I've spent 32 years at the FBI, and I've witnessed crime only got a lot easier to do. Obviously, there's a lot less threat of being caught. When I was caught, I was just a teenager, and they sent me to prison for five years. Today, I'd probably get probation and community service; I might get 18 months and serve six months in jail. So there really is no threat of going to prison to keep somebody in line.
I really think the more technology there is in the world, the more you have to instill character and ethics. You can build all the security systems in the world; you can build the most sophisticated technology, and all it takes is one weak link -- someone who operates that technology -- to bring it all down. People don't like to talk about that issue, because they think it's over-simplified. But the fact is, in all my experience, that's where the problem lies. Until that changes, crime is always going to be with us.
Any thoughts on how we can bring that change about?
I think you need to bring character and ethics back into schools, and you certainly need to bring it back into colleges and universities as part of a curriculum. Only about half of Fortune 500 companies even have a code of ethics or code of conduct. The ones that do have one publish it every five years on an inside page of their annual report to appease their shareholders. So, obviously, there's no big effort out there to bring about that change. Rutgers just finished a five-year study that found that 56% of MBA students cheated.
There are really no con men anymore like there were in my day, because you really don't have to associate with anyone. You don't have to be well dressed and well groomed and well spoken. Everything's done on a computer; there are no witnesses. So even if you know who's doing it, you probably don't have the ability to go capture them. Chances are you have no idea what they look like; they can sit in their pajamas and commit all these crimes.
As someone who has had a lot of experience with the law-enforcement authorities in other countries, how would you rate the effectiveness of international cooperation in the fight against computer crime?
It's getting a little better, but you're dealing with a lot of countries like China, Nigeria, Libya, Russia, where we really don't have that cooperation. Unless it's a huge dollar amount or some international incident, it's very difficult to get the authorities to do anything about it. The American authorities or Interpol talking to Beijing about doing something about a hacker somewhere in China is unlikely to bring about any law enforcement activity.
How are we doing domestically?
We have a lot of stupid laws. There's Check 21 [the Check Clearing for the 21st Century Act, which requires banks to accept paper documents with check images in place of original paper checks] -- the whole concept is ridiculous. Basically, what happens today is you give me a check for $2,500. I take the check and alter it to $25,000; I go to my bank and deposit it. My bank takes an image of it, which is a 600 dpi black-and-white copier image. It transmits that to your bank; they pay it, then they physically destroy the check. A month later, you reconcile and your auditor goes, "You wrote Abagnale a check for $2,500, obviously Abagnale has altered the check." So you sign an affidavit to your bank saying this is a forgery, the physical check has been altered. Under Check 21, they have to go back to the first bank of deposit, which is my bank. They tell my bank, "You have to give us some money back, this is a forged check, we have an affidavit from our client." Then, of course, the bank calls me and they say, "Computerworld said they gave you a check for $2,500 and you altered it to $25,000." I say, "They did? Do you have the check? No? Talk to you later." There is no evidence -- it's just absurd. There are a lot of stupid laws passed every day. I always say, criminals must have lobbyists in Washington.