Upload
kubelana
View
22
Download
0
Tags:
Embed Size (px)
DESCRIPTION
assingment
Citation preview
OUMH1203
FAKULTI PENDIDIKAN DAN BAHASA
SEMESTER SEPTEMBER / TAHUN 2011
KOD KURSUS: OUMH1203
ENGLISH FOR WRITTEN COMMUNICATION
NO. MATRIKULASI : 731012035411001
NO. KAD PENGNEALAN : 731012035411
NO. TELEFON : 0173785514
E-MEL : [email protected]
PUSAT PEMBELAJARAN : PPW SHAH ALAM
OUMH1203
TABLE OF CONTENT
Content Page
1.0 INTRODUCTION 1
2.0 CONTENT 2
2.1` Clasification of Cyber Crimes 2
A. Against Individuals 2
B. Against Property 3
C. Against Organisation 3
D. Against Society 4
2.2 Comparison of Cyber Crimes in Malaysia and USA 4
2.3 Suggestions 7
3.0 CONCLUSION 9
REFERENCE
ii
OUMH1203
1. INTRODUCTION
Today an increasing number of companies are connecting to the Internet to support
sales activities or to provide their employees and customers with faster information and
services. The virtual world has taken over the real one, E-business and E-commerce, which
are the new mantras and electronic transactions and dominate the overall business paradigm.
In this rapidly evolving e-world that depends on free flowing information, security is the
major problem to be considered.
The fast-paced development of information and communication technologies in the
world during the last fifty years has led to a thriving online community. This community
exists in a place called cyberspace and are known collectively as netizens. Netizens are
encouraged by cyberspace’s architecture to communicate, trade and to commit crimes in
ways that are different from the tangible world. Also, free speech is encouraged to flourish
and anybody could publish statements and/or information online.
This architecture also provides an environment that is conducive for the perpetrators
ofcyber crimes to mask their identity and to commit such crimes with ease. Governments of
countries, including the Malaysian government has voiced concerns over such crimes in the
Internet and in any online environment. Niser, the National ICT Security and Emergency
Response Centre of Malaysia (‘Niser’) had reported online on 14th March 2005 that:
“INFORMATION and communications technology (ICT) networks and systems in the Government are facing a serious threat of cyber attacks. So far this year, a whopping 100 million intrusion attempts have been detected by the Government Computer Emergency Response Team, a special team established by Malaysian Administrative Modernisation and Management Planning Unit (Mampu) to address ICT security incidences in the public sector.”
Cyber crimes, refers to any crime that involves a computer and a network. The
computer may have been used in the commission of a crime, or it may be the target. Net
crime refers to criminal exploitation of the Internet. Such crimes may threaten a nation’s
security and financial health. Issues surrounding this type of crime have become high-profile,
particularly those surrounding cracking, copyright infringement, child pornography, and child
grooming. There are also problems of privacy when confidential information is lost or
intercepted, lawfully or otherwise.
1
OUMH1203
2. CONTENT
2.1 CLASSIFICATION OF CYBER CRIMES
What is this Cyber crime? We read about it in newspapers very often. Let's look at the
dictionary definition of Cyber crime: "It is a criminal activity committed on the internet. This
is a broad term that describes everything from electronic cracking to denial of service attacks
that cause electronic commerce sites to lose money". Mr. Pavan Duggal, who is the President
of www.cyberlaws.net and consultant, in a report has clearly defined the various categories
and types of cyber crimes.
It can be classified in to 4 major categories as
(A) Cyber crime Against Individual
(B) Cyber crime Against Property
(C) Cyber crime Against Organization
(D) Cyber crime Against Society
(A) Against Individuals
(i) Email spoofing :
A spoofed email is one in which e-mail header is forged so that mail appears to
originate from one source but actually has been sent from another source
(ii) Spamming :
Spamming means sending multiple copies of unsolicited mails or mass e-mails such
as chain letters.
(iii) Cyber Defamation :
This occurs when defamation takes place with the help of computers and / or the
Internet. E.g. someone publishes defamatory matter about someone on a website or
sends e-mails containing defamatory information.
(iv) Harassment & Cyber stalking :
Cyber Stalking Means following the moves of an individual's activity over internet. It
can be done with the help of many protocols available such at e- mail, chat rooms,
user net groups.
2
OUMH1203
(B) Against Property:
(i) Credit Card Fraud
(ii) Intellectual Property crimes : These include Software piracy: illegal copying of programs, distribution of copies of software. Copyright infringement: Trademarks violations: Theft of computer source code: (iii) Internet time theft :the usage of the Internet hours by an unauthorized person which is actually paid by another person.
(C) Against Organisation
(i) Unauthorized Accessing of Computer:
Accessing the computer/network without permission from the owner. it can be of 2
forms:
a) Changing/deleting data: Unauthorized changing of data.
b) Computer voyeur: The criminal reads or copies confidential or proprietary
information, but the data is neither deleted nor changed.
(ii) Denial Of Service :
When Internet server is flooded with continuous bogus requests so as to denying
legitimate users to use the server or to crash the server.
(iii) Virus attack :
A computer virus is a computer program that can infect other computer programs by
modifying them in such a way as to include a (possibly evolved) copy of it. Viruses
can be file infecting or affecting boot sector of the computer. Worms, unlike viruses
do not need the host to attach themselves to.
(iv) Email Bombing :
Sending large numbers of mails to the individual or company or mail servers thereby
ultimately resulting into crashing.
(v) Logic Bomb :
Its an event dependent programme , as soon as the designated event occurs, it crashes
the computer, release a virus or any other harmful possibilities.
(vi) Trojan Horse :
an unauthorized program which functions from inside what seems to be an authorized
program, thereby concealing what it is actually doing.
3
OUMH1203
(vii) Data diddling :
This kind of an attack involves altering raw data just before it is processed by a
computer and then changing it back after the processing is completed.
(D) Against Society
(i) Forgery : currency notes, revenue stamps, mark sheets etc can be forged using
computers and high quality scanners and printers.
(ii) Cyber Terrorism : Use of computer resources to intimidate or coerce others.
(iii) Web Jacking : Hackers gain access and control over the website of another, even
they change the content of website for fulfilling political objective or for money.
2.2 COMPARISON OF CYBER CRIMES IN MALAYSIA AND USA
Computer crimes are often heard a lot about in the news. When you ask someone
why he/she robbed banks, they world replied, "Because that's where the money
is." Today's criminals have learned where the money is. Instead of settling
for a few thousand dollars in a bank robbery, those with enough computer
knowledge can walk away from a computer crime with many millions. The National
Computer Crimes Squad estimates that between 85 and 97 percent of computer
crimes are not even detected. Fewer than 10 percent of all computer crimes are
reported this is mainly because organizations fear that their employees, clients,
and stockholders will lose faith in them if they admit that their computers have
been attacked. And few of the crimes that are reported are ever solved.
Statistics of cyber crimes in USA based on the FBI Internet Crime Complaint
Center’s 2009 report show that from January 1, 2009 through December 31, 2009, the
Internet Crime Complaint Center (IC3) Web site received 336,655 complaint submissions.
This was a 22.3% increase as compared to 2008. The total dollar loss from all referred cases
was $559.7 million with a median dollar loss of $575. This is up from $264.6 million in total
reported losses in 2008. Complaints received by IC3 cover many different fraud and non-
4
OUMH1203
fraud categories, including auction fraud, non-delivery of merchandise, credit card fraud,
computer intrusions, spam/unsolicited email, and child pornography.
The majority of reported perpetrators (65.4%) were from the United States. A number
of perpetrators were also in the United Kingdom, Nigeria, Canada, Malaysia, and Ghana.
Among complainants, 54% were male, nearly two-thirds were between the ages of 30 and 50,
and a little over one- third resided in one of the following states California, Florida, Texas
and New York.
In addition to FBI scams, popular scam trends for 2009 included:
1. hitman scams,
2. astrological reading frauds,
3. economic scams,
4. job site scams,
5. fake pop-up ads for antivirus software.
In Malaysia, there has been an increase in cyber crimes in Malaysia over the last two
years. More than 3,500 of them reported in the first three months of this year. CyberSecurity
Malaysia chief operating officer Zahri Yunos said some 8,000 cases were reported last year
and attributed this to the growth in Internet usage and broadband penetration that now stood
at 55%. The cases have increased exponentially.
"In the first quarter of this year, our Cyber999 security incident help centre handled
3,563 cases, of which 36% or 1,273 cases were related to online fraud, which
included phishing and identity theft. "Phishing sites targeting local banks have also
increased, with 400 sites detected for the first quarter of this year compared to 900
last year.
"While the numbers are worrying, we are also happy to see that the public are
notifying us when they come across such fraudulent websites or e-mail,"
5
OUMH1203
In fact, compare to USA, there are not many laws governing the cyberscape in
Malaysia. Since 1997, some of the cyber laws that have been passed by our Parliament
include:
1. the Digital Signature Act 1997,
Secures electronic communications especially on the Internet. Digital Signature is an identity verification standard that uses encryption
techniques to protect against e-mail forgery. The encrypted code consists of the user’s name and a hash of all the parts of the message.
By attaching the digital signature, one can ensure that nobody can eavesdrop, intercept or temper with transmitted data.
2. the Computer Crimes Act 1997,
Gives protection against the misuses of computers and computer criminal activities such as unauthorized use of programmers, illegal transmission of data or messages over computers and hacking and cracking of computer systems and networks.
By implementing the Computer Crimes Act 1997, users can protect their rights to privacy and build trust in the computer system. At the same time, the government can have control at a certain level over cyberspace to reduce cyber crime activities.
3. the Telemedicine Act 1997,
Ensures that only qualified medical practitioners can practice telemedicine and that their patient's rights and interests are protected.
These act provides the future development and delivery of healthcare in Malaysia.
4. the Communications and Multimedia Act 1998,
Ensures that only qualified medical practitioners can practice telemedicine and that their patient's rights and interests are protected.
These act provides the future development and delivery of healthcare in Malaysia.
For examples, attackers who target computers and computer systems commit these
offences. Examples of such crimes are Denial of Service Attacks, cracking and unleashing of
viruses, Trojans and Worms into computers and/or computer systems. The Computer
Crimes Act 1997 (‘CCA’) was enacted in Malaysia to deal with computer crimes. The
relevant sections that are applicable to the identified crimes above are, inter alia:6
OUMH1203
i) S3. CCA, Unauthorised access to computer material, wherein this section prohibits
hacking and cracking activities; and
ii) S.5 CCA, Unauthorised modification of the contents of any computer, wherein this
section prohibits viruses and Trojans from infecting computers
2.3 SUGGESTIONS
From the above discussion and justification, it is obvious that there is a hole in the
cyber law implementation to combat cyber crime. In the authors point of view with strong
case showed in this paper, the hole is come from or because of the un-uniformity of cyber law
in all countries in the world. The suggestions are:
International Cybercrime laws
The Council of Europe had in late 2001 adopted its Convention on Cybercrime Treaty
(‘the Treaty’). This treaty was signed by 30 of the Council of Europe members and 4 partner
countries that include the United States of America, Canada, Japan and South Africa. This
treaty provides for domestic procedural laws to investigate computer crimes and calls for
international cooperation in investigating computer crimes. The effect of the Treaty is that
any of its member country is to standardize its domestic laws to its requirements.
Given the fact that the Treaty originated from the Council of Europe, such
requirements in the Treaty may not be suitable to be implemented in countries that do not
have similar legal systems and legal cultures. It is suggested that perhaps the rest of the
countries in the world should co-operate through the United Nations to develop a treaty that
provide all if not most of the solutions that crime enforcers face today when fighting
cybercrimes. Such laws should be the minimum standard to be adopted by member countries,
wherein the jurisdictional issues as stated in paragraph 4.1 above should be addressed.
More laws and codes to be amended
The current laws and codes in Malaysia are to be amended. As was pointed out in
paragraph 4.2 above, there are indeed loopholes in the Malaysian legal landscape that have to
be addressed. It is suggested that Malaysia’s amendments must take into account that its laws
concerning technology are to be technology neutral. This is because of the fact that
7
OUMH1203
technology is fast evolving in the on-line world. Hence, the best way forward is not to
entrench technology into the law but to entrench rules in cyberspace to protect Malaysians.
A good guide in evidence preservation
It is suggested that the Royal Malaysian Police and any other investigative body in
Malaysia are to have a complete and comprehensive guide as to the preservation of evidence
from digital crimes. At the moment, it is noted that S.90A of the Evidence Act of 1950
provides for the admission of documents. The effect of this section is that any document
printed by a computer is admissible in court, provided that the computer produces the
document in its ordinary use.
To prove that the document was issued by the computer in its ordinary use, a person
who is responsible for the management of the operation of that computer, or for the conduct
of the activities for which that computer was used, is to issue a certificate stating that the
document was indeed produced by the computer in its ordinary use. It is submitted that at the
moment with the prevalence of worms, viruses and Trojans,
such a certificate may not be enough. Perhaps an additional certificate is required from a
qualified computer specialist to certify that the computer was not tampered with or affected
by any malicious codes.
The public should be guided and educated
Educational and informative materials are to be supplied to the pubic to be made
aware of risk of the different types of cybercrimes and the different protection technologies
that are available to combat against the same. Over and above that, the public should be
encouraged to develope homegrown security technologies that are in compliance with
international standards, such as the ISO/IEC17799:2000 for Information Security
management and the British Standards Industries (BSI) BS7799-2:002 for data protection.
Both these standards are being promoted by Niser and SIRIM QAS International Sdn. Bhd. (a
subsidiary of SIRIM Berhad) in Malaysia to enhance security in the ICT sector.
3 CONCLUSION
8
OUMH1203
In conclusion, Malaysia, in its bid to be technologically advanced has put into place
its various national Information Communication and Technology (ICT) projects such as the
Multimedia Super Corridor and the various technology parks to promote the use and
development of ICT. Such promotion will result in a widespread use of the Internet and the
Internet culture. It is submitted that Malaysia must have up-to-date laws to effectively deal
with the cybercrimes that comes along with the Internet. To this end, Malaysia must
constantly check and conduct measurements to determine the use utility of its current laws to
combat cybercrime. One cannot deny that the online environment cannot and will never be
rid of cybercrimes due to the Internet’s unique architecture.
Perhaps in future, maybe one law (universal jurisdiction) for cyber crime to all
countries around the world will be implemented. This is not a fantasy and impractical
approach because from the above discussion, the possibilities to have one law named as
‘International Cyber Law’ (name can be anything) can be done. Cyber crime has and always
be in trans-national or borderless approach, why the cyber law can not be so? The authors
didn’t say to uniform all law but only cyber law.
Cyber activities are very special because of its nature that are invisible transaction,
fastest way of communication, cross-border, parties’ identity involved in communication can
not be guaranteed (as cases like phishing attack), interception and interruption can be made
available in the middle, many fraud and threats activities can be done and less protection of
any data when left any organizations’ router (people cannot confirm their data 100% save).
From the nature of cyber space activities, it is logical to have one law that can
represent all countries on cyber crime offences. The main reason to have this is because cyber
crime can be affected cross-over many countries in one attack committed in just a few second
in front of a computer on a hinterland. Cyber crime isn’t similar to traditional crime using
traditional weaponry (knife, hand gun etc.) where the criminal usually committed crime in a
country without affected another country. Up to this point, the only way to combat cyber
crime in the future is by having one universal jurisdiction for cyber law. If the fast growing
technology in cyber space being considered, the need for one law for the future trends is a
must.
4 REFERENCES
9
OUMH1203
A.J Surin (2009). To catch a cuber criminal. Retrieved October 11, 2011 from
http://www.crime-research.org/library/Cybercriminal.html
Classification of cyber crime. (n.d). Retrieved October 9, 2011 from
http://www.reportcybercrime.com/classification.php
Computer crime. (n.d)). Retrieved October 9, 2011 from
http://en.wikipedia.org/wiki/Computer_crime
Cyber crime. (2001). Retrived October 10. 2011 from
http://www.malaysianbar.org.my/press_statements/cyber_crimes.html
Cyber crime in Malaysia (2007). Retrieved Ovtober 11, 2011 from
http://muststopthis.blogspot.com/2007/07/cyber-crime-in-malaysia-what-you-
dont.html
Cyber Law. (2009). Retrieved October 10. 2011 from http://smkts.net/czul/426cyberlaw.html
Cyber security Malaysia. Retrieved October 12, 2011 fr
http://www.cybersecurity.my/en/media_centre/media_faqs/media_faqs/main/detail/
Manik Saini. (n.d). Computer crime. Retrieved October 12, 2011n from
http://www.dreamessays.com/customessays/Information%20Technology/13599.htm
More than 4,000 cybercrime cases reported in Malaysia within two years. (2009). Retrieved
October 11, 2011 from http://sanooaung.wordpress.com/2009/01/17/more-than-4000-
cybercrime-cases-reported-in-malaysia-within-two-years/
Parthasarathi Pati. (n.d) , Cyber crimes. Retrieved October 12, 2011 from
http://www.naavi.org/pati/pati_cybercrimes_dec03.htm
10