Identity Theft in the UK - Report Example

Summaries of Articles Article Ashford addressed an important issue in his article that is the negligence of organizations in the area of providing security to their customer’s information. The article explains the intensity of information with respect to different surveys and researches regarding the respective issue. The article also explains how information residing in the premises of the organizations gets revealed to the outsiders. He considers the involvement of employees as a major role in these endeavours. This article included some relevant figures that support the notion of identity theft increasing in UK. Ashford, W. (2010), Analysis: UK companies fail to plug biggest data leaks – the insider threat, Computer Weekly, [Online], Available at: http://www.computerweekly.com/Articles/2010/11/22/244021/Analysis-UK-companies-fail-to-plug-biggest-data-leaks-the-insider.htm, (Accessed 6 Dec 2010) Article # 2 Info Security (2010) included figures from the CIFAS (UK’s fraud prevention service) about the alarming increase of identity theft in the county. The article included useful information like 74% of the identity thefts took place on the internet in 2009. The article also has some useful prevention tips from experienced professionals. Useful guidance is also present for organizations about how they should enhance their security measures to protect the customer’s data. Info Security, (2010), CIFAS reports identity theft fraud soaring, [Online], Available at: http://www.infosecurity-magazine.com/view/7888/cifas-reports-identity-theft-fraud-soaring/, (Accessed 6 Dec 2010) Article # 3 Muncaster, P. (2010) also included some figures that have been published by CIFAS regarding the issue of identity theft. He stated that around 100,000 cases of identity theft were witnessed in just the first half of the year 2009. This article proved to be valuable for the research because it also addressed the financial aspect of the issue and provided some useful figures about the loss being faced by the organizations and individuals in UK. Muncaster, P. (2010), Identity fraud soars in 2009, V3, [Online], Available at: http://www.v3.co.uk/v3/news/2247117/identity-fraud-soars-2009, (Accessed 6 Dec 2010) Article # 4 According to the research of Grant (2010); identity theft comes just below major concerns like terrorism, banking crisis etc. This information provided good support for the research topic. This article also included useful information about the financial aspect of the matter and gave figures about the loss that is faced globally. It highlighted some future efforts that are underway by the UK government to control the issue. Grant, I. (2010), Cyber threats top national security concerns, Computer Weekly, [Online], Available at: http://www.computerweekly.com/Articles/2010/10/18/243380/Cyber-threats-top-national-security-concerns.htm, (Accessed 7 Dec 2010) Article # 5 This article at Channel 4 News, (2010) designates the crime of identity theft as big as terrorism since it has the power to destroy one’s life. Marriages, mortgages, loans etc are all possible with the crime of identity theft. The article compares terrorism with identity theft and states that the enemy is known in the former whereas the attacker is hidden in the latter. It also stated that the infrastructure in UK is mostly based on technology therefore electronic identity theft is more likely to take place. Channel 4 News, (2010), Terrorism and Cyber Attacks UK’s biggest Threats, [Online], Available at: http://www.channel4.com/news/terrorism-and-cyber-attacks-uks-biggest-threats, (Accessed 8 Dec 2010) Article # 6 Neal (2010) stated that identity thefts are costing UK around £2.7bn every year. This article also mentioned some other figures regarding the financial losses from identity theft in UK. Some useful identity theft prevention techniques and guidelines have been included in this article for example the appropriate mode of discarding bank and credit card statements etc. The steps that are being taken for the eradication of the problem have also been mentioned in the article. Neal, D. (2010), Identity fraud costing the UK £2.7bn a year, V3, [Online], Available at: http://www.v3.co.uk/v3/news/2271694/fraud-costing-uk-billions, (Accessed: 6 Dec 2010) Identity Theft in UK Abstract Computer technology has created much convenience in the life of individuals but it has also threatened privacy and security of their information. User information is widely found on the internet and in organizations. The distributed nature of these details makes it vulnerable and tempting for malicious usage. Hackers steal such information and use it for their benefit. This is also referred to as identity theft. Identity theft is increasing in UK at an alarming scale and causing great losses to organizations and individuals. Extensive measures need to be taken to control the issue. 1. Introduction The inception of computers has leaped mankind to a new level. A person in one part of the world is aware of the happenings in the other end of the globe due to the invention of the internet. Fast paced communication takes place between people from across the oceans. Business processes and procedures have become automated and structured due to the integration of computers in every field of life. However, these benefits are availed alongside the presence of some drawbacks. Personal information of individuals is available on computers or on the internet for various purposes. The availability of user’s information in such abundance tends to tempt the malicious users to use them for inappropriate purposes. This is known as electronic identity theft. 2. Electronic Identity Theft According to SearchSecurity.com (2010); electronic identity theft is defined as the stealing of someone’s personal information or details that might be used for illegal or malicious usage. The personal details might include sensitive information like bank details or social security numbers. These details might be acquired by an individual through the internet or some organization. The current technological era has caused this data to be distributed at numerous places which increases the threat of such thefts. 2.1 Intensity of Identity Theft The identity theft resides in almost every part of the world; UK is also one of the victims of such crimes and witnessing great increase year after year. Muncaster (2010) quoted the figures from the UK fraud prevention service CIFAS; the crime of electronic identity theft rose by as much as 74 % in the first half of 2009. This figure is nearly three quarters increase of the last figures in 2008. Some of the most frequent sources for the theft of personal information are the internet and organizations. Hackers are able to eavesdrop or hack the sources where information might be residing. Organizations possess millions of customer’s data and have a great responsibility of ensuring that it doesn’t land into the wrong hands. However, at times negligence is witnessed with respect to the security measures deployed in organizations to protect the data. Ashford (2010) quoted a survey that was conducted by a security firm Imperva; the sample of the survey consisted of 1000 UK employees. 72% of the employees admitted that they had taken the data from their employer without any problems. This data consisted of customer data, human resource data of the respective company and marketing data. Such important data was easily retrieved by the employees that could have been used for any purpose. This shows the level of security that is being provided to customer sensitive data by the respective organizations in UK. Ashford (2010) also included some figures regarding the common modes of getting information out of the organizations in UK; the following figures were concluded; Table 1: Percentage of different devices used for identity thefts These alarming figures of information theft lead to different crimes. Info Security (2010) pointed out that 74% of the identity theft instances marked their source as the internet in 2009. Not only individuals are made victims of identity theft, organizations are also victimized. Info Security (2010) provided relevant information that an alarming 40 % of UK organizations were made a target of this crime in 2009. This is a great figure since it amounts to almost half of all business organizations in UK. Identity theft is increasing year after year because the criminals have even found their way inside the organization, directly or indirectly; whether the employees would be involved in the crimes themselves or they would have their sources in the organizations. Cabinet Office (2009) pointed out that cyber threats, specifically identity theft is ranked just below as big concerns as terrorism, climatic changes, banking crisis etc. Grant (2010) stated that identity theft and other computer related crimes have been costing the world over £1 trillion, annually. According to the National Fraud Authority (NFA); identity theft is affecting around 1.8 million individuals every year and the annual loss from these cases amounts to approximately £2.7 billion in UK. Channel 4 News (2010) also stated that cyber crimes are as big of a threat as international terrorism. According to Channel 4 News, (2010); 20,000 malicious emails are received on the government networks every month. Some of them are targeted to retrieve useful information about the users to steal their identity or are contained with dangerous viruses. 2.2 Risk of Identity Theft The crime of identity theft is being done by different means and sources. The distributed nature of information and thus leaking of this information makes everyone at high risk of identity theft. Dunston (2010) stated an incident that took place in 2008; a computer disc was sold for £100 via E-bay. The computer disc had over million records of credit card accounts that could easily be used for identity thefts. The credit cards belonged to reputable banks like NatWest, Barclays, Royal bank of Scotland etc. This incident indicates that the security measures are not commendable in organizations due to which customer’s records are more likely to become victims of such attacks. 2.3 Steps Taken for Identity Thefts According to Grant (2010); UK government has taken measures to battle this security threat by establishing a Cyber Security Operations Centre. This center monitors the network traffic and business transactions for any unusual activity that might be witnessed. The dubious activities are further investigated and ensured that the business transaction is being initiated by the original card holder only. This endeavour did not prove to be efficient since the monitoring and checking was not as extensive as is required for the complete eradication of the problem. Financial institutes tend to ask their customers a diverse range of questions to ensure the identity of the individual. Although this ordeal gets annoying for customers after some time but it is far better to be annoyed than be caught in the fraud of identity theft. This technique only works till the bank support officer and the consumer are communicating with each other for example online transactions have minimal communication with the personnel in the organizations therefore this technique does not work everywhere. Botnets and phishing are some of the techniques by which personal information is retrieved. Botnets make the computer compromised and make it come under the control of a botnet controller rather than the user of the computer. The computer can then be controlled to reveal any sensitive information about the user. Honeypots, intrusion detections systems, anti-Trojan software are some of the techniques that are used to combat the botnets. Phishing can also be referred to as online scams; hackers send emails while posing to be from financial institutions or other authentic sources. Users reply with their details while thinking that they are replying in accordance to a routine procedure of the organization. Only awareness and cautiousness can save people from phishing. 2.4 Future and Recommended Steps Grant (2010) discussed that the UK government is aiming to get grants for £12 billion for Interception Modernization Program (IMP). This program will perform intensive monitoring by retaining every electronic communication that would enter the UK networks. It would be a tedious task of monitoring big chunks of electronic communication but would ensure that their respective networks have minimal or no occurrences of identity theft attempts. This attempt can prove to be fruitful in combating the issue since the monitoring will take place on a detailed level of every possible electronic communication. It is the customer’s right to ask for the protection of their data to the highest degree. Neal (2010) conducted a research and concluded that around 94% of the people fear the protection policies that have been adapted by companies. This fear should be communicated to the companies and effective security measures should be demanded in their infrastructure since customer data is usually freely accessible to the employees of companies and other resources. Bank and credit card statements should be disposed off in an appropriate manner rather than simply thrown in the trash. Username and passwords should be kept very safely and not shared with anyone as it threatens one’s privacy. Emails should be judged for their authenticity and validity as some might be a result of an online scam. 3. Conclusion People tend to enter their information on the internet for the utilization of different services. Another source of information proves to be the data records of customers in business organizations. The distributed nature of data increases the security and privacy threat. Identity theft is caused by the stealing of such information. This crime is being witnessed in UK at an alarming level and increases year after year since hackers have also become tech savvy. It has become one of the top fears amongst individuals. Sometimes, employees get involved in the stealing of information from the organizations which eventually results in identity thefts. Strict measures should be adapted by the organizations so that the customer’s data can be protected and users should be cautious about the revealing of their information to unreliable sources. References Ashford, W. (2010), Analysis: UK companies fail to plug biggest data leaks – the insider threat, Computer Weekly, [Online], Available at: http://www.computerweekly.com/Articles/2010/11/22/244021/Analysis-UK-companies- fail-to-plug-biggest-data-leaks-the-insider.htm, (Accessed 6 Dec 2010) Cabinet Office, (2009), The National Security Strategy of the United Kingdom: Update 2009, Crown Copyright, ISBN: 9780101759021 Channel 4 News, (2010), Terrorism and Cyber Attacks UK’s biggest Threats, [Online], Available at: http://www.channel4.com/news/terrorism-and-cyber-attacks-uks-biggest-threats, (Accessed 8 Dec 2010) Dunston, T. (2010), Identity Theft: The UKs Worst Ever Data Loss Bungles, Buzzle.com, [Online], Available at: http://www.buzzle.com/articles/identity-theft-the-uks-worst-ever-data-loss-bungles.html, (Accessed 8 Dec 2010) Grant, I. (2010), Cyber threats top national security concerns, Computer Weekly, [Online], Available at: http://www.computerweekly.com/Articles/2010/10/18/243380/Cyber-threats-top- national-security-concerns.htm, (Accessed 7 Dec 2010) Info Security, (2010), CIFAS reports identity theft fraud soaring, [Online], Available at: http://www.infosecurity-magazine.com/view/7888/cifas-reports-identity-theft-fraud- soaring/, (Accessed 6 Dec 2010) Muncaster, P. (2010), Identity fraud soars in 2009, V3, [Online], Available at: http://www.v3.co.uk/v3/news/2247117/identity-fraud-soars-2009, (Accessed 6 Dec 2010) Neal, D. (2010), Identity fraud costing the UK £2.7bn a year, V3, [Online], Available at: http://www.v3.co.uk/v3/news/2271694/fraud-costing-uk-billions, (Accessed: 6 Dec 2010) SearchSecurity.com, (2010), What is Identity theft, [Online], Available at: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci801871,00.html, (Accessed 5 Dec 2010) Read More