NCJ Number
82394
Date Published
1981
Length
20 pages
Annotation
Findings are presented from studies of the extent and nature of computer-related crime in the Federal Government and the banking industry.
Abstract
A 1976 report on computer-related crimes in the Federal Government defined such crimes to be 'acts of intentionally caused losses to the Government or personal gains to individuals related to the design use, or operation of the systems in which they are committed.' This definition recognizes that computer-based data processing systems consist of more than just computer hardware and software. One investigation of computer-related crime in the Federal Government conducted by the author confirmed 69 cases involving fraudulent input (62 percent), unauthorized use of facilities (26 percent), alteration or destruction of data files or programs (23 percent), and misuse of output (17 percent). The perpetrators generally took advantage of system control weaknesses. The most commonly exploited weaknesses were separation of duties and physical control over facilities and supplies. Weaknesses were sometimes due to poorly designed systems, but in 7 of 12 cases studied in detail, existing control procedures were not enforced by operating personnel. The Electronic Data Processing Fraud Review Task Force created by the American Institute of Certified Public Accountants examined computer-related crime in banking in 1977. Questionnaires completed by about 5,100 banks and analysis of the responses showed that 85 banks had at least 1 case of computer-related fraud. The schemes involved were fictitious loans, diversion of deposits, deferral of posting checks, increasing credit limits, and forgery. Many of the perpetrators were clerks and other employees not engaged in computer work. The customer was found to be a major control element for identifying problems. The status of State and Federal legislation directed against computer-related crime is reviewed.