls, nondisclosure agreements and

background checks make it harder for hackers or employees to breach

systems and acquire proprietary information.

In Conclusion

QUESTIONS?