Back in the day, not many people had numerous connected devices in their home. There was no ubiquitous internet. There were no online banking facilities for consumers.
There was, however, no shortage of intelligent nefarious crooks who discovered computers were excellent tools for committing fraud, as well as dangerously vulnerable to fraud.
One day in 1963, accountant Eldon Royce sat down at his computer console, drew a deep breath and set in motion his plan to steal a million dollars from his firm.
Royce’s case was one of the first to expose the incalculable vulnerabilities of the burgeoning computer system, which today employs 2.2 million people to tend an estimated 184,000 full-size computers.
Thus, Royce became a pioneer in what has developed into our most expensive white-collar crime.
Royce felt that his company had broken a promise to share its profits with him. In retaliation, he decided to attack it by computer. A big wholesaler of fruits and vegetables, the firm bought hundreds of different types of produce from hundreds of growers and sold them to scores of dealers, with thousands of truck, storage and packing service transactions in between.
Prices changed almost hourly, and only a high-speed computer could track of all the transactions. Vouchers, invoices and other documents that previously provided an audit trail became only squiggles on an electronic tape. In this complexity, Royce saw his chance.
Like thousands of subsequent computer thefts, Royce’s scheme involved no crude removal of cash from the till. Instead, at his instruction, the computer automatically padded thousands of cost items and reduced income items by carefully calculated fractions of a cent, then distributed the differences across the various accounts so that figures under each heading agreed with normal operating experience. It was as if prisoners-of-war were digging a tunnel and spreading the dirt so widely that it wouldn’t be noticed. Every week or so, Royce drained off his secret surplus by writing a cheque to one of 17 dummy companies that he established.
In six years, Royce smoothly stole more than $1 million. There was only one hitch: he found that he couldn’t let go. Any abrupt halt would produce a suspicious jump in net profit and a dangerous question: why was the company suddenly doing so much better? Bone-tired and near collapse, he decided to trigger his own exposure. In court he pleaded nolo contendere, claimed he’d spent all the money and drew a ten-year sentence.
Today, estimates Edward Bride, vice president of Computerworld Magazine, computer-theft losses in the United States runs into the billions each year. And for every computer crime that is uncovered, ten are thought to go undetected.
Unfortunately, the opportunities for crime by computer are mounting. The practice of ‘time-sharing’, by which numerous clients share the services of a single large computer, and the increasing ease of access, by telephone dial, to remotely controlled computers have expanded the vulnerability to manipulation. Learning the secret passwords of time-sharers is simple when people are careless, and with this information and a typewriter-like device attached to an ordinary telephone, crooks can ‘call up’ a computer and give it orders.
A further hazard is the growth of the ‘cashless and chequeless society’, with banks installing computer terminals and cash-dispensing machines in shopping centres, and magnetic-code plastic cards taking the place of tellers. Criminals counterfeit the cards and plug in.
The most prevalent computer thefts fall into three main classes:
Employee breaching-of-trust is involved in perhaps 80 per cent of all computer-assisted frauds.
And some of the most spectacular deceptions are committed by computer programmers. Says Donn Parker of California’s Stanford Research Institute, who helps develop countermeasures to stop computer thievery: “Programmers can do almost anything they want with their company’s data processing, and nobody will know – except by accident.”
Computers work by taking thousands of tiny steps that have to be spelled out in enormously complicated programs. Errors creep in, and must be continuously corrected. So, while many users can be restricted to certain data only, the programmer, like the man who changes the combination of a bank vault, must have constant access to the whole system. These insiders have been known to instruct a computer to ignore a withdrawal from their own accounts and then erase all record of that instruction – like a mechanical post-hypnotic suggestion!
Increasingly, hundreds of thousands of people other than programmers also have access to computers. Bank tellers, for instance, used to be able to steal only the cash in their cage. Now they can use keys on teller terminals connected by telephone lines to a computer. In 1974, a single cashier with a computer’s help stole $1.5 million from the Union Dime Savings Bank in New York. The teller instructed the computer to deduct various sums from hundreds of accounts and credit the money to him under false names.
In Washington, D.C., an Internal Revenue Service employee programmed a computer to list unclaimed tax-refund cheques, and had them sent to relatives. New York cops investigating an illegally parked car found a bundle of Youth Corps cheques in it. Some Youth Corps employees had the agency’s computer run off 100 extra cheques drawn to fictitious names, and in nine months made off with $2,750,000.