Razors and Baby Formula?
Ever wonder why razors and baby formula and other random items are locked in cases in stores? What makes some items more valuable than others? Is it the price of the item? Is it because it is dangerous? It may not be what you think. Yes, certain items tend to be stolen more often than others – especially razors and baby formula – but it is the amounts and what happens afterwards that may be surprising. Would you be able to spot $2,000 of baby formula as it walked out of a store? Or an entire shelf of razors all at once? It seems like it would be obvious, but it is happening every day at major retail stores across the country.
A Public/Private Partnership
Enter the Cook County Regional Organized Crime (CCROC) Task Force, which was founded in 2010 to combat this type of theft colloquially dubbed "boosting". Boosters steal large quantities of desirable items such as alcohol, cologne, razors and baby formula. Even more important to CCROC is stopping what comes after the boost: organized crime. Those stolen razors and baby formula more often than not become part of organized crime via a "fence", which is an operation, either a brick-and-mortar store or online e-fence, that resells the merchandise for pennies on the dollar. CCROC is a nonprofit association (501c4) that is made up of law enforcement personnel (federal, state and local) and corporate retail partners (more than 200) whose goal is to "more efficiently and effectively prevent, investigate and prosecute these criminals."
Historically, communication among law enforcement and retailers, and retailers to each other, would be limited and reactive. With CCROC, retailers are talking to each other and to law enforcement proactively and regularly; this is crucial to putting a stop to boosting and fencing operations. Technology is the enabler in this case, for example: records management systems (RMS) keep track of incidents/offenders and help to identify patterns, video accelerates identification and apprehension of offender(s), solidifies successful prosecution and increases officer/retail investigator safety to name a few. Additional solutions for CCROC and similar organizations (there are more than 20 in the United States) include Real-Time Crime Center (RTCC), Automatic License Plate Reader (ALPR) and two-way radios.
Why should we care?
Per the National Retail Foundation (NRF), organized retail crime costs retailers $15-30 billion dollars a year. Yes – billions – which in the end equates to price increases for consumers. In addition, taxes are not being paid, which is a loss to that community. Most of the fencing operations attract gang members and drug users, thereby making the neighborhood less safe and more prone to crime, including violent crime. Many fences have been linked to sending money overseas to fund terrorism. So this isn’t just a law enforcement problem or a retailer’s problem; it affects residents and consumers alike.
Motorola Solutions is lending its public safety and retail expertise to help combat this growing problem – read more here in this solution brief: Police and Retailers Join Forces to Fight Organized Retail Theft, and stay tuned for more on our Organized Retail Crime (ORC) solutions.
Karen Bartuch has been in law enforcement since 2002 and still works part-time for a small county west of Chicago. She is the president and founder of the Women's Tactical Association, a charity that brings tactical training to female law enforcement. She joined Motorola Solutions in 2011 and is a Solution Sales Center of Excellence Team Leader.
Learn more about the Real-Time Crime Centers here.
Recently, the security firm ESET Ireland commissioned a study about how computer users react to antivirus warning messages on their computers. They compared the results of the survey with those from a similar survey conducted two years ago. The results showed decreasing responsiveness from users to virus warnings. For instance, the number of users who admitted to ignoring warnings to run a file or program increased a full 10 percent. This is a trend noted by multiple researchers.
Obviously, to the information security community, this is alarming and frustrating. However, we’re also partially responsible. The news is filled with sensational stories about hacking and malware. People are tired of hearing about threats that don’t appear to affect them, so they’re paying less attention. UC Berkeley termed this phenomenon “warning fatigue”. Part of the problem are common misconceptions about what modern malware is and isn’t.
Malware today exists for several general purposes:
Many people still expect a virus to cause a noticeable disruption on their computer. For most of the purposes above, it’s smarter for the author of the malware to make it invisible. Like a disease, malware will spread and survive more effectively if there aren’t any symptoms. Malware writers go to a lot of work to conceal their creations. This means there’s a constant “cat and mouse” game between the bad guys and the antivirus companies. It also means that many people believe they have a virus when their computers malfunction, but few believe it when they see no visible impact.
Another common misconception is that malware is primarily written by bored kids or disgruntled employees. Computer crime is a billion-dollar criminal enterprise, which rivals any other organized crime organization. Some of the brightest computer science minds are employed by these organizations to write sophisticated viruses, often because they have no better employment prospects. Nation states purportedly now use malware like any other espionage tool. Hacktivist groups use malware to accomplish complex social and political agendas.
The last misconception I’d like to touch on is those people who are positive their computers are not infected because they’re using antivirus. As we’ve discussed, there is a lot of money to be made in infecting computers. This means that finding new ways to evade the security of operating systems, antivirus, and software is also worth a lot of money. Applying updates on a regular basis, installing antivirus, and following good computer security practices decreases the risk of an infection significantly. Unfortunately, it does not completely eliminate the risk. Even experienced IT professionals should still be paying attention to the messages their security software provides.
Malware continues to flourish in part because there continue to be vulnerable systems and complacent users. This means millions of credit card numbers and passwords stolen each year, billions of spam messages, and continual distributed attacks against websites. Instead of panicking about this, we should be routinely vigilant. Every computer user and organization has a reason to install and update antivirus. Any person’s computer can be infected, and antivirus warning messages should always be taken seriously.
Lesley Carhart is a Senior Information Security Specialist in the Motorola Solutions Security Operations Center. She has 13 years of experience in information technology, including computer networking and tactical communications. For the past five years, she has focused on security, specializing in digital forensics.
Read past blogs by Lesley Carhart here, including:
Secure Yourself, Your Family and Your Organization by Securing Your Photos
What’s Your Pa$$word? Secure Your Organization by Securing Your Accounts
Secure Your Organization by Securing Yourself: Beware the Removable Device
Secure Your Organization by Securing Yourself on Social Networks
Log Monitoring and Cyberthreat Detection