Page 470

information about a new GM vehicle to be sold in Europe and a top-secret experimental car were seized at an apartment used by a former GM executive who had since joined Volkswagen.2 Cryptography for authentication that created an audit trail might have helped to identify the former executive sooner.

• Insiders at the First National Bank of Chicago transferred $70 million in bogus transactions out of client accounts.  One transaction exceeded permissible limits, but the insiders managed to intercept the telephone request for manual authorization.3 Cryptography for authentication might have helped to deny access of the insiders to the telephone request for authorization.

• A Dutch bank employee made two bogus computer-based transfers to a Swiss account, for $8.4 million and $6.7 million, in 1987. Each transfer required the password of two different people for authorization; however, the employee knew someone else's password as well as his own.4 Cryptography for authentication might have hindered the ability of a single individual to pretend that he was the second employee.

• The First Interstate Bank of California received a bogus request to transfer $70 million over the automated clearinghouse network. The request came via computer tape, accompanied by phony authorization forms, and was detected and canceled only because it overdrew the debited account.5 Cryptography for authentication might have demonstrated that the authorization was invalid.

• Forty-five Los Angeles police officers were cited from 1989 to 1992 for using department computers to run background checks for personal reasons.6 Cryptography for authentication might have been part of an audit trail that would have reduced the likelihood of abusing the department's computer system.

J.2 RISKS ADDRESSED BY CRYPTOGRAPHY FOR CONFIDENTIALITY

• According to unclassified sources, a foreign intelligence service conducted signal intelligence (SIGINT) operations against a major U.S. airplane manufacturer, intercepting telemetry data transmitted from an airplane under development during a particular set of flight tests and a

2 See Frank Swoboda and Rick Atkinson, "Lopez Said to Order GM Papers; Volkswagen Denies Receiving Documents," Washington Post, July 23, 1993.

3 See Peter G. Neumann, Computer-Related Risks, Addison-Wesley, Reading, Mass., 1995, p. 166.

4 Neumann, Computer-Related Risks, 1995, p. 168.

5 Neumann, Computer-Related Risks, 1995, p. 167.

6 Neumann, Computer-Related Risks, 1995, p. 184.



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement