Computers facilitate the theft of money and property and the destruction of data when there are inadequate controls against their misuse. Crimes perpetrated by unauthorized access to keyboards, terminals and communications devices generally can be described as thefts, misapplications of assets, or destruction of information. These terms may apply to the misappropriation of money and real property, or of proprietary information and intangible assets. The misuse of the computer may involve the forgery of computer signatures such as authorizing codes; the creation of false accounts payable to disburse cheques; improper use of personal information; the creation of "virus" or "rogue" programmes which interfere in software operations and destroy data. All of these crimes include programming the erasure of any evidence of the computer crime perpetrated. Probably the fastest growing category of computer related crime is that involving electronic fund transfer systems. The most significant types of computer crime were: arson, sabotage and malicious damage of computer installations; system penetration, or "hacking"; unauthorized use of computer time; thefts of assets, including software; embezzlement of funds; defrauding of consumers and investors; and destruction or alteration of data (including college transcripts and diplomas) and software. The motive is usually personal financial gain, anger or revenge but another significant impetus is 'the intellectual challenge' associated with computer crime.
The absence of, or inadequate provision for, documentation and access controls for computer installations, facilitates computer crime. Unauthorized access to software and hardware is almost exclusively the means of crime perpetration. With authorized access, but with criminal collusion, two or more persons may commit crimes unnoticed, until financial audits, inventories, and computer operation system checks uncover the fraud or misuse. In the case of theft of intangible properties such as computer-stored patents of engineering, chemical or other designs, processes, or marketing and strategic data, the crime is exposed, if at all, by inferences drawn from the activities, products or knowledge shown by competitors.
Studies in the USA indicate that about one-third of such crimes were committed by staff or consultant data-processing personnel, almost exclusively below management level; but the bulk were committed by non-data-processing personnel with normal, job-related access to computers. A recent USA study has concluded that computer-related crime now rivals white collar crime in cost and seriousness. The report was based on a survey of 283 corporations and government agencies and among the conclusions were the following: about 48% of those surveyed reported some form of computer crime during 1983 with total annual losses estimated to be $145 million to $730 million. More recent estimates based on actual reported crime place losses in the USA at $3 billion per annum. An Australian computer expert has estimated that there were about 4000 computer-related frauds over the period 1975-1983. Pranksters in Canada in the past have re-routed the entire delivery system for Pepsi-cola; in 1971 the New York-Penn Central Railroad Company discovered 200 of its box-cars had been re-routed and ended up near Chicago and another 200 cars were found to be missing. In New Jersey seven young people, all under 18 years, were charge with conspiring to use their home computers for exchanging stolen credit card numbers, information on how to make free phone calls, and to call coded phone numbers in the Pentagon. They were found with codes capable of changing the position of communication satellites. One youngster had run up a large phone bill at home and when berated by his parents, he proceeded to break into the phone billing system and cancelled the charge.
Few computer crimes are actually reported. In the US is required by law to report computer crimes; many commentators agree that only about 15% of computer-related crimes are actually reported. The Australian Computer Abuse Research Bureau argues that only one in 20 cases of the $2 million or so worth of computer-related offences in Australia during 1980 was in fact reported. The reasons given are that there is not much faith in the legal system and its ability to prosecute a case of computer crime successfully; that companies fear that to declare publicly that their system has been breached and that their assets are not as secure as once thought will cause a flight of capital in shareholder's funds and deposits; and that there is a reluctance to expose the company's records and systems to public scrutiny and competitors.
In the UK in 1989, it was estimated that the cost to industry of computer-based crime was over £400 million per year. The average annual incidence was 9 incidents per 100 companies (rising in some cases to 1 in 2), costing on average £46,000 per incident. Other estimates put the cost of computer crime as high as £2 billion per year. The most vulnerable sector is the communications industry in which there were 192 incidents per 100 companies. Fraudulent input of information, notably on payroll systems, accounted for 4.1 million pounds of losses.