OUR PREMIUM CONTENT

The Kiplinger Tax Letter
The Kiplinger Agriculture Letter
The Kiplinger California Letter
Kiplinger's Biofuels Market Alert
Kiplinger's Retirement Report

SUBSCRIBER HELP

 

 

 

CURRENT LETTER

 

By Knight Kiplinger

The Kiplinger Washington Editors

July 2, 2009

 

Overhauling
Financial Regs

By year-end or so, Congress will give the nod to a major rewriting of the nation's financial regulatory system. This week’s Kiplinger Letter explores whether the package will do more harm than good and what lawmakers are likely to include.

 

ALSO IN THIS ISSUE: The Economy, Business Costs, Taxes, Supreme Court, Energy, Workplace Regulations, Climate Change, Health Care Legislation and Foreign Policy

PREVIOUS ISSUES

 

CORRECTIONS

TRY THE LETTER:
Subscribe | See Sample

 

YOUR FEEDBACK

SUBSCRIBERLOG: Got a topic you'd like to discuss? Or a problem or question? Please join our exclusive forum for Letter subscribers only.

read more

 

ASK US: A Kiplinger Letter editor will promptly answer subscriber questions.

 

 

OPEN FORUM: Share your insights and analysis with other visitors.

 

I just attended a franchise seminar. The speaker represents a few hundred franchises that (he says) are hand picked. He has the prospect (aka victim?) answer some questions about themselves then he makes recomendations - based on your personality, capital situation, etc.. If you pick a franchise, then he does some due dilligence for you. If you both decide it's a good idea, he helps you get started. He says he offers this service free of charge, which means he gets a commission if he's able to sell you a franchise. Has anyone done this? Successfully? Unsuccessfully?

-- fender

Read More

 

Cybercrooks are moving into industrial espionage in a big way, hunting for intellectual property and other sensitive information. Once they have the material in hand, they can either use it to gain a competitive advantage for their own company -- or auction it off to the highest bidder. The top target sectors for this new breed of hackers include financial services, information technology (hardware, software and IT services), aerospace and pharmaceuticals. Any company with an Internet presence, however, is also considered fair game.

The sophistication of such operations makes the perpetrators hard to catch and harder still to prosecute. "The law is local, but they can do the crime from anywhere," says Yuval Ben-Itzhak, chief technology officer of Internet security firm Finjan Inc. Increasingly, such operations function as international organized crime networks that manage communications among members through instant messaging and programs such as Skype.

Gangs in one country often employ servers in another to stage an attack on a company in a third. Complicating matters even more, they frequently shift the countries from which they mount their attacks to avoid detection.

Some outfits specialize in creating and customizing malware -- the catchall term for spyware, Trojan horses and other classes of malicious code used in such operations -- which they then sell to other industrial spies who may have little or no software coding experience of their own. A starter kit sells for as little as $200 -- chicken scratch compared to the profits the buyers can reap from its use.

The keys to protecting against such attacks: speed and vigilance. Antivirus and firewall programs don't adapt quickly enough to keep pace with criminals looking for holes in online security. Blocking access to the company network from suspicious IP servers doesn't do enough, either. Hackers increasingly stage their assaults via trusted sites that a firm would never lock out. Speedy real-time code inspection appliances, which track the actual content of each message as it enters or leaves the network, do a better job of fending off such assaults.

Keep sensitive data off of corporate servers that can be accessed via the Internet. "Some people do it just because of the convenience," says James Litchko, a computer security expert and member of the American Society of Industrial Security's IT Security Council. "If it doesn't need to be on the Internet, close it up. Don't even put the system on any network if you don't have to. Most labs don't need this."

If your employees need to access sensitive information from remote locations, such as a branch office or home, make use of virtual private networks (VPNs). VPNs automatically encrypt and decrypt transmissions between the office and the offsite location. That prevents outsiders from monitoring the online conversations or spoofing -- impersonating an employee for the purpose of inserting malware into the system.

For weekly updates on topics to improve your business decisionmaking, click here.

READER COMMENTS

Post a comment

Hide comment form

 | 

Read all comments (3)

Read recent comments

---

Permission to post your comment is assumed when you submit it. The name you provide will be used to identify your post, and NOT your e-mail address. We reserve the right to excerpt or edit for clarity any posted comments.
View our full privacy policy

Name:

E-mail:

Comment:

POSTED BY: Nomen (January 21, 2008 01:01 PM)
With all this outsourcing,sharing, and selling of data with third parties, I'm more worried about minimum wage insiders than I am international cybercrooks. I feel that our financial institutions and the business community are just setting us up for identity theft and opening us up to have our accounts pillaged. My credit card company recently called and asked me to pay $10 a month for account protection. I told them that my account security was their responsibility and if they couldn't guarantee it that I would cancel. I have seen several large companies outsource intellectual property to China and India to make a little more profit. If it gets stolen, go cry somewhere else. You only have your own greed to blame.

POSTED BY: BL (January 22, 2008 01:55 AM)
Well put Nomen! Excellent response.

POSTED BY: Felicia Donovan (January 22, 2008 12:11 PM)
Great article, Andrew. The key here is that most cybercrime, exclusive of child predators, is done for profit. Since as you correctly pointed out, organized groups can virtually up and move to a new country overnight, the best efforts by law enforcement are easily thwarted. The only way to make headway is to acknowledge that cyber crime is a "for profit" business and for law enforcement to work much more closely with financial institutions to follow the trail of the billions of dollars in transactions that are netted each year. Felicia Donovan The Black Widow Agency

MORE: Kiplinger Forecasts | Sector Outlooks

TOOLS:   E-Mail Article  |  Print Article  |  Reprint Article  |  Content Sales

GET: Email Alerts on Your Favorite Business Topics

SAVE, SHARE & DISCUSS:    |   |   |   |   |   |   |   |   

ADD HEADLINES: