On Christmas Day, as the rest of the UK was settling down in front of the TV to a dose of Jurassic Park, sticky fingers were hard at work raiding BT?s computer bank.
From a neighbouring building, thieves clambered up scaffolding, braved a perilous traverse and launched themselves into mid-air before landing on BT?s roof. After slipping into the building through a skylight they rifled scores of PCs, making off with 90 processor chips worth up to #500 each on the street.
The criminals may well have been incredibly lucky in dodging the alarms and ducking the closed-circuit TV cameras. And it could have been nothing more than coincidence that the normally security-conscious centre had left a skylight window unlocked. Indeed, BT officials claim there is ?absolutely no suggestion that there was any kind of internal involvement?.
But trying to get any company to publicly admit that its employees are stealing from the business is like asking the Catholic Church to acknowledge it has sexually active members among its clergy. No one, understandably, wants the attendant bad publicity, especially when there can be dire repercussions.
David Britton, IT training manager at British Steel, says: ?We?ve never had an inside job. There was some pilfering in our Scunthorpe office last year, and we have had some problems in south Wales. But never here at our main centre in Teesside.?
British Steel, according to Britton, suffers more from organised gangs of crash-and-dash ram-raiders. ?We had to erect a metal barrier to stop the ram-raiding,? he told Business Computer World.
In spite of Britton?s claims about the honesty of his employees, British Steel still carries out spot checks on every third car leaving the Teesside site through fear of PCs being pilfered. The company has also installed closed-circuit TV.
However, computer theft specialist Brian Woods at Greater Manchester Police believes that installing CCTV is unlikely to detect staff with their fingers in the till, so to speak.
?It?s only effective to a limited degree,? he explains. ?Employees need just 20 seconds in the space of a whole year to grab a chip so that they can upgrade their home PC. To make CCTV really effective you?ve got to have an extensive monitoring and response system.?
It has always been difficult to quantify the scale of theft by employees. When a member of staff secretly strips a company PC, he or she may not render the machine inoperative. For example, thieves may take just one 8Mb Simm chip instead of the full 16, and the effect on performance can go undetected for months.
?It?s often impossible to pinpoint when the theft actually happened, so crime by employees tends to go unreported,? explains Woods. ?It?s very difficult for police and generally embarrassing to companies. What you need are regular inspections of PCs.?
The theft of IT equipment from business, either by staff or external thieves, is one of the fastest growing crimes in the UK. The Association of British Insurers estimates that computer theft is costing the UK economy about #1bn a year, with #200m accounted for by insured losses and the rest coming from lost business opportunities, lost production and reduced customer services. On a more long-term scale, US analysts have warned that the worldwide figure could top $200bn by the year 2000.
The move from the traditional mainframe to the server-client model has significantly boosted the value of the criminal?s potential swag bag. As John Smith, security adviser at the Prudential Corporation, says: ?Most people have about #2,000-worth of office equipment on their desk. Five years ago it was inconceivable to steal #2.5m in equipment, but now hundreds of thousands of pounds are stolen fairly regularly.?
According to The Information Security Breaches Survey carried out last year by The National Computing Centre (NCC), the proportion of organisations reporting theft has increased by 60 per cent since previous research in 1994, with the average estimated cost of a theft increasing from #7,700 to #25,000. In nearly a third of all crimes, it took more than a week to get the affected systems up and running.
Looking for Mr Big
So serious is the escalation in theft of IT equipment from UK businesses, that last year the National Criminal Intelli-gence Service (NCIS) was asked to investigate whether major organised crime was involved.
At the centre of the enquiry were memory chips, with suggestions from some quarters that specific suppliers were being targeted. Investigation by NCIS concluded that local gangs were primarily responsible. ?There were no Mr Bigs involved,? a spokeswoman for NCIS told Business Computer World.
In spite of the spiralling crime wave, UK companies appear remarkably complacent. ?It?s unbelievable,? says Greater Manchester Police?s Brian Woods. ?Some of the apparently security conscious companies I visit actually leave the security keys to the computer?s case sticking out of the system, exposing the inside of the PC to theft.?
Bobby Birtles, marketing manager at IT security consultants International Data Security, agrees: ?Amazin-gly, most businesses don?t have a security policy at all. Most cases involving theft are totally preventable,? he claims.
According to Inspector Woods, it is the major companies such as BT that are at the forefront of computer crime-fighting. As one of the largest PC users in Europe, with about 180,000 machines, BT has long been an obvious target for thieves. Last August, following a spate of break-ins, the company finally rolled out a marking scheme across its IT departments in London, Manchester and Leeds.
Instead of traditional remedies, such as bolting PCs to the desk, BT has opted for hi-tech solutions, teaming up with local police forces in the process. The internal workings of PCs are painted with ?smart? water, an indelible paint containing a unique code in its chemical structure which can be traced if removed from a machine.
The impact on the IT budget was relatively modest, at around #10 for each PC and, according to Inspector Woods, is already paying dividends. ?Marking has made major inroads into combating theft at BT,? he claims. Other organisations which have opted for a similar tagging solution include British Nuclear Fuels and ICI.
International Data Security?s Bob Birtles, however, isn?t convinced that the DNA-style lacquer is a panacea for all businesses. ?Marking is all very well for multi-billion-pound corporations, but for smaller businesses it has little application in the real world,? says Birtles. ?Coming up with the detection equipment will make it the exclusive preserve of the richest corporates.?
Birtles favours the latest two-in-one PC alarm from UK-based Barracuda, which features motion and light sensors that trigger a 120-decibel screech when a PC?s protective casing is removed.
If thieves aren?t deterred by the alarm, the indelible red ink that Barracuda sprays over the PC?s inner parts and its assailant should do the trick by instantly branding the booty as stolen or the person a thief.
Ultimately, of course, Sod?s Law dictates that when problems are flushed out of one area they generally reappear in another. The same goes for security. According to Inspector Woods, 1997 will see a move away from the theft of memory chips towards high-end, high-value processor chips and notebooks.
?In some ways a thief is like any other businessman. He needs a high return for a minimum risk. Whatever he steals must be marketable, and there has to be a demand for the product,? he explains.
?A year ago 4Mb of RAM could fetch #120 on the street. They were like car radios in the 1960s and 1970s: only a few vehicles had them fitted, so stolen ones were easy to sell,? adds Woods.
?Now, the same chips sell for only #16, and most PCs come with enough memory to run Windows 95, so the demand from consumers has gone. Thieves are turning to laptops, where there is much greater criminal motivation.?
Hardware designed to ensure your IT department is secure
l Use special security screws in the back of the computer, instead of the margin-spinning clips favoured by manufacturers. The security screwdriver should be kept in a safe.
l Fit 120-decibel internal tremble alarms to servers and information- critical PCs.
l Fit retail-style security tabs which set off a local alarm. (Clearly only useful if there is a security guard present to respond.)
l A securely-mounted steel enclosure will generally fit most IT equipment. However, the security budget per PC can prove expensive with prices ranging from #120 to #250 for each steel cab.
l Lock away all portables when they are not being used.
l Maintain an audit of systems, including installed RAM, processor and disk capacity.
Compiled with the help of Bob Birtles, marketing manager at IT security consultants International Data Security.
Researchers modify genetic code of cancer-killing virus so it can target cells that protect cancer from immune system
Changing the genetic coding causes the infected cancer cells to produce a protein that kills the fibroblast cells that protect cancer
The findings can help improve the current understanding of brain development disorders, such as epilepsy or autism
Dubbed HD186302, the solar twin is located about 184 light-years from Earth
NASA releases a new image showing Jupiter's moon Io rising just off the horizon of the gas giant planet
The image was captured by Juno spacecraft in October during its 16th close flyby of the Jupiter