5:58 PM -- I'm beginning to understand why organized criminals are so interested in cyber crime: There's virtually no downside.
Today we ran another story on the conviction of a cyber criminal, this one a New Jersey spammer who sent millions of false messages to AOL customers. He got two years. It's barely a sabbatical.
The FBI announced yesterday that it has convicted an eBay scammer who stole nearly $100,000 from innocent victims in bad deals over the auction site. He got 24 months, and had to give up $24,000 from his retirement account. Guess he'll have time now to come up with some better schemes.
Two years. Three years. Restitution. These sentences sound more like vacations. And that's if you get caught, which almost never happens. Many law enforcement officers will tell you that they don't pursue most of the cyber crime cases they see, either because they don't have the resources or because the criminal operates in another country and they don't have jurisdiction.
In fact, has the industry ever seen a computer criminal scared out of hacking? The convicted hackers from the '80s, guys like Kevin Mitnick and Kevin Poulsen, have written books and/or made a good living as writers and consultants on computer crime.
Why is it that computer criminals are seen as no threat to society? It's called "white collar" crime, as if it's only done by nice people who wear ties most of the time. It's not only in a different class from armed robbery or drug sales -- it's in a whole different school. If you break into my house and steal my cash, you can get 20 years in the state penitentiary. If you log into my bank account and steal ten times more, you get a "wow! you must be smart!" and a few months in a low-security jail.
Here's a thought on election day: If laws are to be any sort of deterrent -- if we really want criminals to stop using computers to steal and destroy information -- then we'd better give convicts some serious jail time.
Right now, I can't think of any reason not to be a computer criminal.
Security Job #1 For FedsThe 2014 InformationWeek Government IT Priorities Survey shows federal IT pros care about security - itís rated as very important by 69% of respondents, 30 percentage points ahead of the No. 2 priority, disaster recovery. Will the upcoming NIST cyber-security framework help manage risk?
InformationWeek Tech Digest, Nov. 10, 2014Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?