Sources of security breaches (was: Trade)

[Christian]

Colin Muller wrote:

> This is a pretty interesting human syndrome, though. Apparently the
> majority of murders and assaults (including sexual assaults) are
> committed by someone known to the victim; but we're more afraid of
> strangers. The majority of computer security breaches are committed by
> someone known to the company; but we're more afraid of outsiders. One
> unfortunate consequence of this in relation to computer security is that
> it feeds into the media frenzy about what they term "hackers"; and that
> in turn results in people like the DeCSS guy being victimised.

Must I point out the obvious?  Firstly, the criminal activities to which
you refer (as a general pattern of behaviour) are isolated to a
relatively small percentage of our population.  Therefore, to become a
victim you must come in contact with a member of this percentage at the
wrong time in the wrong place.  Either that or you come in contact with
a person who typically would not be part of that percentage but through
extraordinary circumstances temporarily becomes so inclined.  Usually
these circumstances involve some sort of emotion: i.e., greed, revenge,
jealousy, frustration, rage, extreme lust etc.  The reason most of these
crimes are committed by someone known to the victim is because most of
the people you come in contact with are known to you and vice versa! 
(Either that or you come in contact with them and then begin to know
them which brings you to the same point.)  How many of us spend the
majority of our time with complete strangers?

Things are obviously different where computer crime is concerned. 
Firstly, it's usually a much less emotive thing.  Furthermore, through
the Internet you can come in contact with a good percentage of the
networked machines (=> people) on the planet.  Therefore, statistically,
it would make sense that it is more likely that you will be the victim
of an attack by someone whom you do not know.

Regards,

Christian.