OUMH1203

FAKULTI PENDIDIKAN DAN BAHASA

SEMESTER SEPTEMBER / TAHUN 2011

KOD KURSUS: OUMH1203

ENGLISH FOR WRITTEN COMMUNICATION

NO. MATRIKULASI : 731012035411001

NO. KAD PENGNEALAN : 731012035411

NO. TELEFON : 0173785514

E-MEL : fendi_683@yahoo.com

PUSAT PEMBELAJARAN : PPW SHAH ALAM

OUMH1203

TABLE OF CONTENT

Content Page

1.0 INTRODUCTION 1

2.0 CONTENT 2

2.1` Clasification of Cyber Crimes 2

A. Against Individuals 2

B. Against Property 3

C. Against Organisation 3

D. Against Society 4

2.2 Comparison of Cyber Crimes in Malaysia and USA 4

2.3 Suggestions 7

3.0 CONCLUSION 9

REFERENCE

ii

OUMH1203

1. INTRODUCTION

Today an increasing number of companies are connecting to the Internet to support

sales activities or to provide their employees and customers with faster information and

services. The virtual world has taken over the real one, E-business and E-commerce, which

are the new mantras and electronic transactions and dominate the overall business paradigm.

In this rapidly evolving e-world that depends on free flowing information, security is the

major problem to be considered.

The fast-paced development of information and communication technologies in the

world during the last fifty years has led to a thriving online community. This community

exists in a place called cyberspace and are known collectively as netizens. Netizens are

encouraged by cyberspace’s architecture to communicate, trade and to commit crimes in

ways that are different from the tangible world. Also, free speech is encouraged to flourish

and anybody could publish statements and/or information online.

This architecture also provides an environment that is conducive for the perpetrators

ofcyber crimes to mask their identity and to commit such crimes with ease. Governments of

countries, including the Malaysian government has voiced concerns over such crimes in the

Internet and in any online environment. Niser, the National ICT Security and Emergency

Response Centre of Malaysia (‘Niser’) had reported online on 14th March 2005 that:

“INFORMATION and communications technology (ICT) networks and systems in the Government are facing a serious threat of cyber attacks. So far this year, a whopping 100 million intrusion attempts have been detected by the Government Computer Emergency Response Team, a special team established by Malaysian Administrative Modernisation and Management Planning Unit (Mampu) to address ICT security incidences in the public sector.”

Cyber crimes, refers to any crime that involves a computer and a network. The

computer may have been used in the commission of a crime, or it may be the target. Net

crime refers to criminal exploitation of the Internet. Such crimes may threaten a nation’s

security and financial health. Issues surrounding this type of crime have become high-profile,

particularly those surrounding cracking, copyright infringement, child pornography, and child

grooming. There are also problems of privacy when confidential information is lost or

intercepted, lawfully or otherwise.

1

OUMH1203

2. CONTENT

2.1 CLASSIFICATION OF CYBER CRIMES

What is this Cyber crime? We read about it in newspapers very often. Let's look at the

dictionary definition of Cyber crime: "It is a criminal activity committed on the internet. This

is a broad term that describes everything from electronic cracking to denial of service attacks

that cause electronic commerce sites to lose money". Mr. Pavan Duggal, who is the President

of www.cyberlaws.net and consultant, in a report has clearly defined the various categories

and types of cyber crimes.

It can be classified in to 4 major categories as

(A) Cyber crime Against Individual

(B) Cyber crime Against Property

(C) Cyber crime Against Organization

(D) Cyber crime Against Society

(A) Against Individuals

(i) Email spoofing :

A spoofed email is one in which e-mail header is forged so that mail appears to

originate from one source but actually has been sent from another source

(ii) Spamming :

Spamming means sending multiple copies of unsolicited mails or mass e-mails such

as chain letters.

(iii) Cyber Defamation :

This occurs when defamation takes place with the help of computers and / or the

Internet. E.g. someone publishes defamatory matter about someone on a website or

sends e-mails containing defamatory information.

(iv) Harassment & Cyber stalking :

Cyber Stalking Means following the moves of an individual's activity over internet. It

can be done with the help of many protocols available such at e- mail, chat rooms,

user net groups.

2

OUMH1203

(B) Against Property:

(i) Credit Card Fraud

(ii) Intellectual Property crimes : These include Software piracy: illegal copying of programs, distribution of copies of software. Copyright infringement: Trademarks violations: Theft of computer source code: (iii) Internet time theft :the usage of the Internet hours by an unauthorized person which is actually paid by another person.

(C) Against Organisation

(i) Unauthorized Accessing of Computer:

Accessing the computer/network without permission from the owner. it can be of 2

forms:

a) Changing/deleting data: Unauthorized changing of data.

b) Computer voyeur: The criminal reads or copies confidential or proprietary

information, but the data is neither deleted nor changed.

(ii) Denial Of Service :

When Internet server is flooded with continuous bogus requests so as to denying

legitimate users to use the server or to crash the server.

(iii) Virus attack :

A computer virus is a computer program that can infect other computer programs by

modifying them in such a way as to include a (possibly evolved) copy of it. Viruses

can be file infecting or affecting boot sector of the computer. Worms, unlike viruses

do not need the host to attach themselves to.

(iv) Email Bombing :

Sending large numbers of mails to the individual or company or mail servers thereby

ultimately resulting into crashing.

(v) Logic Bomb :

Its an event dependent programme , as soon as the designated event occurs, it crashes

the computer, release a virus or any other harmful possibilities.

(vi) Trojan Horse :

an unauthorized program which functions from inside what seems to be an authorized

program, thereby concealing what it is actually doing.

3

OUMH1203

(vii) Data diddling :

This kind of an attack involves altering raw data just before it is processed by a

computer and then changing it back after the processing is completed.

(D) Against Society

(i) Forgery : currency notes, revenue stamps, mark sheets etc can be forged using

computers and high quality scanners and printers.

(ii) Cyber Terrorism : Use of computer resources to intimidate or coerce others.

(iii) Web Jacking : Hackers gain access and control over the website of another, even

they change the content of website for fulfilling political objective or for money.

2.2 COMPARISON OF CYBER CRIMES IN MALAYSIA AND USA

Computer crimes are often heard a lot about in the news. When you ask someone

why he/she robbed banks, they world replied, "Because that's where the money

is." Today's criminals have learned where the money is. Instead of settling

for a few thousand dollars in a bank robbery, those with enough computer

knowledge can walk away from a computer crime with many millions. The National

Computer Crimes Squad estimates that between 85 and 97 percent of computer

crimes are not even detected. Fewer than 10 percent of all computer crimes are

reported this is mainly because organizations fear that their employees, clients,

and stockholders will lose faith in them if they admit that their computers have

been attacked. And few of the crimes that are reported are ever solved.

Statistics of cyber crimes in USA based on the FBI Internet Crime Complaint

Center’s 2009 report show that from January 1, 2009 through December 31, 2009, the

Internet Crime Complaint Center (IC3) Web site received 336,655 complaint submissions.

This was a 22.3% increase as compared to 2008. The total dollar loss from all referred cases

was $559.7 million with a median dollar loss of $575. This is up from $264.6 million in total

reported losses in 2008. Complaints received by IC3 cover many different fraud and non-

4

OUMH1203

fraud categories, including auction fraud, non-delivery of merchandise, credit card fraud,

computer intrusions, spam/unsolicited email, and child pornography.

The majority of reported perpetrators (65.4%) were from the United States. A number

of perpetrators were also in the United Kingdom, Nigeria, Canada, Malaysia, and Ghana.

Among complainants, 54% were male, nearly two-thirds were between the ages of 30 and 50,

and a little over one- third resided in one of the following states California, Florida, Texas

and New York.

In addition to FBI scams, popular scam trends for 2009 included:

1. hitman scams,

2. astrological reading frauds,  

3. economic scams,

4. job site scams,

5. fake pop-up ads for antivirus software.

In Malaysia, there has been an increase in cyber crimes in Malaysia over the last two

years. More than 3,500 of them reported in the first three months of this year. CyberSecurity

Malaysia chief operating officer Zahri Yunos said some 8,000 cases were reported last year

and attributed this to the growth in Internet usage and broadband penetration that now stood

at 55%. The cases have increased exponentially.

"In the first quarter of this year, our Cyber999 security incident help centre handled

3,563 cases, of which 36% or 1,273 cases were related to online fraud, which

included phishing and identity theft. "Phishing sites targeting local banks have also

increased, with 400 sites detected for the first quarter of this year compared to 900

last year.

"While the numbers are worrying, we are also happy to see that the public are

notifying us when they come across such fraudulent websites or e-mail,"

5

OUMH1203

In fact, compare to USA, there are not many laws governing the cyberscape in

Malaysia. Since 1997, some of the cyber laws that have been passed by our Parliament

include:

1. the Digital Signature Act 1997,

Secures electronic communications especially on the Internet. Digital Signature is an identity verification standard that uses encryption

techniques to protect against e-mail forgery. The encrypted code consists of the user’s name and a hash of all the parts of the message.

By attaching the digital signature, one can ensure that nobody can eavesdrop, intercept or temper with transmitted data.

2. the Computer Crimes Act 1997,

Gives protection against the misuses of computers and computer criminal activities such as unauthorized use of programmers, illegal transmission of data or messages over computers and hacking and cracking of computer systems and networks.

By implementing the Computer Crimes Act 1997, users can protect their rights to privacy and build trust in the computer system. At the same time, the government can have control at a certain level over cyberspace to reduce cyber crime activities.

3. the Telemedicine Act 1997,

Ensures that only qualified medical practitioners can practice telemedicine and that their patient's rights and interests are protected.

These act provides the future development and delivery of healthcare in Malaysia.

4. the Communications and Multimedia Act 1998,

Ensures that only qualified medical practitioners can practice telemedicine and that their patient's rights and interests are protected.

These act provides the future development and delivery of healthcare in Malaysia.

For examples, attackers who target computers and computer systems commit these

offences. Examples of such crimes are Denial of Service Attacks, cracking and unleashing of

viruses, Trojans and Worms into computers and/or computer systems. The Computer

Crimes Act 1997 (‘CCA’) was enacted in Malaysia to deal with computer crimes. The

relevant sections that are applicable to the identified crimes above are, inter alia:6

OUMH1203

i) S3. CCA, Unauthorised access to computer material, wherein this section prohibits

hacking and cracking activities; and

ii) S.5 CCA, Unauthorised modification of the contents of any computer, wherein this

section prohibits viruses and Trojans from infecting computers

2.3 SUGGESTIONS

From the above discussion and justification, it is obvious that there is a hole in the

cyber law implementation to combat cyber crime. In the authors point of view with strong

case showed in this paper, the hole is come from or because of the un-uniformity of cyber law

in all countries in the world. The suggestions are:

International Cybercrime laws

The Council of Europe had in late 2001 adopted its Convention on Cybercrime Treaty

(‘the Treaty’). This treaty was signed by 30 of the Council of Europe members and 4 partner

countries that include the United States of America, Canada, Japan and South Africa. This

treaty provides for domestic procedural laws to investigate computer crimes and calls for

international cooperation in investigating computer crimes. The effect of the Treaty is that

any of its member country is to standardize its domestic laws to its requirements.

Given the fact that the Treaty originated from the Council of Europe, such

requirements in the Treaty may not be suitable to be implemented in countries that do not

have similar legal systems and legal cultures. It is suggested that perhaps the rest of the

countries in the world should co-operate through the United Nations to develop a treaty that

provide all if not most of the solutions that crime enforcers face today when fighting

cybercrimes. Such laws should be the minimum standard to be adopted by member countries,

wherein the jurisdictional issues as stated in paragraph 4.1 above should be addressed.

More laws and codes to be amended

The current laws and codes in Malaysia are to be amended. As was pointed out in

paragraph 4.2 above, there are indeed loopholes in the Malaysian legal landscape that have to

be addressed. It is suggested that Malaysia’s amendments must take into account that its laws

concerning technology are to be technology neutral. This is because of the fact that

7

OUMH1203

technology is fast evolving in the on-line world. Hence, the best way forward is not to

entrench technology into the law but to entrench rules in cyberspace to protect Malaysians.

A good guide in evidence preservation

It is suggested that the Royal Malaysian Police and any other investigative body in

Malaysia are to have a complete and comprehensive guide as to the preservation of evidence

from digital crimes. At the moment, it is noted that S.90A of the Evidence Act of 1950

provides for the admission of documents. The effect of this section is that any document

printed by a computer is admissible in court, provided that the computer produces the

document in its ordinary use.

To prove that the document was issued by the computer in its ordinary use, a person

who is responsible for the management of the operation of that computer, or for the conduct

of the activities for which that computer was used, is to issue a certificate stating that the

document was indeed produced by the computer in its ordinary use. It is submitted that at the

moment with the prevalence of worms, viruses and Trojans,

such a certificate may not be enough. Perhaps an additional certificate is required from a

qualified computer specialist to certify that the computer was not tampered with or affected

by any malicious codes.

The public should be guided and educated

Educational and informative materials are to be supplied to the pubic to be made

aware of risk of the different types of cybercrimes and the different protection technologies

that are available to combat against the same. Over and above that, the public should be

encouraged to develope homegrown security technologies that are in compliance with

international standards, such as the ISO/IEC17799:2000 for Information Security

management and the British Standards Industries (BSI) BS7799-2:002 for data protection.

Both these standards are being promoted by Niser and SIRIM QAS International Sdn. Bhd. (a

subsidiary of SIRIM Berhad) in Malaysia to enhance security in the ICT sector.

3 CONCLUSION

8

OUMH1203

In conclusion, Malaysia, in its bid to be technologically advanced has put into place

its various national Information Communication and Technology (ICT) projects such as the

Multimedia Super Corridor and the various technology parks to promote the use and

development of ICT. Such promotion will result in a widespread use of the Internet and the

Internet culture. It is submitted that Malaysia must have up-to-date laws to effectively deal

with the cybercrimes that comes along with the Internet. To this end, Malaysia must

constantly check and conduct measurements to determine the use utility of its current laws to

combat cybercrime. One cannot deny that the online environment cannot and will never be

rid of cybercrimes due to the Internet’s unique architecture.

Perhaps in future, maybe one law (universal jurisdiction) for cyber crime to all

countries around the world will be implemented. This is not a fantasy and impractical

approach because from the above discussion, the possibilities to have one law named as

‘International Cyber Law’ (name can be anything) can be done. Cyber crime has and always

be in trans-national or borderless approach, why the cyber law can not be so? The authors

didn’t say to uniform all law but only cyber law.

Cyber activities are very special because of its nature that are invisible transaction,

fastest way of communication, cross-border, parties’ identity involved in communication can

not be guaranteed (as cases like phishing attack), interception and interruption can be made

available in the middle, many fraud and threats activities can be done and less protection of

any data when left any organizations’ router (people cannot confirm their data 100% save).

From the nature of cyber space activities, it is logical to have one law that can

represent all countries on cyber crime offences. The main reason to have this is because cyber

crime can be affected cross-over many countries in one attack committed in just a few second

in front of a computer on a hinterland. Cyber crime isn’t similar to traditional crime using

traditional weaponry (knife, hand gun etc.) where the criminal usually committed crime in a

country without affected another country. Up to this point, the only way to combat cyber

crime in the future is by having one universal jurisdiction for cyber law. If the fast growing

technology in cyber space being considered, the need for one law for the future trends is a

must.

4 REFERENCES

9

OUMH1203

A.J Surin (2009). To catch a cuber criminal. Retrieved October 11, 2011 from

http://www.crime-research.org/library/Cybercriminal.html

Classification of cyber crime. (n.d). Retrieved October 9, 2011 from

http://www.reportcybercrime.com/classification.php

Computer crime. (n.d)). Retrieved October 9, 2011 from

http://en.wikipedia.org/wiki/Computer_crime

Cyber crime. (2001). Retrived October 10. 2011 from

http://www.malaysianbar.org.my/press_statements/cyber_crimes.html

Cyber crime in Malaysia (2007). Retrieved Ovtober 11, 2011 from

http://muststopthis.blogspot.com/2007/07/cyber-crime-in-malaysia-what-you-

dont.html

Cyber Law. (2009). Retrieved October 10. 2011 from http://smkts.net/czul/426cyberlaw.html

Cyber security Malaysia. Retrieved October 12, 2011 fr

http://www.cybersecurity.my/en/media_centre/media_faqs/media_faqs/main/detail/

Manik Saini. (n.d). Computer crime. Retrieved October 12, 2011n from

http://www.dreamessays.com/customessays/Information%20Technology/13599.htm

More than 4,000 cybercrime cases reported in Malaysia within two years. (2009). Retrieved

October 11, 2011 from http://sanooaung.wordpress.com/2009/01/17/more-than-4000-

cybercrime-cases-reported-in-malaysia-within-two-years/

Parthasarathi Pati. (n.d) , Cyber crimes. Retrieved October 12, 2011 from

http://www.naavi.org/pati/pati_cybercrimes_dec03.htm

10

OUMH1203

11