Leading Source of Computer Crime Losses

Leading Source of Computer Crime Losses

Prev Question Next Question

Question

Which of the following groups represents the leading source of computer crime losses?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

D.

There are some conflicting figures as to which group is a bigger threat hackers or employees.

Employees are still considered to the leading source of computer crime losses.

Employees often have an easier time gaining access to systems or source code then ousiders or other means of creating computer crimes.

A word of caution is necessary: although the media has tended to portray the threat of cybercrime as existing almost exclusively from the outside, external to a company, reality paints a much different picture.

Often the greatest risk of cybercrime comes from the inside, namely, criminal insiders.Information security professionals must be particularly sensitive to the phenomena of the criminal or dangerous insider, as these individuals usually operate under the radar, inside of the primarily outward/external facing security controls, thus significantly increasing the impact of their crimes while leaving few, if any, audit trails to follow and evidence for prosecution.

Some of the large scale crimes committed agains bank lately has shown that Internal Threats are the worst and they are more common that onewould think.The definition of what a hacker is can vary greatly from one country to another but in some of the states in the USA a hacker is defined as Someone who is using resources in a way that is not authorized.

A recent case in Ohio involved an internal employee who was spending most of his day on dating website looking for the love of his life.The employee was taken to court for hacking the company resources.

The following answers are incorrect: hackers.

Is incorrect because while hackers represent a very large problem and both the frequency of attacks and overall losses have grown hackers are considered to be a small segment of combined computer fraudsters.

industrial saboteurs.

Is incorrect because industrial saboteurs tend to go after trade secrets.

While the loss to the organization can be great, they still fall short when compared to the losses created by employees.

Often it is an employee that was involved in industrial sabotage.

foreign intelligence officers.

Is incorrect because the losses tend to be national secrets.

You really can't put t cost on this and the number of frequency and occurances of this is less than that of employee related losses.

Reference(s) used for this question: Hernandez CISSP, Steven (2012-12-21)

Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 22327-22331)

Auerbach Publications.

Kindle Edition.

The leading source of computer crime losses varies depending on the nature and circumstances of the crime. However, of the options given, the group that most commonly represents the leading source of computer crime losses is D. Employees.

Employees are often in a unique position to exploit access and trust granted to them by the organization. This can take the form of theft of sensitive information or intellectual property, fraud, embezzlement, sabotage, or other malicious acts. Furthermore, employees are often difficult to detect, as they have legitimate access to the systems and data they are exploiting.

While hackers, industrial saboteurs, and foreign intelligence officers may also pose a significant threat to computer security, they generally represent a smaller percentage of overall computer crime losses. Hackers may be responsible for breaches of security, but these breaches are usually detected and resolved quickly, limiting the losses incurred. Industrial saboteurs and foreign intelligence officers may seek to steal intellectual property or sensitive information, but they are also generally limited by their access to the organization's systems and data.

In summary, employees represent the leading source of computer crime losses, as they have unique access and trust within the organization that allows them to exploit systems and data in a way that is difficult to detect and prevent. However, it is important to note that computer crime is a complex and evolving field, and the sources of losses may vary depending on the organization and the specific circumstances of the crime.