CYBER CRIMES IN MALAYSIA AND U.S.A: WHAT SHOULD WE DO IN MALAYSIA?

Hackers disrupt 51 Malaysian government websites

Reuters | Thu Jun 16, 2011

Woman loses RM315,000 to Facebook friend .

Borneo Post | Wed, Oct 19, 2011

1.0 Introduction Nowadays, communications made easy with technologies. All we need is a computer with network and just by seconds, we can communicate with people in any part of the world. However, this information technology era makes it easier to commit cyber crime. Spam, phishing, computer viruses and online fraud are some of the cyber crimes committed.

According to Wikipedia, cyber crime, also known as computer crime, refers to any crimes that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Free Encyclopedia for Commerce stated that computer crime includes traditional criminal acts committed with a computer as well as new offences that lack any parallels with non-computer crimes. It also stated a definition from the U.S. Deparment of Justice (DOJ) which defines computer crime as any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or prosecution. Meanwhile, Parthasarathi (2011) says that computer crime is unlawful acts wherein the computer is either a tool or target or both. TechTerms.com defined cyber crime as criminal activity done using computers and the Internet. CyberSecurity Malaysia, an agency under Ministry of Science, Technology and Innovation (MOSTI) said that cyber crime comes under three categories. The first one is when information and communications technologies (ICT) systems and intellectual property become targets of exploitation, intrusion, identity and information theft, the second is when ICT devices are used as means to commit crimes and the third and last one is where the ICT devices are used as mediums of committing crimes.

From all the definitions given, it is clear that for a cyber crime to be committed, it must use computer technology.

2.0 Content 2.1 Classification Of Cyber Crimes According to the Council of Europe Convention on Cybercrime, there are four different types of offences.(10) The first one is offences against the confidentiality, integrity and availability of computer data and systems. The second one is computerrelated offences. The third one is content-related offences and the last one is copyright-related offences.

2.1.1 Offences against the confidentiality, integrity and availability of computer data and systems The first classification of cyber crimes is offences against the confidentiality, integrity and availability of computer data and systems. There are a few offences committed under this category. The first one is illegal access i.e. hacking. According to Computer Crime Research Centre, (11) hacking is unauthorized use of computer and network resources. Examples of hacking offences include breaking the password of password-protected websites and circumventing password protection on a computer. They do this by using faulty hardware or software implementation to illegally obtain a password to enter a computer system, setting up spoofing websites to make users disclose their passwords and installing hardware and software based keylogging methods that record every keystroke and consequently any passwords used on the computer and/or device. p.23 The second offence under this category is data espionage. This is a crime where a person obtaining information that is considered secret or confidential without the permission of the holder of the information (12). Now people can

use the Internet to obtain secret information from any parts of the world. They use techniques such as using software to scan for unprotected ports, using software to evade protection measures and social engineering. According to Wikipedia, social engineering is the art of manipulating people into performing actions or divulging confidential information(13). Phishing is one example of social engineering where people attempts to falsely acquire sensitive information by acting as a trustworthy person or business institution in a seemingly official electronic communication.p.26 Illegal interception is also fall in the first category. Communication or information between users can be intercepted by offenders thus using the information for their own advantages. Computer data can be changed by the offenders and cause a lot of financial damage. This is called data interference. The integrity of data can be violated by deleting, suppressing, altering and/or restricting access to them.p.29. Most common way to damage computer data is by using computer viruses. Besides data interference, the offenders can attack the computer system. With the booming Internet services available 24 hours, the computer systems are vulnerable to the attack of the offenders and destroy hardware thus causing great deal of lost.p.30 One of the examples is the case of cyber attack in August on Japans biggest defense contractor, Mitsubishi Heavy, which may have jeopardised data on military aircraft and other equipment. The companys network had been effected by several viruses including a Trojan horse that ordered the data to be sent somewhere outside the company.
2.1.2

Computer-related offences For this offence, it needed a computer to be committed. It is also divided into three categories. The first one is computer-related fraud, second category is computer-related forgery, phishing and identity theft and the last one is misuse of devices.

Online purchase is one of possible crime scene for computer-related forgery. Offenders either offer non-existent goods for sale or request buyers to pay prior to delivery or buying goods and asking for delivery without any intention to pay. Advance Fee Fraud is also a computer-related offence where offenders send emails asking for help to transfer a large amount of money to third party and will give a percentage if the recipient agrees using their personal account. The recipient has to transfer a small amount of money to validate their account to the offenders who will disappear after receiving the money. Unfortunately, there are thousands of victims replied to these kinds of emails which make quite a fortune for the offenders.

Offenders also manipulate digital documents and create a document that appears originate from a reliable institution, manipulate electronic images or altering text documents for their own advantages. There was a case in Korea where a woman, Shin Jeong-ah, forged her academic credentials and became the assistant professor of art at Dongguk University, chief curator at Sungkok Art Museum and joint artistic director of 2008 Guangju Biennale.

Identity theft is another computer-related offence where a person fraudulently obtaining and using others identity. Fara Fauzana, a radio announcer and one of popular Malaysian public figure, had been a victim of identity theft when her Twitter and Facebook account was hacked by Jar Jar Binks. Her fans were confused with her comments and status until later they learnt that those comments did not come from her. Her personal information and other celebrities were leaked to the public. She was forced to make a police report to avoid further damaged.

People also create new software tools that can simplify attacks, automated cyber-scams, carry out DoS attacks, design computer viruses, decrypt encrypted communication and illegally access computer systems. Sometimes it does not cost anything while other more sophisticated tools cost several

thousand dollars. These tools make it easier even for people with basic computer knowledge to commit cyber crime.
2.1.3

Content-related offences There are a wide variety of offences which related to content. Pornographic material, child pornography, racism, religious offences, illegal gambling and online games, libel and false information and spam threats are examples of content-related offences

Pornographic materials are widely distributed around the world with the help of Internet. It costs almost nothing or with a little payment. This offence depends on countries. Different countries have different views on what type of pornography is called an offence. Some countries allowed, excluding child pornography, for adults views only. It is hard to prevent access to these websites thus one of the causes for social problems in Malaysia.

Child pornography is totally prohibited and totally recognized as criminal acts. The 1989 United Nations Convention on the Rights of the Child, the 2003 European Union Council Framework Decision on combating the sexual exploitation of children and child pornography and the 2007 Council of Europe Convention on the Protection of Children against Sexual Exploitation and Sexual Abuse are the initiatives by international organizations to combat against child pornography. However, children pornography industry become bigger and highly profitable as it is hard to deter the perpetrators who use the Internet to get and exchange pictures or movies depicting children in sexual context.

The Internet is also a medium to spread propaganda. Websites promoting racial hatred, violence and xenophobia racist content and hate speech has risen up. Some countries allow this while others are against it. The same goes for religious offences. Some countries allow defamation of religions or

publication of cartoons under the freedom of speech principle while other countries find them very offensive. Such example is the publication of Holy Prophet cartoon by a Danish newspaper in 2005 had evoke anger from the Muslims around the world.

Illegal gambling is another content-related offence. Online casino can be used in money-laundering and activities financing terrorism. It is hard for law enforcement to determine the origin of funds if the offender use online casinos that do not keep records or are located in countries without money-laundering legislation.

The Internet can be used to give false information. For example, there are many publications on the Internet publish by the users without identification requirements. The validity of the information cannot be confirmed and maybe widely used by others thus spreading false or erroneous information.

Spam also a content-related offence. Nowadays, most email providers have installed anti-spam filter technologies. Even though the spam filter technology continues to develop, spammers still find ways to distribute them.

2.1.4

Copyright-related offences Digitalisation era has brought new copyright violations. Files, software, movies and songs are easily copied from the original without loss of quality. It is the main reason why sale of music album or original video compact disk (VCD) in Malaysia give little profit to the producer. Pirated VCDs are sold with significantly lower price than the original thus become the choice of the public.

File sharing systems permits the exchange of files between many users. Peerto-Peer (P2P) technologies such as BitTorrent allows users to download music, files, software and movies for free or minimum cost. The other

alternative for file sharing is file hosting websites. Mediafire and Megaupload are some of the file hosting web pages that are available in the Internet. They allow sharing of big files with minimum cost. Last June, hackers attacked Malaysian governments websites as a protest against Malaysias decision to block file sharing websites.

3.0

References. 1. http://ecommerce.hostip.info/pages/237/Computer-Crime-DEFINITIONS.html retrieved on 18. 10.2011 2.

http://www.naavi.org/pati/pati_cybercrimes_dec03.htm

3. http://www.techterms.com/definition/cybercrime 20.10.2011 4. http://www.cybersecurity.my/en/media_centre/media_faqs/media_faqs/main/detail/1691/ind ex.html 20.10.2011 5. http://www.reportcybercrime.com/classification.php 23.10.2011 6. www.cycris.nl/uploads/CyCriS-versie075-071205.pdf 23.10.2011 7. www.swdsi.org/swdsi2010/SW2010_Preceedings/papers/PA168.pdf 23.10.2011 8. www.germanlawjournal.com/.../PDF_Vol_11_No_06_609-632_RM... 23.10.2011 9. higheredbcs.wiley.com/legacy/college/tavani/0471249661/.../ch07.p... 10. http://www.itu.int/osg/csd/cybersecurity/gca/global_strategic_report/index.html. 21.10.2011 11. http://www.crime-research.org/news/05.05.2004/241/ 25.10.2011 12. https://sites.google.com/site/cpaonlinenow/cpa-question-of-the-day/whatisdataespionage 26.10.2011 13. http://www.computerweekly.com/Articles/2011/10/25/248255/Japanese-Defence-Ministryraises-concerns-about-cyber-breach-at-Mitsubishi.htm 26.10.2011 14. http://en.wikipedia.org/wiki/Social_engineering_(security)#cite_note-0 26.10.2011 15. http://en.wikipedia.org/wiki/Shin_Jeong-ah 2.11.2011 16. http://english.chosun.com/site/data/html_dir/2011/01/18/2011011800266.html 17. http://www.freemalaysiatoday.com/2011/06/16/hackers-make-good-on-threat-to-cripple-govtwebsites/ 02.11.2011 18. http://www.hmetro.com.my/articles/FarahFauzanamangsagodam/Article/ 2.11.2011 19. http://www.bbc.co.uk/news/world-asia-pacific-13788817 2.11.2011 20.