(ASSIGNMENT TEMPLATE ENGLISH VERSION)

(COVER PAGE)

< FACULTY >

< SEMESTER SEPTEMBER/ YEAR 2011>

< COURSE CODE OUMH1203> < COURSE TITLE ENGLISH FOR WRITTEN COMMUNICATION>

MATRICULATION NO : IDENTITY CARD NO. TELEPHONE NO. E-MAIL LEARNING CENTRE

<730620135307001> : : : : <730620135307> <0138290590> <ibrahimdrahman@yahoo.com> <SIBU LEARNING CENTER>

COURSE> CODE>

Table of Content
1. INTRODUCTION 1

Page

2. CONTENT 2.1 2.2 2.3 CLASSIFICATION OF CYBER CRIMES COMPARISON OF CYBER CRIMES IN MALAYSIA AND USA SUGGESTIONS TO CURB CYBER CRIMES IN MALAYSIA 2 7 10

3. CONCLUSION 12 4. REFERENCES 13 5. APPENDIXES 14

COURSE> CODE>

INTRODUCTION

Globalization, technologies, information systems and the Internet are without a doubt have become a vital components of successful in shaping the way businesses and organizations are done today. While these phenomena are known to have brought global business to a whole new level, they have also brought with them, the mixed blessing called cybercrime. Cybercrime has become a silent global digital epidemic. The effect of cyber crimes has not only experienced in modern country but it is spreading to all over the world including Malaysia. Therefore, there is a need to give the matter a serious concern and to curb it before it is too late. This paper would discuss comparatively between cyber crimes in Malaysia and United States of America, and making some suggestion on what should be done in Malaysia to manage and control this epidemic. Cybercrime is criminal activity done using computers and the Internet. This includes anything from downloading illegal music files to stealing millions of dollars from online bank accounts. Cybercrime also includes non-monetary offenses, such as creating and distributing viruses on other computers or posting confidential business information on the Internet. http://www.techterms.com/definition/cybercrime Fafinski, & Minassian (2008) quoting Wall (2007), define cybercrime as the transformation of criminal or harmful behavior by networked technology, while Wilson (2007) puts it simply as a crime that is enabled by, or that targets computers. Other synonyms exist like computer crime and internet crime, are also found in literature. Cybercrimes can range from criminal activity against data to content and copyright infringement (Gordon & Ford, 2006). Further, as the Internet usage in the country grows, the total number of online transactions along with other activities is likely to increase, which, in turn, increase the number of online crime incidences. Besides, growth in broadband and wireless capacity makes the Internet more convenient and quicker to use. But unfortunately, these utilities could be 3

COURSE> CODE>

used as means for Internet crimes. Businesses, governments and individuals have all played victim to cybercrime. In addition, the ongoing economic crisis across the world will also boost cyber crimes. The problem of insufficient awareness about cyber security or Internetsafety practices among Malaysians surfing on the Web continues to pose a big challenge. For example, some users do not own a distinct password while many are not updating their security software.

2.1

CLASSIFICATION OF CYBER CRIMES

Cyber crime encompasses a wide varieties of criminal offences and activities. Cyber crime could reasonably include a wide variety of criminal offences and activities. The scope of this definition becomes wider with a frequent companion or substitute term computer-related crime. Examples activities that are considered cybercrime can be found in the United Nations Manual on the Prevention and Control of Computer-Related Crime. The manual includes fraud, forgery, computer sabotage, unauthorized access and copying of computer programs as examples of cyber crime. (www.uncjin.org/Documents/EighthCongress.html). 2.1.1 VIRUS DISSEMINATION

Some of the most notorious computer crimes have involved computer viruses, such as the Melissa virus that appeared on the Internet in March 1999 and infected systems in the United States and Europe, and the February 2000 distributed denial of service (DDS) attacks on several leading commercial Web sites including Yahoo!, E*Trade, Amazon.com, and eBay. In fact, different countries will have different set of rulings covering various cyber crimes. For example, in U.S. if you intent to extort from anyone any money with threat to damage ones computer or to obtain information in the protected computer without permission. 2.1.2 SOFTWARE PIRACY 4

COURSE> CODE>

Cyber-crimes are frequently grouped into three categories. The first are those in which the computer comprises the "object" of a crime and in which the perpetrator targets the computer itself. This includes theft of computer processor time and computerized services. The second category involves those in which the computer forms the "subject" of a crime, either as the physical site of the offense or as the source of some form of loss or damage. This category includes viruses and related attacks. Finally, the third category includes those in which the computer serves as the "instrument" used to commit traditional crimes in cyberspace. This encompasses offenses like cyber-fraud, online harassment, and child pornography. Though teenage hackers and underage, e-fraud perpetrators have captured headlines, no "typical" cyber-criminal exists. Perpetrators also commit cyber-crimes for a variety of reasons. Motives range from a desire to showcase technical expertise, to exposing vulnerabilities in computer security systems, retaliating against former employers, or sabotaging government computer systems. Cyber bullying is one of the largest analyzed crimes of the internet. Because cybercrime covers such a broad scope of criminal activity, the examples above are only a few of the thousands of crimes that are considered cybercrimes. While computers and the Internet have made our lives easier in many ways, it is unfortunate that people also use these technologies to take advantage of others. Therefore, it is smart to protect yourself by using antivirus and spyware blocking software and being careful where you enter your personal information. 2.2 COMPARISON OF CYBER CRIMES IN MALAYSIA AND USA

Estimates are that computer crime costs victims in the USA at least US$ 5108/year, and the true value of such crime might be substantially higher. According to Norton report, in order to resolve a cybercrime it can takes on average 28 days with the costs on averages USA $334*. Cyber space is a virtual space that has become as important as real space for business, politics, and communities. Malaysias commitment in using Information and 5

COURSE> CODE>

Communication Technology (ICT) as reflected by the investment in the Multimedia Super Corridor (MSC) and its Flagships increases our dependency on cyber space. However, this dependency places Malaysia in an extremely precarious position because cyber space is vulnerable to borderless cyber attacks. There is also the National Cyber Security Policy which aims to reduce the vulnerability of ICT systems and networks. It tries to instill a culture of cyber security among Internet users and strengthen Malaysian self-reliance in terms of technology and human resources. Not many countries have such a policy or enacted laws like the Computer Crime Act 1997 and the Communication and Multimedia Act 1998. CyberSecurity Malaysia is the national cyber security specialist under the Ministry of Science, Technology and Innovation (MOSTI) that runs the Cyber999 Help Centre which is tasked with eradicating cyber crime. Ethical hackers are not individuals who trespass and steal information but those who help strengthen existing systems from being hacked. Moreover, the increase in ethical hackers allows for more far-reaching cyber security as well as a more thorough examination of computer systems, including the internet and computer applications. The fundamentals have been put in place. I believe the security and safety in Malaysian cyberspace is much better than in some developed countries. For example, if a malicious virus arrives in Malaysian space, we can stop it within 24 hours. We do this by working with banks, MCMC, ISPs and the police. If you talk about a 100m sprint, we are the fastest. Our cyberspace is well governed. Ethical hackers would be able to determine if any data was at risk of being compromised and suggest ways of overcoming such weaknesses. Incidents of cyber crime in the country jumped by 127 per cent last year, or the equivalent of 8,090 cases compared to 3,564 cases in 2009, CyberSecurity Malaysia announced today. Bernama Malaysia was amongst the first few countries in the world to introduce cyber laws. An example of such cyber is the Computer Crimes Act 1997. This cyber law addresses and looks into areas of cyber crime activities. RESOL The U.S. Department of Justice (DOJ) broadly defines computer crimes as "any violations of criminal law that involve knowledge of computer technology for their perpetration, 6

COURSE> CODE>

investigation, or prosecution." Accurate statistics on the extent of this phenomenon have proven to be elusive because of the difficulty in adequately defining computer crimes. The statistics also are untrustworthy due to victims' failure to report incidents. The aggregate annual losses to businesses and governments are estimated to be in the billions of dollars. According to the U.S. Uniform Crime Reporting Statistics, by 2000 more than 300 million users around the globe accessed the World Wide Web. Of those, at least 1 million were engaged in illegal Internet activities (computer crime or "cyber-crime"). Cyber-crimes include Internet-related forgery, embezzlement, fraud, vandalism, and the disposal of stolen goods. The potential threat to the overall development of e-commerce was seriousso much so that online security expenditures were expected to double to $30 billion in 2004. There is wide variation in state statutes on computer crime in the USA. California, Minnesota, and Maine are among the few states to prohibit explicitly release of a computer virus or other malicious program. 2.3 SUGGESTIONS TO CURB CYBER CRIMES IN MALAYSIA

California also provides for the forfeiture of computer systems used in the commission of a computer crime. Many of the universities in the United States and the United Kingdom offer criminology programs with a course in cyber crime. The mushrooming courses on cyber forensics prove that universities are more interested in the practical investigative part of cyber crimes than the causation of cyber crimes. Cyber crime under the Computer Crime Act 1997 such as hacking, e-mail fraud, Internet fraud, ATM/credit card fraud. This report reveals the lack of justice and powerlessness felt by victims worldwide; it exposes risky online behaviors and advises ways to reclaim the Internet from criminals. Victims the world over need to start taking a stand against cybercrime. Combining common sense with the right computer software makes a massive difference to fighting cybercrime. Its time to: stop being frozen by fear and turn embarrassment into empowerment report all incidents to the authorities so the true picture of cybercrime emerges 7

COURSE> CODE>

support the global Internet community by taking individual actions. The safer you are, the safer others can be. Everyone can contribute. Common sense is free, but free security or just antivirus software is not enough. Cybercriminals are always looking to get around security software, so the more comprehensive your security suite, the better. The right software keeps them away. Suggestions: At the moment, nearly a third of victims globally (31%) say they never resolved a cybercrime. Most cyber crimes are financially motivated. The impact of the economic downturn and financial crisis could potentially lead to the increase in cyber crime cases globally. With people becoming jobless and unemployed, it can lead to the boom in spam, especially those related to false job offers. To combat cyber crime effectively, an integrated approach is needed. The responsibility should be shared by the government, corporations, industry and public. To fight computer crime or e-fraud, KPMG Malaysia has set up its own super sleuths under a new department called Forensic Technology Services (FTS). In business for the last three years and backed by its own computer gizmos, the FTS team can turn a blank monitor into a picture of incriminating evidence, which is vital in criminal proceedings. KPMG analysts use the latest techniques, including data extraction, data storage, data mining and visualization, password cracking and de-encryption, to provide a cost-efficient resolution to data investigation. They have also worked closely with the police. (New Straits Times, 3/6/2005). If businesses can make great use of these unifying measures, so can the criminals. Inspire by this perception and also due to the emerging international crime-related issues, there is a possibility of governments from all over the world to unify in enacting a set of international laws accepted by most, if not all. To ensure comprehensiveness, such enactment shall take into consideration cyber activities that are beyond traditional areas. Criminals have adapted the advancements of computer technology to further their own illegal activities and these inventiveness have however, far out-paced the ability of law enforcement agencies to react effectively. Therefore, within the law enforcement agencies, 8

COURSE> CODE>

a set of rules must be developed to address the various categories of computer crime. As such, investigators will know what and which materials to search and seize, the electronic evidence to recover, and the chain of custody to maintain. Only then we can truly enforce law and order into no mans land. As technology in ICT becomes more advanced, law enforcement agencies must provide their computer crime investigators with the technology required to conduct complex computer investigations. Besides access to technology, law enforcement agencies must also be given forensic computer support as many computer crimes leave footprints on the computer as well as on the Internet. Most prosecutors also lack the training and specialization to focus on the prosecution of criminals who use computer-based and Internet system as a means of committing crimes. Thus, they must have a working knowledge of computer-based and Internet investigations if they are to handle these crimes effectively. Getting quality teachers to teach cyber crimes, laws, and investigation is one of the biggest challenges in developing programs in cyber criminology. Firms should secure their networked information. Laws to enforce property rights work only when property owners take reasonable steps to protect their property in the first place. As one observer has noted, if homeowners failed to buy locks for their front doors, should towns solve the problem by passing more laws or hiring more police? Even where laws are adequate, firms dependent on the network must make their own information and systems secure. And where enforceable laws are months or years away, as in most countries, this responsibility is even more significant.www.mcconnellinternational.com Page 9 2. Governments should assure that their laws apply to cyber crimes. National governments remain the dominant authority for regulating criminal behavior in most places in the world. One nation already has struggled from, and ultimately improved, its legal authority after a confrontation with the unique challenges presented by cyber crime. It is crucial that other nations profit from this lesson, and examine their current laws to discern whether they are composed in a technologically neutral manner that would not exclude the prosecution of cyber criminals. In many cases, nations will find that current laws ought to be updated. Enactment of enforceable computer crime laws that also respect the rights of individuals are an essential next step in the battle against this emerging threat.

COURSE> CODE>

3. Firms, governments, and civil society should work cooperatively to strengthen legal frameworks for cyber security. To be prosecuted across a border, an act must be a crime in each jurisdiction. Thus, while local legal traditions must be respected, nations must define cyber crimes in a similar manner. An important effort to craft a model approach is underway in the Council of Europe (see www.coe.int), comprising 41 countries. The Council is crafting an international Convention on Cyber Crime. The Convention addresses illegal access, illegal interception, data interference, system interference, computer-related forgery, computer-related fraud, and the aiding and abetting of these crimes. It also addresses investigational matters related to jurisdiction, extradition, the interception of communications, and the production and preservation of data. Finally, it promotes cooperation among law enforcement officials across national borders. Late in its process, the Council began to consider the views of affected industry and civil society. This process is making the Councils product more realistic, practical, efficient, balanced, and respectful of due process that protects individual rights. At this point, most observers support provisions to improve law enforcement cooperation across borders. However, industry, through the World Information Technology and Services Alliance (see :www.witsa.org/press/), argues that the requirements on service providers to monitorcommunications and to provide assistance to investigators, as outlined in the Draft Convention, would be unduly burdensome and expensive. Another provision considered objectionable could criminalize the creation and use of intrusive software, or hacking programs, which are designed for legitimate security testing purposes. This action could stifle the advances in technology vital to keep up with evolving cyber threats. Privacy and human rights advocates (see www.gilc.org) object to the Draft Conventions lack of procedural safeguards and due process to protect the rights of individuals, and to the possibility that the ensuing national laws would effectively place restrictions on privacy, anonymity, and encryption. The Council plans to release a final draft of the Convention in December 2000. In 2001, a political process involving national governments will determine the scope and coverage of the final Convention. Because of cyber crimes international potential, all countries, and all companies, are affected. Interested parties, including national governments from outside Europe, and businesses and non-governmental organizations from around the world, should 10

COURSE> CODE>

participate vigorously in a consensus process to develop measures that support effective international law enforcement and foster continued growth and innovation. Page 10 www.mcconnellinternational.com Weve become accustomed to getting so much of what we need off the Internet for free. So its difficult to train people to think about paying for something in this otherwise free place. They dont regard it in the same way as regular commerce. The psychology around the Internet is that if its out there, its fair game. Joseph LaBrie, PhD 3 CONCLUSION

The fact of the matter is, however, that people do feel hurt and violated by others on the web all the time. The Internet is a medium for freely sharing information and opinions. However the criminals who trash other people's websites are acting as self-appointed censors who deny freedom of speech to those with whom they disagree. These criminals often make the self-serving excuse for their actions that they only attack sites sponsored by bad corporations or bad people. However, . By taking responsibility for our own characters and responsibilities on the web, in the long run we will benefit from it. By protecting ourselves, we protect our best interests, and that is what freedom is all about. The fundamental issue in most computer crime is the criminals' lack of respect for the property or privacy of other people. I hope that society will recognize the seriousness of computer crime and demand more severe punishment for such criminals. The issue of cyber crime has been a problem in Malaysia and United States of America and most of the other countries that depend on the technologies and gadgets that prone to the irresponsible cyber criminals. Therefore with the cooperation from everybody, I hope this issue can be handled and managed.

ATTACHMENT REFERENCES

11

COURSE> CODE>

Jaishankar, K. (2007). Cyber criminology: Evolving a novel discipline with a new journal. International Journal of Cyber Criminology, 1(1), 16. Jaishankar, K. (2007). Editorial: Establishing a Theory of Cyber Crimes. International Journal of Cyber Criminology, 1(2), 79. Branscomb, Anne Wells. "Cyberspaces: Familiar Spaces or Lawless Frontiers?" Nov. 10, 1998. http://ecommerce.hostip.info/pages/237/Computer-Crime-DEFINITIONS.html http://mpk.rmp.gov.my/jurnal/2005/whitecollarcrime.pdf http://www.techterms.com/definition/cybercrime http://us.norton.com/theme.jsp? themeid=cybercrime_report&inid=us_hho_downloads_home_link_cybercrimereport http://www.spamfighter.com/News-11776-Malaysia-Experiencing-Rise-in-CyberCrimes.htm http://ecommerce.hostip.info/pages/237/Computer-Crime-DEFINITIONS.html http://ecommerce.hostip.info/pages/237/Computer-Crime-DEFINITIONS.html http://www.themalaysianinsider.com/malaysia/article/cyber-crime-increased-by-127pc-in2010/ http://www.cybersecurity.my/en/media_centre/media_faqs/media_faqs/main/detail/1691/in dex.html http://www.cybersecurity.my/data/content_files/13/134.pdf?.diff=1177182839 http://www.levity.com/julian/cyberculture.html

12