Corporates keep mum on cyber crime

Less companies are reporting computer crime to law enforcement authorities, but cyber feds are not worried.

Seventy-five percent of respondents -- compared to 62 percent in 2003 -- chose not to report harmful electronic attacks or computer crime to any outside party, including law enforcement, according to AusCERT's 2004 Australian Computer Crime and Security Survey.

However Australian High Tech Crime Centre (AHTCC) director, Alastair MacGibbon, is not worried, saying it reflects a greater understanding of the indiscriminate nature of most attacks.
 
"There are times when it would be prudent not to report and there are times where reporting it to AusCERT may be a smarter course of action," MacGibbon told InformationWeek.

"We do recognise that there are some incidents which should be reported to us which aren't. There are also times when companies report an incident then withdraw the report when the police turn up to investigate and take statements because they don't want the disruption to the business that police invoke," he said.

"As well as looking at the survey for underlying or exact trends on security, we think the survey is important because it raises level of awareness and debate about security issues," he said.

"However, there is an idea in the community that police aren't interested. We do care. We want to assure the community that we do take these incidents very seriously," he said.

MacGibbon said businesses may have some reticence about reporting security breaches because they don't want it splashed over the front pages of a newspaper, so the company takes the decision to handle it all internally. There are times they might well be obligated by stock exchange to report it.

"We work with industry as best we can," he said.

Depending on the nature of the attack, MacGibbon said for corporates pursuing civil remedies might be better option.

MacGibbon added there is a growing sophistication amongst enterprises regarding whether an attack in act of indiscriminate criminality or targeted.

"We are happy that we are making headway in terms of getting the reports we are after," he said.

Siobhan Chapman travelled to AusCERT2004 on the Gold Coast as a guest of AusCERT.