Wednesday, September 12, 2007

It is a Dangerous World Out There!

Last week the Australian Institute of Criminology released a very interesting report reviewing the possibilities for criminal abuse of the national technology infrastructure.

The release goes as follows:

http://www.aic.gov.au/media/2007/20070905.html

New crimes in a technology-enabled environment

  • Media Release, no. 2007/07
  • 5 September 2007

Serious concerns exist about the ways in which new technologies are likely to be misused in the years to come.

Today, Dr Toni Makkai, Director of the Australian Institute of Criminology, released two publications looking at the future environment in which Australians will use information and communications technologies and how this environment will provide opportunities for illegality and infringement of current regulatory controls. The reports are 'Future directions in technology-enabled crime: 2007-09', the most recent publication in the AIC's Research and public policy series, and 'The future of technology-enabled crime in Australia', number 341 in the Trends & issues in crime and criminal justice series.

The reports identify developments that may facilitate technology-based crime. These include:

  • globalisation and the emergence of new economics
  • increased widespread use of broadband services and mobile and wireless technologies
  • increased use of electronic payment systems
  • changes in government use of technology to allow the public to conduct transactions securely, including participation in democracy.

The most likely areas in which opportunities for illegality may arise include fraud, identity-related crime, computer viruses and malicious code, theft of information, dissemination of objectionable material online, and risks of organised crime and terrorism.

The burden of protection against misuse of the technology has largely fallen onto individual users because public agencies have a limited role to play in the prevention of technology-enabled crimes and manufacturers have often failed to develop systems to protect users fully prior to releasing new products. The design of the personal computer and the global adoption of the internet have been largely in the hands of private sector forces with less focus on security than on functionality.

At present there is limited capacity in law enforcement to investigate a high volume of technology-enabled crimes. The reports suggest strategies that could reduce the risk of exposure to these crimes. These include:

  • industry developing more secure hardware and software
  • increased sharing of information between public and private sectors
  • use of police taskforces to respond to particularly complex technology-enabled crimes
  • the threat of prosecution and punishment, particularly where substantial penalties can be imposed, and publicity given to successful prosecutions
  • sharing of information and intelligence across jurisdictional borders, both within Australia and internationally.

The reports highlight the need for legislative reforms to address the emergence of these crimes. Areas in which reform is needed include:

  • capacity to deal with criminal complicity - an increase in instances of individuals acting jointly in the commission of a crime
  • greater uniformity in legislation across jurisdictions because of the likelihood of multiple jurisdictions being involved
  • development of new admissibility of evidence procedures to counter the new and sophisticated defences to charges that will be developed
  • new punishments will need to be explored, such as forfeiture of computers and restriction-of-use orders, that may be more effective in deterring crime than traditional punishments.

Funding for this research was provided by the Australian High Tech Crime Centre.

…..( see the URL above for full article)

The full report can be found here:

This is a very useful report as it makes clear just how complex the e-commerce environment actually is and the range of potential difficulties that will be encountered as such systems are implemented. The implications for e-health implementations are obvious. This article explores just one of these:

http://abc.net.au/news/stories/2007/09/06/2025409.htm?section=justin

National access cards a target for hackers: report

A new report warns that new technologies such as the Federal Government's proposed health and welfare access card could be targeted by cyber criminals.

The study says there are serious concerns about the way in which new computer technologies could be infiltrated by criminals or even terrorists.

The Australian Institute of Criminology report suggests the proposed government access card and e-passports could become targets.

The institute says areas of concern include fraud, identity and information theft, and risks of organised crime and terrorism.

…..( see the URL above for full article)

This short article identifies some major implications for e-health and the Access Card.

The following article also shows just how in-secure the present Medicare Card is.

http://www.smh.com.au/news/National/Access-card-more-secure-than-Medicare/2007/09/06/1188783404068.html

Access card 'more secure than Medicare'

September 6, 2007 - 5:34PM

The controversial access card will be more secure than the current Medicare system, the federal government says, despite new reports showing it could be targeted by cyber criminals.

The access card is intended to replace the Medicare card and up to 16 other benefit cards, streamlining access to a wide range of government health and welfare services.

There have been ongoing concerns about the privacy implications of the new card and a new report from the Australian Institute of Criminology warns the card could be targeted by cyber criminals.

The study details concerns about how computer technologies could be infiltrated by criminals or even terrorists.

But Human Services Minister Chris Ellison says the new card will be significantly more secure than the current Medicare system.

"The access card will replace the existing Medicare card, which figures in 70 per cent of serious and organised crime identity investigations and 50 per cent of all fraud investigations," a spokesman for Senator Ellison told AAP.

…..( see the URL above for full article).

This combination of these facts makes it vital that there is improvement in the controls of issuance and cancellation of the present cards, and a careful review of how best to upgrade the security of identification of Medicare clients .

Finally, as it is inevitable that virtually all e-Health initiatives will involve the use of the national e-commerce infrastructure this report should be carefully reviewed by all those involved in e-Health.

David.

No comments:

Post a Comment