NCJ Number
176751
Journal
Security Management Volume: 42 Issue: 12 Dated: December 1998 Pages: 30-34-37
Date Published
1998
Length
7 pages
Annotation
The newest form of computer-related crime is based on mobile code, which is programming that can be downloaded from the Web or other Internet outlets, that is automatically executed without the consent of knowledge of the user, and that indicates the need for practical controls and preventive approaches.
Abstract
Mobile code problems are expected to be widespread within 2 years, partly because mobile code has useful purposes that enhance business functions. The coding is different from a virus in that it contains no specific instruction to attach and replicate itself. However, malicious mobile code can automatically perform rogue acts. The problems caused by these autoexecutable vandals range from minor annoyances such as opening several windows at once or repeatedly displaying a message to more damaging operations, including stealing passwords, transferring funds, and, theoretically, propagating viruses. The legal ramifications of problems caused by mobile code may force companies to take the threat more seriously. Liability is likely to center around the failure to protect critical information and the ability of mobile code to transport information without consent. Security experts suggest using layers of protective strategies that start with strict policies on browser management and frequent data backups. A few experts recommend the extreme step of having separate computers for Web surfing. In addition, security products that help protect the network are available. System administrators and security professionals need to work together to find ways to help their companies benefit from the new technologies while avoiding negative results. Illustration, table, and list of additional resources