CHICAGO, Nov 8 — A couple years ago a crippling cyber attack on one of Nanette Lepore’s haute couture boutiques served as a wakeup call for the fashion retailer to get serious about its online security.
In 2007, Nanette’s Las Vegas store had its router hacked by a cyber criminal and confidential point-of-sale information was accessed, potentially impacting hundreds of the company’s well-heeled patrons. The sensitive data was then transferred to Italy, where it was used to create phony credit cards that were subsequently distributed in Spain.
After a meeting with FBI and local crime officials, the Caesars Palace store was shut down during crucial Saturday shopping hours, but the company gained a valuable lesson about protecting its data.
“If they can gain access to your network routers, you’re pretty much an open book,” said Jose Cruz, Nanette Lepore’s director of information technology, who has since developed a Fort Knox-like security protocol for the confidential information flowing through the company’s 10 boutiques and its New York headquarters. “The first thing I did was lock it all down.”
Unfortunately Nanette Lepore is not alone among small and medium-sized businesses for its lack of planning for a cyber attack. A new study issued by the National Cyber Security Alliance and software company Symantec confirmed that small businesses are among the most vulnerable to Internet crime due to their unstructured approach to online security.
There are a few types of cyber crime such as offences against the confidentiality, integrity and availability of computer data and systems, computer-related offences,content-related offences, offences related to infringements of copyright and related rights, and ancillary liability. In malaysia, its in under Computer Crimes Act (CCA) 1997 is in particular passed to provide for offences relating to the misuse of computers. Under Section 4(1) CCA says: A person shall be guilty of an offence under this section if he commits an offence referred to in section 3 (mere unauthorized access) with intent (a) to commit an offence involving fraud or dishonesty or which causes injury as defined in the Penal Code; or (b) to facilitate the commission of such an offence whether by himself or by any other person. .
No comments:
Post a Comment