-----BEGIN PGP SIGNED MESSAGE----- Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable To: cypherpunks@toad.com Date: Tue Feb 11 22:14:30 1997 U.S. Experts: Computer Break-Ins Go Unreported U.S. Experts: Computer Break-Ins Go Unreported February 11, 1997, 4:19 PM EST WASHINGTON (Reuter) - Security experts said on Tuesday hackers are finding it easier to break into computer networks and steal money, partly because companies are reluctant to admit that they are vulnerable. ``If I want to steal money a computer is a much better tool than a handgun,'' Daniel Geer, Director of Engineering for Open Market, Inc., told a House of Representatives technology subcommittee hearing on computer security. ``The only way they get caught is if they cross some threshold,'' he said. ``They start out stealing $1,000 a day and figure they can get away with $2,000 a day and then they get greedy and hit some figure which sets off alarm bells.'' A panel of experts assembled by the subcommittee said many companies refuse to report breaches in their security because of they want to avoid negative publicity and embarassment. ``Most computer crimes are not reported,'' Eugene Spafford of Purdue University told the panel. He estimated losses run into ``hundreds of millions of dollars'' but said no one really knows since so much goes unreported. Daniel Farmer, a security consultant, said penetrating a computer system was relatively easy. ``Just using simple tests, I could break into two-thirds of the systems I tried,'' he said, adding that he could easily raise that figure to three-quarters if he wanted. Farmer said that during his tests he even discovered a problem with the White House World Wide Web site and told the system manager about it, but never received a reply. ``Defensive programs have been overtaken by offensive programs'' developed by hackers, he said. Spafford said law enforcement had not been able to keep up with advances made by hackers who are able essentially to take over entire networks and run them by remote control. In addition to banks and corporations, the experts said, government secrets can be stolen and threaten national security. They cited recent computer network tampering at the Justice Department and the CIA. A General Accounting Office study found that there were 250,000 ``hits'' aimed at the Defense Department's computer networks last year and 65 percent were successful. =A9 Reuters Ltd. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMwE1lz5A4+Z4Wnt9AQHlrAQAi4X7MTb8CbWTaQZfdLIfwzkMkzT1g/gi QPcdaPedbgG6tU8SBS5trqyXu5JvwaVomEUpW+qrKT0JzD8a1Lyf23dgK5qLM+/+ fDWz08KaxsW3uymTRNBZo2gl/ZwpdU7DeQoReOkAqQyBXPWeoBRwYbyGu1pDlHBB yK3hRY2MrEk= =Ht0R -----END PGP SIGNATURE-----