Cyber_Crime_in_Malaysia_and_Usa

committing and freely done by not only adults but youngsters like teenagers who is good with computer and wide world web of internet. To understand more of the matter, we have to recognise what the crime is all about and how it is affecting our life and world. One thing for sure, the cybercrime is becoming dangerous if we did not try to control it. What is the definition that we can learn and understand of it' According to http://www.techterms.com/definition/cybercrime, Cybercrime is criminal activity done using computers and the Internet. This includes anything from downloading illegal music files to stealing millions of dollars from online bank accounts. Cybercrime also includes non-monetary offenses, such as creating and distributing viruses on other computers or posting confidential business information on the Internet. Perhaps the most prominent form of cybercrime is identity theft, in which criminals use the Internet to steal personal information from other users. Two of the most common ways this is done is through phishing and pharming. Both of these methods attract the users to forged websites (that appear to be legitimate), where they are asked to enter personal information. This includes login information, such as usernames and passwords, phone numbers, addresses, credit card numbers, bank account numbers, and other information criminals can use to "steal" another person's identity. For this reason, it is smart to always check the URL or Web address of a site to make sure it is legitimate before entering your personal information. The second definition we can rectify is from www.Wikipedia.com. Computer crime, or cybercrime, refers to any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Net crime refers to criminal exploitation of the Internet. Such crimes may threaten a nation’s security and financial health. Issues surrounding this type of crime have become high-profile, particularly those surrounding cracking, copyright infringement, child pornography, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise. Internationally, both governmental and non-state actors engage in cybercrimes, including espionage, financial theft, and other cross-border crimes. Activity crossing international borders and involving the interests of at least one nation state is sometimes referred to as cyber warfare. The international legal system is attempting to hold actors accountable for their actions through the International Criminal Court. “The need for digital evidence is not confined to obvious cybercrime events such as hacking, fraud and denial of service attacks; it's also required when transactions are disputed, in employee disputes, and almost all forms of non-cyber-crime, including murder, forgery, industrial espionage and terrorism. With the vast proliferation of computer ownership and usage plus the growth of low-cost always-on broadband connectivity, all organisations require a Forensic Readiness Program.” ~ PeterSommer Quotes from Peter Sommer can be a big eye opener to all of us about how serious is cybercrime. If before this the crime is not that seriously taken, but now with all sorts of crimes appeared out of nowhere, people around the world is getting fear conscious and know that this is ‘no monkey business’ and should be ignore. One has to remember that the scope of cybercrimes is large. It can be: a. e mail spoofing, b. hacking c. spamming d. harassment The list of cybercrimes is longer than that. These are among the popular crime that can be identify and protected from. We have to be aware and differentiate the crimes. The cybercrimes can be categorised into 4 categories which are  Cybercrime vs. Individual  Cybercrime vs. Property  Cybercrime vs. Organization  Cybercrime vs. Society  Cybercrime vs. Individuals includes a few named activities such as: 1) E mail spoofing A spoofed email is one that appears to originate from one source but has actually emerged from another source. Falsifying the name and / or email address of the originator of the email usually does email spoofing. FIGURE A : HOW SPOOFED EMAIL MOVES 2) Spamming : Spamming means sending multiple copies of unsolicited mails or mass e-mails such as chain letters. Example: “Famous person died” spam” includes Alicia Keys, Angelina Jolie and Beyonce Knowles reported died through inbox spam. Saturday, august 2010 (http://garwarner.blogspot.com/2010/08/famous-person-died-spam. 3) Harassment & Cyber stalking Cyber Stalking Means following the moves of an individual's activity over internet. It can be done with the help of many protocols available such at e- mail, chat rooms, user net groups, according to www.Wikipedia.com : “ When identifying cyber stalking in the field," and particularly when considering whether to report it to any kind of legal authority, the following features or combination of features can be considered to characterize a true stalking situation: malice, premeditation, repetition, distress, obsession, vendetta, no legitimate purpose, personally directed, disregarded warnings to stop, harassment, and threats.”  Cybercrime vs Property includes: 1) Credit Card Fraud : Credit card fraud is a wide-ranging term for theft and fraud committed using a credit card or any similar payment mechanism as a fraudulent source of funds in a transaction. The purpose may be to obtain goods without paying, or to obtain unauthorized funds from an account. 2) Intellectual Property crimes : These include activities such as illegal Software piracy: illegal copying of programs, distribution of copies of software. Copyright infringement such as Trademarks violations 3) Internet time theft: The usage of the Internet hours by an unauthorized person which is actually paid by another person.  Cybercrime vs Organisation 1) Unauthorized Accessing of Computer: Accessing the computer/network without permission from the owner. it can be of 2 forms: a.. Changing/deleting data: Unauthorized changing of data. b. Computer observer: The criminal reads or copies confidential or registered information, but the data is neither deleted nor changed. 2) Denial Of Service : When Internet server is flooded with continuous bogus requests so as to denying legitimate us use the server or to crash the server 3) Email Bombing : Sending large numbers of mails to the individual or company or mail servers thereby ultimately re resulting into crashing.       Cybercrime Vs Society 1) Forgery : Currency notes, revenue stamps, mark sheets etc can be forged using computers and high qu quality scanners and printers. 2) Cyber Terrorism : Use of computer resources to threaten or bully others. http://www.reportcybercrime.com/classification.php 3) Web Jacking Hackers gain access and control over the website of another, even they change the content of website for fulfilling political objective or for money. “Everybody should want to make sure that we have the cyber tools necessary to investigate cyber-crime and to be prepared to defend against them and to bring people to justice who commit” Janet Reno Between both Malaysia and USA, one cannot deny the similarities and differences in dealing with the matter. Let us look at least 3 similarities of cybercrime in both countries: Figure 2: The 3 similarities of cybercrime in Malaysia and USA The most popular cybercrime that tops the list for Malaysia and the USA is email spoofing. It does not only involve the crime in Malaysia but also other countries. As an example, the case of our own backyard: A woman loose RM 3400 after receiving a fake email saying that her internet (CIMB) bank account will be barred before the scammer transfer the victim’s money to another non authorized account. Lembaga Hasil Dalam Negeri (LHDN) denied the instruction in email to any tax payer and transfers the victim’s money to its account by the name of Internal Revenue Service with subject to Notice of Underreported Income. An email spoofing case in the USA is almost the same. The example is as shown: A student looking to sell information on "free cash grants" spoofed the e-mail so that it appeared to come from flowers.com (now 1-800-FLOWERS.COM) (in an attempt to make his e-mail look more legit one can guess). Return-to-sender hate mail and bounce-backs swamped flowers. com's network and crashed its system. The next cybercrime that involved similarities for both countries is credit card fraud. The tactic and the technique is the same and the crime is borderless. The news of the similar case is as shown in the next page: Jan 7, 2009: Nine Malaysians were arrested in Queensland, Australia after authorities uncovered a syndicate that may have stolen millions of dollars from personal bank accounts. The syndicate created hundreds of counterfeit credit cards implanted with stolen account details to purchase gift cards and luxury goods The credit card fraud in USA is as serious as in Malaysia. The example news in the internet is as follows: United States charges eleven in credit card fraud case Tuesday, August 5, 2008 The United States government officially charged 11 individuals today for the theft and sale of over 40 million credit and debit card numbers. The card numbers were stolen from nine US retailers including Barnes & Noble. The indictment includes computer intrusion, conspiracy, identity theft and fraud. This case is suspected to be the largest computer hacking and identity theft case ever to be prosecuted by the US Justice Department. The third most popular cybercrime not only in Malaysia but also in the USA is virus attack. There’s no different virus attack for these viruses. In fact, the virus attacked in a global way. Computer viruses, worms, and Trojan horses are a known as malware. They spread on the internet via email, prompt messages and file sharing. Computer viruses need a host program to run whereas computer worms are self-governing. Both can reproduce and spread in huge amount over the internet. The Melissa virus was out in 26 March 1999 and was made to contaminate macros in word-processing documents used by the Microsoft Word 97 and Word 2000 programs. Macro viruses were not new, they had been known since 1995. The special feature of Mellisa virus was that it spread by e mailing itself to the first fifty addresses in the Microsoft Outlook e mail program’s address book. Computer worms are usually created to spread automatically via email program, making major chaos of internet traffic. Some worms can create back door to allow certified access to our computer. The ILOVEYOU worm comes in an e-mail note with "I LOVE YOU" in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book and, perhaps more seriously, the loss of every JPEG, MP3, and certain other files on the recipient's hard disk. When looking into the statistics, we can see the percentage of the crime between two countries Figure 3: NISER Security Survey for Malaysia 2001-2002 By referring to MyCERT’s Abuse Statistics from 1997 until October 2004, speedy increase of computer crime cases in Malaysia mainly in virus cases (MyCERT 2005). For virus cases, from seven cases in 1997, it has increased to 379 cases in 2001 and until September 2004 it has touched 210 cases. From NISER ICT Security survey for Malaysia 2001/2002 (NISER 2002), based on the result shown in Figure 1, virus attacks was the most repeated security breach experienced in year 2001/2002 with a record of about 1,300 times. The statistic shown is telling us in percentage that virus attacks are the number one enemy in Malaysia. 34% of these viruses attack holds the first place in lose whereas computer theft rank in as the second with 24% loses. Sadly, the employee abuse in pornography curb the third place with 11% remarks. Figure 4: Internet Fraud complaint 2001 in USA In May 2000 in USA, the Internet Fraud Complaint Centre (IFCC), created by the FBI, and the national White Collar Crime Centre (a non-profit organization funded by Congress) went online. In 2001, the IFCC website received 49,711 complaints. Internet auction fraud was the most common reported offence, comprising 43% of referred complaints followed by non-delivery fraud comprising 20% complaints and email Nigerian Letter Fraud with 17%. Another 20% consist of miscellaneous cases. In Malaysia, we have the cyber-crime unit that help the users to report any cybercrime. It is called Cyber999.Cyber999 is a service offered by MyCERT (Malaysian Computer Emergency Response Team, it was formed on 13 Jan 1997; MyCERT is one of the service delivered by the Malaysia Cyber Security) to handle security issues or incidents faced by computer/internet users within Malaysia. MyCERT are working closely with the relevant law enforcement agencies such as Royal Malaysian Police, Securities commission and Malaysia Central Bank. The main purpose is to provide the point of contact for reporting the Internet Security Incidents such as Intrusion, Denial of Service (DoS), Hack Threat, Harassment, Fraud, Spam, and also Milicious Code. In the USA, the USA LAWS AND LEGISLATION contains Federal Law. Under the Federal Law, they have their own Cyber Stalker Law. The law is known as Just Punishment for Cyberstalkers Act of 2000. 7/27/2000--Introduced. Just Punishment for Cyber stalkers Act of 2000 - Revises stalking provisions of the Federal criminal code to prohibit a person: (1) from traveling across a State line or within the special maritime or territorial jurisdiction of the United States with the intent to injure or harass another person and place that person in reasonable fear of death or serious bodily injury to the person or a member of his or her immediate family; or (2) with the intent to kill or injure a person in another State or to put such person in reasonable fear of death or serious bodily injury, from using or causing another to use the mail or any facility of interstate or foreign commerce to place that person in reasonable fear of death or serious bodily injury to the person, a member of his or her immediate family, or a spouse or intimate partner. The best comparison in cybercrime is the law enactment between the two countries. Both countries were aware of the rising statistics in cyber-crime beginning of year 2000. Each country has their own cyber-crime law. The only thing that differentiates both countries is when they amend, approve and practice the cyber-crime law. Malaysia itself was among the 9 countries which partially updated cyber-crime law whereas USA is one of the countries which have no updated cybercrime law among 33 other countries. Figure 4 : Data comparison between Malaysia and USA in updating laws Data Data Data Net with Net with Interception modification theft interference sabotage MALAYSIA X USA X X X X X Unauthorised Virus Abiding/Abetting Computer Computer access dissemination cyber crime forgery fraud MALAYSIA X X X USA X X X X Looking at the data comparison, Malaysia is only able to update 4 laws. They are Data modification, unauthorized access, abiding cybercrime and computer fraud. The rest of the laws are still under process although the 4 laws are partially being updated. As for USA, the country is able to amend 9 laws. The laws are data interception, data modification, and data theft, net with interference, net with sabotage, unauthorised access, virus dissemination, abiding cybercrime and computer fraud. The USA has not updated any cybercrime law lately. In handling the cybercrimes, there are at least 3 important steps that both Malaysia and USA can take. Each country would have probably believed in the proverb of “information is power,” As a cybercrime victim knows that it is certainly true. Access to personal information is what gives hackers the power to tap into your accounts and steal your money or your identity. But the accurate information can also empower you to defend yourself from being caught up in the thriving industry that is cybercrime. With that in mind, you can take this these steps : 1) Education Get educated. When arming yourself opposite cyber crime, it's vital to be conscious of the threats. By educating yourself on latest illegal styles, you can better recognise methods you can use to reduce the risk of becoming a target. Consciousness is the strongest defence you can obtain to protect yourself against cyber crime. 2) Be alert with passwords. Do not enter passwords or personal information on links you received in email as emails can be spoofed and/or used to "phish" for information. Constantly go to the business or organizations website directly by using the URL and make sure the web page has been secured; if it has been, it will indicate "HTTPS" instead of "HTTP" in the URL and you will see a small padlock icon on the lower left hand side of your screen. Do not give your password to anyone online. 3) Make sure your computer is configured securely Remember that a new purchased computer may not have the right level of security for you. When you are installing your computer, it is not just making your new system function, but also focuses on making it work securely. After reading much information about the cybercrime, one must learn what cybercrime is and how serious the crimes are. The most gruesome facts are how borderless the crime is and the crime person might be someone you know online. Crimes such as spamming and hackers can make you lose your money accounts. What we have to do is to be more alert and careful especially in giving your personal information. This crime can be controlled if every country joined together in defeating the cybercrime. We as an active user, also need to secure our information and be aware of scams and forgery. Approximately 3000 words . REFERENCES: Byron Achohido and John Swartz. (2004). Zero Day Treat. Boston: delta publication. Laura E Quarantiello. (1998). How to protect yourself from computer criminals. Chicago: limelight publication http://www.techterms.com/definition/cybercrime, http://www.quotesea.com/quote/theneedfordigitalevidenceisnotconfinedto2 http://garwarner.blogspot.com/2010/08/famous-person-died-spam. http://www.reportcybercrime.com/classification.php http://www.searchquotes.com/quotation/Everybody_should_wan http://en.wikinews.org/wiki/United_States_charges_eleven_in_credit_card_fraud_case http://www.webtech.on.ca/spoof.htm http://www.mmail.com.my/content/16159-malaysian-hub-credit-card-fraud . • • • Recent • • • • •