According to the FBI and the Department of Justice, cyber-crime is on the rise among American businesses, and it is costing them dearly. Cyber-crime includes a myriad of devious criminal practices designed to breach a company's computer security.
The purpose of the electronic break and enter can be to steal the financial information of the business or its customers, to deny service to the company website or to install a virus that monitors a company's online activity in the future.
TUTORIAL: Investment Scams
All businesses that operate online have to deal with cyber-crime one way or another. The National Computer Security Survey (NCSS) in 2005 found that 67% of surveyed businesses had discovered at least one form of cyber-crime. Fighting cyber-crime is expensive and must always evolve as new threats and methods emerge. The following examples are three ways that cyber-crime affects companies and their customers.
The Cost of Protection
Companies that want to protect themselves from online thieves have to pull out their wallets to do it. There are costs in identifying risks, building new and safer operating procedures, and buying protective software and hardware. For businesses with complex or sensitive operations, this often involves hiring a cyber-security consultant to develop a customized solution.
Not only are the upfront costs of protection expensive, but the systems must be tested and monitored regularly to ensure that they are still effective against emerging cyber-attacks. These costs are often passed on to the customer through higher prices of goods and services.
Cyber-crime isn't just for thieves anymore. A new subculture has emerged in the past few years: the cyber-activist. These are the online equivalents of protesters who chain themselves to buildings or trees. Their purpose is to shut down a company's online operations to send a message about the company's business practices. In the past two years, major corporations, such as PayPal and MasterCard, have been attacked in this way.
In December 2010, the PayPal website was attacked by dozens of people claiming to be part of the group, Anonymous. They attempted to perpetrate a denial of service attack in retaliation for PayPal shutting down payment services to WikiLeaks. More than a dozen hackers were arrested in that crime.
While PayPal did not experience a full shutdown, many other businesses aren't so lucky. A denial of service attack results in fewer sales as customers cannot access the company's online store. It can even result in less revenue in the long-term if some customers decide to no longer do business with a company vulnerable to attack.
Changing Methods of Doing Business
Cyber-crime can impact businesses in more than just financial ways. Companies have to rethink how they collect and store information to ensure that sensitive information isn't vulnerable. Many companies have stopped storing customers' financial and personal information, such as credit card numbers, social security numbers and birth dates.
Some companies have shut down their online stores out of concern that they cannot adequately protect against cyber-theft. Customers are also more interested in knowing how the businesses they deal with handle security issues and they are more likely to patronize businesses that are upfront and vocal about the protections they have installed. (To learn more, read Identity Theft.)
The Bottom Line
There is no relief in sight for businesses beleaguered with cyber-crime, or those fighting against it. Protecting the business against incursion is costly and can impact the relationship between the company and its customers. As cyber-crime becomes more sophisticated, businesses will have to stay one step ahead. (For additional reading, check out How To Avoid Online Scams.)