Embed Size (px)
Citation preview
Hacking-Economic
EspionageAksana Chornenkaya, Sherin Hassan, & Meagan Moore
Explain how cyber hacking and
economic espionage has evolved over the past century
Examples of hacker groups Examples of victims of hacking and
economic espionage Acts and Regulations Prevention
Goals of Presentation
Importance to accounting students and
business professionals.
Huge threat to companies, domestic and global.
Growth of technology and reliance on information-based systems.
Importance
What is a Hacker?
“A person who finds weaknesses in a computer
system and exploits it.”
“Someone involved in the exploration of technology.”
Hacker Groups
• Warelords• Midwest Pirates Guild• 414’s• Legion of Doom• Many more…….
Until it was passed, breaking into
computer systems was not an illegal or criminal act.
Passed by Congress in 1986
Hacking IS a CRIME!!!!
Computer Fraud & Abuse Act
Operation Sundevil - 1990
Secret Services began raiding and arresting hackers
Involved in credit card theft, telephone and wire fraud
Operation Sundevil
DOS attacks
Viruses
Malware - Worms
Evolution of Hacking
Black Hat Hackers – Malicious
White Hat Hackers – Ethical hackers
Grey Hat Hackers
Types of Hackers
Misappropriation of assets Inventory theft Insider trading Credit card fraud False invoices Revenue misstatement Expense account abuse
Effects of Hacking on a Co.
Accountants must be aware of the
threats Internal auditors must develop
processes and controls to prevent hacks Must work with external auditors to
identify security controls Advances in technology increased
opportunities for fraud
Importance for Accountants
Fierce competitive pressures
Improvements in eavesdropping technology
Weakest link: Employees
Motivation for Economic Espionage
Most Publicized Cases
Toshiba vs. Lexar
Davis vs. Gillette
Reuters vs. Bloomberg
Passed in 1996
Failed to curtail the problem
Companies were reluctant to seek prosecution
Economic Espionage Act
SOX Section 404 Proactive and reactive approach Strong internal auditing
department Strong IT controls Physical access controls Employee training
Ways to Reduce Hacking and EE
Companies that implement strong
IT controls, physical access controls, nondisclosure agreements and
background checks make it harder for hackers or employees to breach
systems and acquire proprietary information.
In Conclusion
QUESTIONS?
