TAJUK KURSUS : ENGLISH FOR WRITTEN COMMUNICATION KOD KURSUS
: OUMH1203
NAMA
: Hairom binti Ibrahim
NO MATRIK
: 740819026238001
NO KAD PENGENALAN
: 740819-02-6238
NO TELEFON
: 019 9815129
E- MAIL
:
[email protected]
NAMA TUTOR
: Edmund Robertson Linang
PUSAT
: PPW Sarawak
SEMESTER
: September 2011
ISI KANDUNGAN
MUKA SURAT
1.0.
INTRODUCTION
1-2
2.0.
CONTENT
2-5
2.1.
CLASSIFICATION OF CYBER CRIMES
3-4
2.2.
COMPARISON OF CYBER CRIMES IN MALAYSIA
4-9
AND USA
2.3.
SUGGESTIONS
9-10
3.0.
CONCLUSION
10-11
4.0.
REFERENCES
11
(i)
1. INTRODUCTION Cybercrime has been a major concern for the global community. The introduction, growth, and utilization of information and communication technologies have been accompanied by an increase in criminal activities (Parker 1998). The Internet is increasingly used as a tool and medium by transnational organised crime. Cybercrime is an obvious form of international crime that has been affected by the global revolution in ICTs. One of the biggest criticisms to the definition of computer crime conducted by the U.S Department of Justice (DOJ) is of its overly broad concept (Parker 1998). The (DOJ) defines computer crime as ‘any violation of criminal law that involved the knowledge of computer technology for its perpetration, investigation, or prosecution’. Thus, under this definition, virtually any crime could be classified as a computer crime, simply because a detective searched a computer data base as part of conducting an investigation. Based on other terms, cybercrime, or computer crime, refers to any crime that involves a computer and a network (http://en.wikipedia.org/wiki/computer_crime). This includes anything from downloading illegal entertainments files such as music, video or movie to stealing moneys from online bank accounts. Cybercrime also includes nonmonetary felony such as creating and sending viruses to other computers and many others (http://www.techterms.com). The Oxford Reference Online defines cybercrime as crime committed over the internet (http://www.oxfordreference.com) while the Encyclopedia Britannica defines computer crime as any crime that committed by means of special knowledge or expert use of computer technology. Thus, no single definition of cybercrime is totally applicable. Nevertheless, cybercrime can be divided into two categories (Carter 1995, Davis and Hutchison 1997). The first category uses computer as the ‘tool’ of the crime. This includes high profile crimes such as child pornography, child grooming, fraud, intellectual property, criminal harassment, property violations and illegal trading of goods. The second category uses computer as the ‘object’ of the crime. This type of crime are recently emerged and specifically related with application of computer technology and the internet. This type of crime includes hacking or unauthorized use of computer systems, creating and malicious -1-
sending of computer viruses and many others. Cybercrime is a national and international issue and it has a serious impact on law enforcement at all levels. This includes federal and state governments and their respective departments, as well as the police department.
2. CONTENT
2.1 CLASSIFICATION OF CYBERCRIMES In general, computers play four roles in crimes: They serve as objects, subjects, tools, and symbols. Computers are the objects of crime when they are sabotaged or stolen. Computers play the role of subjects when they are the environment in which technologies commit crimes. Computer virus attacks fall into this category. When automated crimes take place, computers will be the subjects of attacks. The third role of computers in crime is as tools-enabling criminals to produce false information or plan and control crimes. Finally, computers are also used as symbols to deceive victims.
The subject of cybercrime can be divided into 4 major categories: 1) cybercrime against individual 2) cybercrime against property 3) cybercrime against organization 4) cybercrime against society (http://www.reportcybercrime.com/classification.php).
Cybercrime against individual or persons includes various crimes such as child pornography, email spoofing, spamming, cyber defamation and cyber stalking. The trafficking, distribution, posting, and dissemination of obscene material including pornography and indecent exposure, constitutes one of the most important cybercrimes known today. This type of cybercrime which threatens to undermine the growth of the younger generation as it also leave irreparable scars and injury on the younger generation, if not controlled. The email spoofing crime is one in which the email header is forged so -2-
that the email appears to originate from one source but it was actually been sent from another source. Spamming refers to sending multiple copies of unsolicited mails or mass emails such as chain letters. Cyber defamation means someone publishes defamatory matter about someone on a website or sends emails containing defamatory information. Cyber stalking involves following a person’s movements across the internet by posting unwanted messages (sometimes threatening), on the websites or board frequently visited by the victim, entering and disturbing the chat rooms frequently used by the victim, or constantly sending the victim with emails etc. The second category is cybercrime against property. This includes computer vandalism (destruction of others property), transmission of harmful programs, credit card fraud, internet time theft, and intellectual property crimes such as software piracy, copyright breach, trademarks violations, theft of computer source code and others. The third category is cybercrime against organization. This includes crimes against government, private firm, company or group of individual. The type of crimes includes unauthorized accessing of computer, denial of service, virus attack, email bombing, salami attack, logic bomb, Trojan horse, data diddling and many other cyber terrorisms against organization. Unauthorized accessing of computer refers to accessing the computer or network without permission from the owner. It can be in 2 forms: i) unauthorized changing or deleting of data or ii) reads or copies confidential or proprietary information, but the data is neither deleted nor changed. Denial of service happens when an internet server is flooded with continuous false requests in order to deny legitimate users to use the server or to crash the server. A computer virus is a computer program that can infect other computer programs by modifying them in such a way as to include a copy of it. Viruses can be file infecting or affecting boot sector of the computer. Worms, unlike viruses, do not need the host to attach themselves to. Email bombing includes sending larger numbers of mails to an individual or company or to a mail servers thereby ultimately resulting into crashing. The salami attack crime normally happens in the financial institutions or for the purpose of committing financial crimes. An important characteristic of this type of crime is that the -3-
alteration is so small that it would normally go unnoticed. An example is the Ziegler case where the crime was introduced in the bank’s system, which deducted 10 cents from every account and deposited it into a particular account. The logic bomb is an example of a dependent program. It means that the program is created to do something only when a certain event (known as a trigger event) occurs. Some viruses are also termed as logic bombs because they lie dormant throughout the year and become active only on a particular date (e.g. the Chernobyl virus). The ‘Trojan horse’, in software field means an unauthorized program which passively gains control over another’s system by representing itself as an authorized program. The most common form of installing a Trojan horse is through an email. Data diddling involves altering raw data just before it is processed by a computer and then changing it back after processing is completed. The fourth category is cybercrime against society. These crimes will not only affect any individual or organization but the society at large. These crimes includes forgery, cyber terrorism, child pornography, financial crimes, sale of illegal trades, web jacking, online gambling, indecent exposure and many others. (http://www.bestarticleworld.com/2011/11/article-on-society-and-increasing-cyber.html).
In forgery crime, currency notes, revenue stamps, marks sheets and many others can be forged using computers and high quality scanners and printers. Cyber terrorism can generally be defined as an act of terrorism committed through the use of cyberspace or computer resources (Parker 1983). For example, a simple propaganda in the internet via email, blog, social or official websites, stating that there will be bomb attacks in a particular place during a particular date or event can be considered as cyber terrorism. In addition, cyber terrorisms also includes hacking activities directed towards individuals, families, organized by groups within networks, tending to cause fear among people, demonstrate power, collecting information relevant for ruining peoples' lives, robberies, blackmailing and many others.
-4-
For web jacking, the hackers gain access and control over the other website, and they even change the content of the hacked website for fulfilling their objectives. (http://www.cyberlawconsulting.com/cyber-case.html).
2.2 COMPARISON OF CYBERCRIMES IN MALAYSIA AND USA The Malaysian Computer Crimes Act 1997 (CCA 1997) and the Communication and Multimedia Act 1998 are among the many cyber laws enacted in Malaysia. In Malaysia, the punishment for cybercrime may range from 3 years to 10 years imprisonment and/or a monetary fine of between RM 25,000 to RM 150,000. However stiffer penalties will be given if it is found that the guilty party had intention to cause injury when committing the crime (SANS Institute 2002). Strong working relationships between authorities in countries around the world can help to solve cybercrimes cases quickly. The Malaysian Parliament website that was hacked on December 2000 was traced to IP addresses in Brazil and France. The relevant authorities in those countries were contacted for assistance in the investigation. CyberSecurity Malaysia is not an enforcement agency but it is an agency under Ministry of Science Technology and Innovation (MOSTI). CyberSecurity Malaysia only provide support to enforcement agencies such as police and victims, in ensuring that justice will prevail regardless of the "space" where a particular crime is conducted. CyberSecurity Malaysia also assisted in cyber forensics and analysis - such as analysing evidence and providing expert witnesses for relevant cases.
Cases handled by CyberSecurity Malaysia. In 2008, CyberSecurity Malaysia handled a total of 2,123 incidents, more than 100 per cent increase compared with 2007. But that rate was an increase in incidents and it
may
not
correlate
with
cybercrime
rates
(http://www.cybersecurity.my/en/media_centre). Malaysia saw the number of reported cybercrimes rise to 5,181 this year (2010) from 2,642 in 2009 (New Straits Times Press, 27 October 2010). In the first quarter of 2011, 3,563 incidents were reported to the -5-
Cyber999 Security Incident Help Centre and of those, 400 phishing sites targeting Malaysian
banks
were
reported.
(http://www.malaysiandigest.com/news/21919-
cybersecurity- malaysia-intensifies-fight-against-cybercrime.html)
Table 1 (a) and (b) showing statistic derived from CyberSecurity Malaysia for cybercrime statistic year 2010 in Malaysia. (http://www.mycert.org.my/en/services/statistic/mycert/2010/main/detail/725/index.html) Table 1 (a)
Table 1 (b)
-6-
Table 1: Comparison of cybercrimes statistics between Malaysia and USA
Categories
Malaysia
USA
1. Statistic of selected categories of
Percentage derived from the statistic according to types of cybercrime in Malaysia.
cybercrimes in
1.
Content related
- 0.48 %
2.
Denial of service
- 0.82 %
3.
Cyber harassment
- 5.18 %
Main supporting point : Statistic was derived from Federal Bereau of Investigation (FBI) in collaboration with the Internet Crime Complaint Centre (ic3) for cybercrime statistic year 2010 in USA (http://scamfraudalert.wordpress.com/2010/03/13 /fbi-2009- cybercrime-statistics/)
4.
Fraud
- 27.34 %
1. Non-delivery Payment/Merchandise - 14.4%
5.
Intrusion
- 26.70 %
2. FBI-Related Scams
- 13.2%
6.
Intrusion attempt
- 8.47 %
3. Identity Theft
- 9.8%
7.
Malicious codes
- 14.82 %
4. Computer Crimes
- 9.1%
8.
Spam
- 15.67 %
5. Miscellaneous Fraud
- 8.6%
9.
Vulnerabilities report
- 0.52 %
6. Advance Fee Fraud
- 7.6%
7. Spam
- 6.9%
8. Auction Fraud
- 5.9%
9. Credit Card Fraud
- 5.3%
10. Overpayment Fraud
- 5.3%
Malaysia and USA.
2. Comparison
Fraud - 27.34 % and spam - 15.67 %
between fraud and spam percentage between in Malaysia and USA.
-7-
Fraud - 32.7 % and spam - 6.9 %
3. Percentage of cybercrime for the past 11 years in Malaysia
Percentage of cybercrime from the year 2000 to the year 2010 in Malaysia (http://www.mycert.org.my/en/services/statisti c/mycert).
and USA Year
4. Comparison
Numbers of complaints received
Percentage (%)
2000
503
1.3 (lowest)
2001
932
2.4
2002
739
1.91
2003
4295
11.08
2004
15286
39.42 (highest)
2005
835
2.15
2006
1372
3.54
2007
1038
2.68
2008
2123
5.47
2009
3564
9.19
2010
8090
20.86
TOTAL
38777
100
Percentage of cybercrime from the year 2000 to the year 2010 in USA. The graf was derived from Federal Bereau of Investigation (FBI) in collaboration with the Internet Crime Complaint Centre (ic3). Year
Numbers of complaints received
Percentage (%)
2000
16838
0.8 (lowest)
2001
50412
2.42
2002
75064
3.61
2003
124515
5.99
2004
200449
9.64
2005
231493
11.14
2006
207492
9.98
2007
206884
9.95
2008
275284
13.24
2009
346655
16.67 (highest)
2010
343809
16.54
TOTAL
2078895
100
Malaysia: 38777 complaints
USA: 2078895 complaints
5. Comparison
Malaysia: Highest – 39.42 % (2004) and
USA: Highest – 16.67 % (2009) and lowest –
between percentage of
lowest – 1.3 % (2000)
0.8 % (2000)
between numbers of complaints or cases between Malaysia and USA.
complaints or cases between Malaysia and USA.
-8-
The types of cybercrime are different in comparison between the two countries where fraud crime was divided into several types as compared to only one in Malaysia. The fraud percentage in Malaysia is 27.34 % and the spam percentage is 15.67 % while the fraud percentage in USA is 32.7 % and the spam percentage is 6.9 %. The fraud in the USA is in various types such as overpayment fraud, credit card fraud, auction fraud, advance fee fraud and miscellaneous fraud. Thus, fraud percentage in USA is observed to be higher than in Malaysia. However, spam percentage is higher in Malaysia than in USA. This means, fraud cases or complaints in developed country is higher than non developed country. Normally, spam cases are a beginning to fraud cases.
USA is higher than Malaysia in the numbers of complaints. This is due to the difference in: 1.
Numbers of citizen
2.
Numbers of computer or internet users
3.
Users' awareness regarding cybercrime
Nevertheless, although USA is higher in the number of complaints regarding cybercrime, the percentage is lower than in Malaysia when refer to the percentage of highest and lowest complaints from 2000 to 2010. This is due to: 1.
End users' awareness on cybercrime is higher in USA than in Malaysia.
2.
The roles played by cyber security agency in USA are better than in Malaysia.
3.
Lack of cybercrimes researches in Malaysia than in USA.
4.
The cyber technology in preventing and curbing cybercrimes in the USA is more advanced than in Malaysia.
2.3 SUGGESTIONS Suggestions to curb or reduce cybercrimes in Malaysia:
1. Malaysia government should tighthen the enforcement of Computer Crime Act 1997 and the Communication and Multimedia Act 1998. -9-
2. Malaysia government should allow more cybercrimes investigators agencies such as CyberSecurity Malaysia to take part in preventing cybercrimes in Malaysia.
3. People or end users of the Internet or computer should be educate and aware of the cyber security.
4. Malaysia government should increase the numbers of cyber professionals to improve the cyber security in Malaysia.
3. CONCLUSION Cybercrime is regarded nowadays as an international form of globally organized crime transgressed n beyond any national boundaries. It can be concluded that the major reasons for the rapid growth of cybercrime activity is the globalization of technology and the revolutionary advancement of ICTs. Broadband, wireless technologies, mobile computing and remote access, internet applications and services, software and file transfer protocols are amongst the tools utilized by cybercriminals to commit their crime. Thus, the increase in criminal activity using ICT technologies deserves further and immediate attention from the global community. This should include endorsement of necessary legislative requirements and implementing effective technological and enforcement tools that reduce ICT-facilitated criminal activities. By and large, a global principle of public policy should be implemented to combat and prevent this form of organized crime. These efforts could be done through raising global awareness and increasing literacy rates, coordinating legislative efforts on national, regional and global levels, and establishing a high level global network of cooperation between national, regional, and international enforcement agencies and police forces. Overall, the cyber crime rate in Malaysia is still low compares to the USA and exhibit differences in its polarity (e.g. spam and fraud activities). Moreover, cyber security in Malaysia is steadily growing in order to combat the cybercriminal activities effected the nation. However, much more efforts are still needed to improve cybercrime security in Malaysia. In line -10-
with that, all related agencies should combined forces and strengthen their alliance in order to prevent and reduce the numbers of cybercrimes in our country.
4. REFERENCES. New Straits Times Press, 27 October 2010
Parker, D. (1998). Fighting Computer Crime: For Protecting Information USA: John Wiley, p. 10. http://en.wikipedia.org/wiki/Computer_crime.
www.oxfordreference.com/views/ENTRY.html
http://www.reportcybercrime.com/classification.php
http://www.bestarticleworld.com/2009/12/article-on-society-and-increasing-cyber.html
http://www.cyberlawconsulting.com/cyber-case.html
http://www.cybersecurity.my/en/media_centre
http://www.malaysiandigest.com/news/21919-cybersecurity-malaysia-intensifies-fightagainst-cybercrime.html http://www.mycert.org.my/en/services/statistic/mycert/2010/main/detail/725/index.html
http://scamfraudalert.wordpress.com/2010/03/13/fbi-2009-cybercrime-statistics
http://www.techterms.com.
Total number of words = 2635 -11-
