Computers Can Be Robbed, Tricked or Sabotaged, Warns An Expert, and Their Power, If Abused, Could Cause Havoc
updated 09/12/1983 AT 01:00 AM EDT
•originally published 09/12/1983 AT 01:00 AM EDT
Why is our society's growing dependence on computers potentially dangerous?
Like any powerful technology—fire arms, for instance, or nuclear energy—computers can be used for great benefit or great harm. By disabling just a few computers involved in air-traffic control, airline reservations and scheduling, for example, one could reduce air travel to a trickle in most of the world for weeks or months and could potentially destroy the airline industry. What if, simultaneously, a few more computers critical to worldwide communications were also destroyed? Then consider the collapse of systems controlling money transfers, weather prediction, pension and welfare payments and securities exchanges. If one or more of these computer applications were stopped or compromised, society as we know it would be drastically changed.
If computer use poses such risks, aren't we courting disaster?
Generally speaking, the more we use computers, the safer society becomes, because we can use computer checks and balances—such as electronic fences that partition a computer's memory—to protect against loss of information. Right now the U.S. is not very vulnerable, but it could become so. If we know what the vulnerabilities are, we can deal with them. It's the ones we don't know about yet that we really have to worry about.
Are you disturbed by the possibility of an accidental nuclear-missile launch?
Not especially. The military has built in security controls at a very high level, partly through the physical isolation of computers. Other computers, however, could be vulnerable to terrorist attack. Terrorists have attacked at least 28 computer centers in Italy and France. In Italy the Red Brigades blew up the national motor vehicle registry computer, so that for two years officials had difficulty learning who owned cars or had driver's licenses.
What kind of crime do computers expose us to?
One is a new kind of theft. Before computers, criminals had to stage holdups or break into bank vaults. With computers, money is transferred electronically—more than $600 billion every day through national and international markets in the U.S. alone. When a thief steals electronic money, he doesn't have to worry about guns or explosives, how much cash he can carry away or being caught in the act. Some of these thefts take only three-thousandths of a second to complete. The crime is done and the evidence electronically erased before a person could even have time to think about it.
With access to a computer, how much damage could a disgruntled employee cause his company?
In July two programmers in Los Angeles were charged with putting a secret code in a large national corporation's computer in the form of a "time bomb." That's a data-destruction message that sits in the computer waiting to go off at some future time when the programmer won't be around. These two programmers allegedly had left such a message in their employer's computer and then left the company. Fortunately, the time bomb was discovered before it went off. If the bomb had gone off, critical company files would have been erased. The two programmers are now being prosecuted.
Do computers also increase the potential for industrial spying?
In 13 years we have discovered only two cases of wiretapping of computer communications. One involved an oil company whose competition was outbidding it for oil leases by very small amounts. They investigated and found a tap on their line. The other incident was in Japan. A communications engineer at the phone company tapped into a leased banking line and got information about people's accounts.
Couldn't simple human error cause computers to function dangerously?
It has been reported that in 1979 an Air New Zealand plane with 257 people on board crashed into a mountain in Antarctica. The data that was entered into the computer calculating the flight plan for the plane was changed, and the pilots were not told. In whiteout conditions, they thought they were over level terrain when, in fact, they were approaching Mount Erebus. It's important, however, to balance that kind of isolated tragedy with the fact that the use of computers for flight planning has probably reduced the incidence of crashes significantly.
Don't computers tend to compound small human errors, making bigger mistakes out of little ones?
It can happen. In October 1979 a new clerical form was introduced at Manufacturers Hanover Trust Co., one of the banks that calculates the nation's money supply. Personnel using this form overreported the money supply by $3.7 billion. A clerk at the Federal Reserve System who normally received that information was on vacation, and the substitute let the error go through to the computer system. As a result, there was a paper loss of billions of dollars in the stock and bond markets because of a sell-off resulting from fears that the Fed would tighten credit and interest rates would go up.
To what extent are amateur computer hackers a problem?
Hackers have a culture that says it's all right to do anything in computer technology so long as you don't hurt anybody. What they fail to realize is that when they are bumbling around in somebody else's computer system, they are bulls in a china shop. With computers increasingly used for activities such as monitoring heart patients, hackers can cause serious harm.
Do some hackers turn into computer criminals?
Yes. They are the kind of people a data-processing manager would probably most want to hire. They tend to be young, highly motivated, energetic. They respond to the challenge of game playing, and they exhibit a variation of the Robin Hood syndrome—stealing from the rich but keeping it. They differentiate between doing harm to people—which they would regard as highly immoral—and cheating large corporations. That way they don't have to think about the fact that their criminal activity does, in fact, cause people anguish and harm.
What can be done to solve the problems of computer crime and misuse?
It's not the computers that commit the crimes, and in most cases it's not the computers that make the errors. People cause the problems, so they must be involved in the solutions. First, employees who are put in contact with computers must be made sensitive to the responsibility they are being entrusted with. Second, employers must become more security-conscious.
Frequently a company will build lots of security around a central computer system but permit operators to leave sensitive data lying around on tables. Or they will ignore the danger of unprotected communications lines that service their computers. Being security-conscious means learning to think like the criminal, who will be looking for the weakest link—the blind spot. The computer is like a vault with thousands of little doors, each one highly accessible and vulnerable. Not only that, but with computers attached to the phone system, every telephone in the world becomes a potential point of entry.
What is the weakest link in any computer system?
Not surprisingly, it's human. If I bribe a computer operator, I can get any information I want.