Surveying the Data Diddlers

By Philip Elmer-DeWitt

A brokerage-firm margin clerk sitting at a keyboard in Denver changes a few letters on a computer screen and magically transforms 1,700 shares of Loren Industries stock worth $1.50 each into the same number of Long Island Lighting shares selling for more than ten times that price. A keyboard operator processing orders at an Oakland department store changes some delivery addresses and diverts several thousand dollars' worth of store goods into the hands of accomplices. A ticket clerk at the Arizona Veterans' Memorial Coliseum issues full-price basketball tickets, sells them and then, tapping out codes on her computer keyboard, records the transactions as half-price sales.

These are among the cases brought to light in a new study released last week by the National Center for Computer Crime Data, a Los Angeles research firm. The results of the survey, the first comprehensive study of people who have been prosecuted under computer-crime laws, suggest that although teenagers like the members of Milwaukee's widely heralded "414" gang are a real annoyance, the most serious losses are caused by electronic miscreants who are a good deal older and not half so clever. "Generally, these are unsophisticated crimes," says the center's director, Jay BloomBecker. "The myth that computer crime is this romantic activity done by geniuses and involving millions of dollars is just that--a myth."

One of the more surprising results of the survey is how few cases it turned up. Canvassing 130 prosecutors' offices in 38 states, BloomBecker was able to uncover only 75 computer crimes. This suggests either that the problem is grossly exaggerated or that victims are not reporting incidents that, if publicized, might expose the vulnerability of their computer systems. Moreover, many of the so-called computer criminals, like the Oakland subway riders accused of using folded $5 bills to coax free Bay Area Rapid Transit tickets from computerized coupon dispensers, had only the most rudimentary knowledge of the machines they manipulated.

Most misdeeds boiled down to what Donn Parker, a computer-crime watcher at SRI International, calls "data diddling"--entering false numbers at a keyboard. To pay for his wife's drug purchases, for example, a programmer at a savings and loan company in Los Angeles transferred $5,000 into his personal account and tried to cover up the switch with phony debit and credit transactions. The error was picked up in a routine bank audit. Among the 15 programmers and ten students nabbed, the offenses committed most often were thefts of software and telecommunications services. The rest of the crimes were scattered among a rogues' gallery of electronic lowlife that included seven bank tellers, five unskilled laborers, two computer-company executives, a TV reporter and a former Los Angeles County deputy sheriff.

A case gleaned from the prosecutors' files involved one of their own. Last August, Jefferson County (Colo.) District Attorney Nolan Brown was convicted of computer crime, forgery and abuse of public records in a ticket- fixing case. Hoping to reduce his automobile-insurance rates, Brown had asked a motor vehicle bureau employee to delete a pair of speeding tickets from the department's computer system. He was sentenced to five days in jail, fined $2,000, placed on four years' probation and ordered to perform 200 hours of community service. He also resigned. Thus Brown lost a $73,000-a-year job to save some $400 worth of insurance premiums, a clear signal that, at least for him, computer crime does not pay.

With reporting by Lawrence Mondi/New York