Experts help firms fight cybercrime

Experts help firms fight cybercrime
Experts help firms fight cybercrime 

By Kaija Wilkinson
Business Reporter
November 11, 2007

When retired U.S. Secret Service agent Gus Dimitrelos is called on to 
speak, the charismatic computer crimes expert tells of catching 
celebrity stalkers, serial killers and child predators using computer 
and cell phone data.

But the Daphne consultant's business isn't all about cases that grab 
national headlines. Instead, he said, at least half is helping 
corporations prevent cybercrime or, when it occurs, finding out how it 

Such crimes are more prevalent than some businesses realize, local 
exerts said.

Among the top threats: theft of intellectual property, such as sealed 
bids or financial data; theft of personal information like credit card 
and Social Security numbers; and installation of malicious software 
including computer viruses that steal, corrupt or destroy data.

Whether a business is dealing with fraud or general theft, Dimitrelos 
said, " the biggest threat is going to come from the inside."

Finding who is responsible can get expensive. Dimitrelos, for example, 
charges $250 to $325 an hour. An security evaluation for a company with 
700 to 1,000 or so employees can range from roughly $20,000 to $50,000, 
he said.

The good news is that businesses can take relatively inexpensive steps 
to guard against fraud.

Robertsdale-based Business Information Solutions Inc. has been hired by 
more than 600 area business clients in the past several years to design 
and maintain computer networks, including security systems, said Philip 
Long, chief executive officer.

The company recently introduced a managed security service called 
Sentinel that starts at $79 a month for a basic service and can run 
around $500 for full maintenance and security. "With that we have a lot 
of real-time security auditing going on," Long said.

Long said he tries to emphasize that businesses be proactive, rather 
than reactive, about computer crime. Still, he said, "you'd be surprised 
about the ones that aren't really concerned about (computer security)."

Manufacturers, medical- related companies, law firms and banks are among 
those who tend to be most careful, Long said.

Dimitrelos said his biggest client right now is national law firm Hunton 
& Williams, whose clients, in turn, include Federal Express and 

Companies are tight-lipped about what they do to protect themselves, but 
many acknowledge that it's crucial.

Birmingham-based Regions Financial Corp. has several layers of 
protection in place, said spokesman Tim Deighton. "It's not just one 
person's responsibility," he said. "It's partly a technology issue, and 
it's partly a security issue. Obviously for a bank, it's vital."

Computer security is no less vital for manufacturers like Atlantic 
Marine Holding Co., which protects information like bid and design 
details and financial data, said Herschel Vinyard, spokesman.

Atlantic must also ensure that malicious software doesn't disrupt the 
flow of business, he said, adding that in shipbuilding, "computers are 
just as necessary as welding torches these days."

Gabe Watson, senior network engineer at Mobile-based telecommunications 
company Southern Light LLC, said an employer's No. 1 line of defense is 
a firewall, a system that bars unauthorized users from a network or 
monitors information that travels between network and a personal 
computer. Southern Light manages firewalls for several large clients, 
including Mobile and Baldwin county public schools.

Some have built-in content filtering, which prevents employees from 
sending or receiving profane e-mails or visiting questionable Web sites, 
but that typically is provided through a separate device, Watson said.

Long said that it's important to monitor not only content coming in, but 
content going out. In the past 10 years, such security has gotten 
considerably more affordable, with a firewall with software that blocks 
spyware, viruses and pfishing sites starting at around $600 for a 
business with 15 to 20 users.

But some security measures don't cost a thing, Long said, such as simply 
changing one's passwords often. Microsoft recommends every 21 days, he 

"Companies don't want to do it, because it's an absolute headache," he 
said. "But it's great because if somebody is (committing fraud) they can 
only do it for short period of time."

Copyright 2007 Press-Register

Visit InfoSec News 

Site design & layout copyright © 1986-2015 CodeGods