Вы находитесь на странице: 1из 20

Introduction

Are you often go online? Have you ever been affected by cybercrime? Did you know that
Malaysia is the 6th most vulnerable country to cyber-crime threat risk? A very good morning
to ____________________________________, and dear ___________________. Today, I
would like to talk about cybercrime. In Malaysia, the crimes committed against computers
are beginning to grow as fast as the acceptance of the technologies in our community.
Everything is at your fingertip. The ICT is the order of the day. One either jumps on the
bandwagon or gets left behind. The sophisticated ICT motivates us to to go for the easy ways
in doing our works from running daily errands, paying bills, banking transactions and
international trades. Everything is done in one place or even in the cozy and convenience of
our own home. However, beware of the danger that lurks around each corner of the cyber
world. Cyber crime rate is increasing and poses a menace to internets users worldwide. We
might not aware on this issue but to think that our every interaction online has the potential
for those who wish to use the internet to attack us. I have done some extra research on these
issues to help our community understand better about cybercrime. With a better
understanding, we may be able to take necessary steps to protect ourselves against them. First
of all, I will provide the background information on cybercrime before providing some
interesting statistics on cybercrime in Malaysia and end my speech with a few prevention
tips.

Definition of Cyber Crime

Dear __________________________, what is cybercrime? Unlike other types of crime,


cyber crime is still in its infancy considering the cyber space has just come into our lives
relatively recently, that is in the 1990‘s. Perhaps to many people in countries where the
computer and the internet are just a luxury, the term cyber crime is rather uncommon. What
exactly is cyber crime? There are many different definitions provided by different
authoritative bodies regarding the meaning of the term. The Merriam-Webster Online
Dictionary defines the term cyber as relating to, or involving computers or computer
networks such as the Internet. There are two types of definition that have been highlighted
such as, any crime that involves a computer and a network and the computer may have
been used in commission of a crime, or it may be the target.
History of Cyber Crime

Do you know the history of cyber crime ?

When computers and networks came into being in the 1990s, hacking was done basically to
get more information about the systems. Hackers even competed against one another to win
the tag of the best hacker. As a result, many networks were affected; right from the military to
commercial organizations. Initially, these hacking attempts were brushed off as mere
nuisance as they did not pose a long-term threat. However, with malicious software becoming
ubiquitous during the same period, hacking started making networks and systems slow. As
hackers became more skillful, they started using their knowledge and expertise to gain
benefit by exploiting and victimizing others.

Categories of cyber crime

So my dear ___________________________, what are the different types of cybercrime?

According to a report by Malaysia Computer Emergency Response Team (MyCERT), that


deals with all security incidents reported by commercial victims. MyCERT has classified
cybercrime into 9 categories such as content related, cyber harassment, denial of service,
fraud intrusion, intrusion attempt, malicious codes, spam and vulnerabilities report.

Statistics of cyber crime

Malaysia is known as one of the Asia's most appealing countries for cyber criminals
activities. According to the Internet World Stats (2017) Malaysia‘s total number of Internet
users reached an estimated 23 million by June 2018 whereas the percentage of Malaysia
Internet user‘s growth is 356.8 percent from 2012 to 2017. China‘s total number of Internet
users reached an estimated 538 million by June 2017, making it the largest Internet user
nation. The wide usage of internet is opening opportunities making it vulnerable to
cybercriminals. The nature of internet itself has provided a platform for cybercriminal to
conduct illegal activities from anywhere in the world. According to the 2017 Norton
Cybercrime Report (2017), up to 83 percent of Internet users in Malaysia have fallen victim
to cybercrimes. 45 percent of cybercrime victims in Malaysia have never fully resolved the
cybercrime and it takes an average of 30 days and an average cost of MYR7.323 to come to a
resolution. 20 percent of the respondents said the biggest problem they faced when associated
with cybercrime was the loss of irreplaceable data; and 60 percent said their biggest fear is
the financial loss.
According to Deputy Inspector-General of Police Malaysia, Tan Sri Noor Rashid
Ibrahim, based on the Sophos Security Threat Report 2017 by the firm SOPHOS USA, in the
first three months of 2017, Malaysia was ranked sixteen in the world of high-risk exposure to
cybercrime threat. In addition, Bakri shared that losses amounted to RM173.5 million with
10218 reported cases in 2016 and in the number of crime increase to 11599 cases with the
loss of RMRM207.8 million and 1976 people arrested in the year 2017.

2016 2017
Bil Crime (NUMBER Losses RM) (NUMBER Losses (RM)
OF CASE) OF CASE)

1 African Scam 2449 93,040,164.35 2166 92,352,048.38


2 e- Commerce 5978 28,346,791.35 5522 22,144,352.30
3 Telecommunication scam 1791 52,126,828.85 3911 93,374,681.73
Total 10218 173,513,784.55 11599 207,871,082.41

Classification of Cyber Crime

According to The Internet Crime Complaint Center (IC3), a partnership between the Federal
Bureau of Investigation (FBI) and the National White Collar Crime Center, USA, cyber-
crime can be generally categorized into different types. Partly this categorization is done
based on the types of reports and complaints received by the organization. Cyber crime can
be categorized as follow:

Non-Delivery Payment/Merchandise (non-auction) – Purchaser did not receive items


purchased, or seller did not receive payment for items sold.

• FBI-Related Scams – Scams in which a criminal poses as the FBI to defraud victims.

• Identity Theft – Unauthorized use of victim‘s personally identifying information to commit


fraud or other crimes.

• Computer Crimes –1) Crimes that target computer networks or devices directly or
2) Crimes facilitated by computer networks or devices.

• Miscellaneous Fraud – Variety of scams meant to defraud the public, such as work-at-
home scams, fraudulent sweepstakes and contests, and other
fraudulent schemes.
• Advance Fee Fraud – Criminals convince victims to pay a fee to receive something
of value, but do not deliver anything of value to the victim.

• Spam – Mass-produced, unsolicited bulk messages.

• Auction Fraud – Fraudulent transactions that occur in the context of an online auction site.
Auction fraud involves fraud attributable to the misrepresentation of a product advertised for
sale through an Internet auction site or the non-delivery of products purchased through an
Internet auction site.

• Credit Card Fraud – Fraudulent, unauthorized charging of goods and services to a


Victim‘s credit card.

• Overpayment Fraud – An incident in which the complainant receives an invalid monetary


instrument with instructions to deposit it in a bank account and to send excess funds or a
percentage of the deposited money back to the sender

Now lets see the types of cyber crime.

Types of cyber crime

1. Salami Attack

Salami attack has once happened in Malaysia. A banker worker makes changes to the banking
system so that the system will deduct RM 0.05 from every client's account and be transferred
to his own account. The client may not aware of this in a single case but at whole the worker
has made a lot of money from this event. Although the bank many times said that safety is a
priority, in fact, there are still has consumers who complained of losing money through
transactions carried out, without conscious or aware. The reason given by the bank of what
had been happened is not their fault because all of the transactions that have provided
guarantees of safety features are high.

2. Email bombing

Email bombing is one of the major issues happening in Malaysia. Every of the email account
user will experience this email bombing. There is one example issue where fake email using
the name of Samsung one of the corporate brand name for electronics.
The announcement that made by irresponsible party such as the name of the winner of the
contest will be published in the media and Samsung Malaysia website that is
www.samsung.com/my. In fact, the winners will be contacted to be informed of their victory
by the agency appointed by Samsung Malaysia.

The public is advised to ignore e-mails sent to individuals and claimed that they had won
cash prizes of Samsung Corporation or Samsung Promo Board. In fact, Samsung Malaysia
Electronics (SME) Sdn. Bhd never use any e-mail or short messaging service (SMS) to
communicate with the winner of the contest or to get their bank account information.

3. Phishing

Phishing is one of the biggest concern issues in Malaysia. This phishing normally occurred in
the banking sector where one of the hackers favourite is to create a fake websites. It is
technique of pulling out confidential information from the bank/financial institutional
account holders by deceptive means

According to a computer expert "with only a computer, Internet and browser software,
someone can create a website to dissipate bank customers' millions of dollars of money." In
fact, to create a fake web site, they do not require a long time, only about one to two hours.

However, they cannot imitate the URL (domain address) from the website because they are
protected, but they can create an alternative network to mislead bank customers. This is not a
strange thing. Recently, National ICT Security & Emergency Response Centre (NISER)
detect the fraud occurred. At the same time, the police arrested four university students and
nine others for creating fake Web sites of local banks to steal customers' information before
them withdrawing their money.

4. Pornography

Pornography is the first consistently successful ecommerce product. It was a deceptive


marketing tactics and mouse trapping technologies. Pornography encourage customers to
access their websites. Anybody including children can log on to the internet and access
website with pornography contents with a click of a mouse. The easy access of internet,
teenagers‘ able access to pornographic websites to view the pornographic materials such as
pictures and video. It begins with the magazine and publication of printed pornographic
material, next to that era and the latest porn video, pornographic materials in the format High-
Definition (HD) which is available on the Internet. Nowadays information technology also
enables these materials are also distributed via e-mail and provides a challenge to the
authorities in implementing preventive actions. This evolution is worrying because these
pornographic materials may give negative effects such as stimulating a person to commit
sexual assault. It could also impede the growth of children and adolescents who have access
to these materials because they would be fancy and hard to concentrate.
5. Macau Scam

It is categorized as telecommunications fraud, or better known as the Macau scam. It is


masterminded by syndicates in Taiwan and China, which use international phone numbers
from Hong Kong as well as Malaysia. Macau scam syndicates use several modus operandi to
fool its victims – phone calls to inform of lucky draw winnings, calls to demand ransom for a
kidnap victim, as well as spoofing, where syndicate members pretend to be police personnel
or bank officials. Scammers will often call and pose as police personnel to inform the victims
that they are being 'investigated' for illegal activities.

6. The Bank Impersonator Scam

The callers will identify themselves as a Bank employee or even Bank Negara Malaysia
(BNM) representatives. The scammer will then tell potential victims that their identification
has been compromised or their card has been used. To verify their identification, victims may
be required to deposit a sum of cash into an account as a guarantee for an investigation. If not,
the potential victim will be asked for sensitive information such as their card number, full
name, I/C number and the Card Verification Value (CVV) number. What happens next is the
victim‘s account will be emptied out, or their card will be used.

The scammer will then provide a number to call. A fake officer would then ask for
information relating to the victim‘s banking and credit card accounts. The fraudster would
then instruct the victim to transfer money to a third-party account on the pretext of
safeguarding the victim‘s money as well as for investigation purposes.

DO NOT give out any of your personal or banking information over the phone. Remember
that banks or BNM representatives will not request for such sensitive information through
phone calls, SMS or even e-mail. Call your bank directly to get the matter looked into or go
in person to a bank branch.

7. The Lottery Scam

If you think Malaysians do not fall for these scams anymore, a man recently lost RM120,000
after he was tricked with a lottery scam. Aside from scratch and win scams, which many may
already be familiar with, scammers have a new modus operandi now.

The scammers will say you have won a lottery, or ask for help to get access to their lottery
loot. They usually work in groups and will always require you to give them a sum of money
before you can claim your prize or your share of the winning. As for the recent case linked
above, the man was asked to help retrieve lottery winning and promised a share of the money.
But he was asked for a sum of money first to make sure he won‘t run away with the money.
After handing over the money, the fraudsters disappeared leaving him thousands of ringgit
poorer
8. The EPF Scam Syndicate

These EPF scam syndicates will then charge you a fee ranging from 30% to 60% in
commission from the withdrawn amount. The syndicate uses social media accounts, and even
uses the EPF logo in order to dupe victims and those desperate for cash. EPF has warned its
contributors that these scammers are sending false messages through social media, short
messaging service (SMS) and WhatsApp.

Aside from the early withdrawal scam, EPF has also identified false SMS messages sent to
EPF contributors, claiming their EPF account will be blocked unless they contact the number
provided. Don‘t respond to such messages. Official messages from EPF will display a five-
digit short code as sender identification (ID), and the messages will not be sent to members
from a personal mobile number.

Remember that as an EPF contributor, you can get into legal trouble if you engage with the
scammers to make early EPF withdrawals. Offenders can be charged under Section 69 of the
EPF Act 1991 for making unlawful withdrawals. Under the act, those who are found guilty of
fraudulent withdrawals can be sentenced to three years jail or RM10, 000 fine, or both.

9. The Travel Visa Scam

The Australian visa scam is the most widespread Visa scam currently happening in Malaysia.
Scammers trick Malaysians into thinking they can save time and money by soliciting their
services to get the travel visa for them. Instead, they will find that they have lost their money,
and are stranded without a travel visa.

Deal with official or reputable channels to ensure you don‘t become a victim of visa fraud or
scams. Go directly to the country‘s embassy or deal with a licensed and reputable travel
agency to get the travel visa. As for Australian Visa, VFS Global operates the Australian Visa
Application Centre in Malaysia. Malaysians should also be wary of facilitators in Malaysia
who provide visas and flights to Australia for people who intend to work, usually in fruit
picking jobs. It‘s a crime and a scam as the visa does not actually allow you to undertake any
work in Australia. If you do work in Australia with your travel visa, it is considered a breach
of your visa conditions and you could be detained and removed, and subject to the 3 year
exclusion period.
10. The Land Scam

Land scams are on the rise in Malaysia with cases of forged land titles. Victims will only
realise this after taking the land title to the land registry office and find that the land title is
under another person‘s name despite having paid for the purchase of the land. To protect
yourself, make sure everything is dealt with in black and white, and appoint a lawyer to
protect yourself. This is especially if you are not familiar with the procedure involved in
purchasing land or property.

11. The Job Offer Scam

If you‘ve been approached by an individual offering you a high-paying job, especially if it is


through social media, be wary. A new job offer scam is on the rise, and the modus operandi is
by using social media to scam Malaysians into working for a Macau Scam.

Firstly, the victims will be promised jobs with salaries between RM5,000 – RM7,000 a month
via We Chat. The victims will then be told to meet the prospective employer at coffee shops.
These Malaysians will then be trained, and then sent abroad to carry out telephone scams.

12. The Work-From-Home Scam

Work from home scams are among the top three scams Malaysians fall victims too. Although
there are various legitimate online websites for job classifieds such as Jobsteet.com, be
careful with other job postings online. A red flag for work from home job scams are usually
when you are asked to make a payment first, claiming only after the payment is received will
they give more information on the job. These types of work scams will also be coy and not
advertise the upfront payment needed. Once you contact them for more information about the
work, they‘ll demand for payment.

13. Import / Export frauds

The import-export crimes are federal offenses that involve fraudulent activities on import and
export goods. Usually, the claim on the quantity of goods or the classification of the goods is
made falsely in oder to lower the price of taxes.

Most exporters will consult the B2B portal when they want to break into the business market.
They will post questions, announcements or simply information about their business. B2B
stands for ―business to business‖ e-commerce, and even if there is legit information on the
portal, there are many scams as well.
14. Money Laundering

Money laundering is a process of converting cash or property derived from criminal activities
to give it a legitimate appearance. It is a process to clean ‗dirty‘ money in order to disguise
its criminal origin.

There are many ways to launder money, ranging from simple to complex. One of the most
common ways to launder money is through a legitimate cash-based business owned by a
criminal organization. Another common form of money laundering is called smurfing, where
a person breaks up large chunks of cash into multiple small deposits, often spread out over
many different accounts, to avoid detection.

Some true cases of money-laundering

The cases below are real examples of how money-laundering operations were carried out and
subsequently charged:

(a) A medical practitioner was found guilty of falsifying financial documents and promissory
notes which resulted in a sum of RM42 million being transferred into her account. She was
charged under Section 4 of AMLATFA (and a smattering of other charges of abetting) and
sentenced to 8 years imprisonment and a fine of RM6.39 million.

(b) the accused received proceeds from an illegal football betting ring amounting to RM1.4
million ringgit in his bank account. He forged up to 75 invoices from his company so the
proceeds appear to be from the company‘s business. He was convicted under Section 4 of
AMLATFA and sentenced to 2 years imprisonment and to pay a fine of RM1 million.

15. Telephone Frauds

Phone fraud, or more generally communications fraud, is the use of telecommunications


products or services with the intention of illegally acquiring money from, or failing to pay, a
telecommunication company or its customers.

Scammers use exaggerated — or even fake — prizes, products or services as bait. Some may
call you, but others will use mail, texts, or ads to get you to call them for more details

Here are a few red flags to help you spot telemarketing scams. If you hear a line that sounds
like this, say "no, thank you," hang up, and file a complaint.

You've been specially selected (for this offer).

You'll get a free bonus if you buy our product.

You've won one of five valuable prizes.

You've won big money in a foreign lottery.
16. Defamation

Defamation is the communication of a false statement that, depending on the law of the
country, harms the reputation of an individual, business, product, group, government,
religion, or nation. The Criminal sends emails containing defamatory matters to all concerned
of the victim or post the defamatory matters on a website. Disgruntled employee may do this
against boss, ex-boys friend against girl, divorced husband against wife.

Under DEFAMATION ACT 1957, a person who has published words alleged to be
defamatory of another person may, if he claims that the words were published by him
innocently in relation to that other person, make an offer of amends under this section; and in
any such case.

17. Online Seduction

Seduction is the process of deliberately enticing a person, to engage in a relationship, to lead


astray, as from duty, rectitude, or the like; to corrupt, to persuade or induce to engage in
sexual behaviour.

In 2017, there were an estimated 1,490 arrests for Internet related sex crimes against minors
that included online sexual communications with victims. Arrested online-meeting offenders
who had online sexual communications with victims were similar to know-in-person/ online
offenders who used such tactics in several respects.

Research suggests that one quarter of victims of online offenders are boys. Frequently these
are boys with sexual orientation issues who get into trouble while looking online for help and
understanding they can‘t get at home or at school. This is a hard topic to talk about openly
and sensitively, but parents, educators, youth and law enforcement officials need to
understand that youth with sexual orientation issues are a particularly vulnerable group.

18. Hacking

The act of gaining unauthorized access to a computer system or network and in some cases
making unauthorized use of this access. Hacking is also the act by which other forms of
cyber-crime (e.g., fraud, terrorism, etc.) are committed. Hacking in simple terms means
illegal intrusion into a computer system without the permission of the computer owner/user.

19. IRC Crime

Internet Relay Chat (IRC) servers have chat rooms in which people from anywhere the world
can come together and chat with each other Criminals use it for meeting coconspirators.
Hackers use it for discussing their exploits / sharing the techniques Paedophiles use chat
rooms to allure small children.
20. Credit Card Fraud

You simply have to type credit card number into www page off the vendor for online
transaction If electronic transactions are not secured the credit card numbers can be stolen by
the hackers who can misuse this card by impersonating the credit card owner.

21. Software piracy

Theft of software through the illegal copying of genuine programs or the counterfeiting and
distribution of products intended to pass for the original. Retail revenue losses worldwide are
ever increasing due to this crime. This can be done in various ways such as end user copying,
hard disk loading, Counterfeiting, Illegal downloads from the internet etc.

22. Net Extortion

Copying the company‘s confidential data in order to extort said company for huge amount.
Legislation

In response to any type of crime, it has been a practice by our society to prevent the crime
and ensure the perpetrators are punished in the first instance itself. How is this being
achieved?

Creating legislations which clearly states specific activities are illegal is the answer. This is
crucial in establishing Malaysia as the leader in ICT and towards achieving vision 2020. The
objective of Vision 2020 is Malaysia‘s emergence as an economically-developed,
industrialized nation by the year 2020. Therefore, Malaysian Government has already passed
several cyber laws to control, reduce of cybercrime activities and increase the success rate of
prosecuting cybercriminals. The Malaysian Cyber Laws also provides confidents to potential
investors that the government has taken seriously the protection of technology itself. The
Malaysian cyber law consists of Communication and Multimedia Act 1998, Computer
Crimes Act 1997, Digital Signatures Act 1997, Telemedicine Act 1997, Electronic
Government‘s Activities Act 2007 and Copyright Act (Amendment) 1997. There are other
existing laws that may be used to regulate whenever applicable. They are Sedition Act 1948,
Penal Code and Defamation Act 1957. This paper will provide a brief description of cyber
laws (Ministry of Science, Technology & Innovation (MOSTI), 2013).

Communication and Multimedia Act 1998

The Communication and Multimedia Act 1998 (2006) has been enforced by the Malaysian
government on 1st April 1999. This act provides defines roles and responsibility of those
providing communication and multimedia services. It also creates a new system of licenses. It
also stated that there will be no filtering in accessing the Internet in Malaysia. The Act
introduces Communication and Multimedia Commission as a new regulatory authority to
oversee ICT industry.

Computer Crimes Act 1997

The Computer Crimes Act 1997 (2006) has been enforced by Malaysian government on 1st
April 1999. The main reason for enforcing this act is to prevent accessing computer or
computer system without authorization. It also ensures that passwords are not given to those
who are not legitimate to receive it.

Digital Signatures Act 1997

The Digital Signatures Act 1997 (2006) has been enforced by Malaysian Government on 1st
October 1998. The main purpose of this act is to provide both licensing and regulation of
Certification Authorities (CA). The Act also makes digital signatures as legally valid and
enforceable as a traditional signature. This helps to prevent on-line transaction fraud.
Telemedicine Act 1997

The Telemedicine Act 1997 (2006) has not been enforced as there is amendment still being
implied. The act states that only registered doctor will be allowed to practice ―telemedicine‖.
Other healthcare providers must first obtain license to practice ―telemedicine‖. This is
prohibiting misuse of medical related items.

Electronic Government Activities Act 2007

The Electronic Government‘s Activities Act 2007 (2007) has been enforced by Malaysian
government on 1st January 2008 (Multimedia Development Corporation, 1996-2012). The
act is to facilitate electronic delivery on government services to the public.

Copyright Act (Amendment) 1997

The Copyright Act (Amendment) 1997 (1997) has been endorsed on 1st April 1999 by
Malaysian government. This act is amendment from Copyright Act 1987. It protects the
copyright works from unauthorized copying or alteration.
Comparison of Cyber Crimes in Malaysia and the USA

i. Statistics of Cyber Crime in the USA

According to The Internet Crime Complaint Center –here forth known as IC3- (2017), a
special task force under the FBI, the most common cyber crime victim complaints in 2016
were non-delivery of payment/merchandise, scams impersonating the FBI (hereafter ―FBI-
related scams‖) and identity theft. Victims of these rimes reported losing hundreds of millions
of dollars. The website received 275,284 complaint submissions. This is a (33.1%) increase
when compared to 2016 when 206,884 complaints were received. The USA Government
Accountability Office announces that the loss due to computer crime was estimated to be
$67.2 billion for U.S. organizations, according to a 2017 Federal Bureau of Investigation
(FBI) survey. Based on this figure alone it is clearly discernible that loss of fund, from the US
public in general and the business community especially, to different forms of cyber crime is
very high.

IC3 Internet Crime Report (2016) shows a stunning number of online crimes. Yearly
complaints received by the organization shot from 16,838 in the year 2016 to 303,809 in the
year 2017. In 2017, the top ten types of crimes reported to the website are as follow:

Bil Type of crimes Percentage


1 Non-delivery Payment/Merchandise 14.4%
2 FBI-Related Scams 13.2%
3 Identity Theft 9.8%
4 Computer Crimes 9.1%
5 Miscellaneous Fraud 8.6%
6 Advance Fee Fraud 7.6%
7 Spam 6.9%
8 Auction Fraud 5.9%
9 Credit Card Fraud 5.3%
10 Overpayment Fraud 5.3%

The figures show that non-delivery of payment or merchandise was the most reported
offense, followed by FBI-related scams and identity theft.
In is also interesting to note that the highest number of complainants is not found in the most advanced and
developed states in the USA, instead most complainants comes from the more backward states in the US.
Below is the statistics that shows the top ten states with highest number of complainants‘ received by the IC3.
Population
Bil State
Per 100,000
1 Alaska 566.57
2 Colorado 134.99
3 District of Columbia 129.29
4 New Jersey 122.86
5 Nevada 119.19
6 Maryland 117.29
7 Washington 108.06
8 Florida 105.72
9 Arizona 104.27
10 Virginia 93.76

In terms of the complainants demographic, IC3 reported that the age of the complainants
ranges from under 20 years of age to 60 years old. Most complainants were in the U.S., male,
between 40 and 59 and a resident of California, Florida, Texas or New York. Most foreign
complainants were from Canada, the United Kingdom, Australia or India. Men reported
greater dollar losses than women (at a ratio of $1.25 to every $1.00). Individuals of 60-and-
over reported higher median amounts of loss than other age groups. This shows that cyber
crime affects people regardless of their age and socioeconomics background.

ii. Statistics of cyber crime in Malaysia

Cyber security Malaysia website published a piece of news entitled Cybercrimes continue to
rise reported by The Star (23 Sept 2016) in which the chief executive officer of Cyber
security Malaysia, said the Malaysian cyber threat landscape is no less alarming with over
10,000 cases reported every month up till August this year. Last year, Cyber security
Malaysia received over 8,000 reports about cybercrime via its cyber999 hotline. Its Cyber
Early Warning System has also detected over 5,000,000 security threats up until August. In
another report published by the same website entitled Proactive take on cybercrime released
by The New Straits Times, 22 October 2017, Lt Col (R) Husin Jazri said the current threats
are a compromise of systems through automated tools and offline fraud, including identify
theft. Forty-five per cent of the reported incidents this year as at July are related to system
intrusion while 34 per cent are online fraud. Last year, the two categories made up about 86
percent of all reported incidents.
Bil Name of state Number of cases (2017)
1 Perlis 151
2 Kedah 787
3 Pulau Pinang 598
4 Perak 1035
5 Selangor 2819
6 Kuala Lumpur 998
7 Negeri Sembilan 812
8 Melaka 755
9 Johor 1509
10 Pahang 585
11 Terengganu 264
12 Kelantan 338
13 Sabah 572
14 Sarawak 376
Total 11599

In comparison the statistics above shows increasing trend in cases of reported cyber crime in
both countries. The number of reported cases in both countries does not reflect the actual
severity of cyber crime cases as they could be influenced by other factors including
awareness about cyber crimes and consumers rights campaigns. It could be inferred that the
public in the US is more willing to report cyber crime cases as compared to Malaysians.
Recommendations and Suggestions

So, how to prevent Cyber Crime?

Cyber crime is very elusive to law and enforcement because it operates in the cyber space. In
order to combat the crime, a relentless efforts need to be taken in a concerted manner
between nations all over the world. Here are some suggestions on useful measures to be taken
by governments and organizations in the world to curb cyber crime:

1. Improving the Cyber Security Management System

The public increasingly relies on the internet to carry out many important in day-to-day
activities in their lives. Therefore it is essential to identify all the weaknesses in the cyber
space that provides opportunities to be manipulated by cyber criminal and take steps to
implement appropriate safeguards. It is very important that organisations which depends
heavily on information and communications technology, either governmental or business
firms, to hire and train highly qualified ICT security professionals to manage the security of
the organisation's computer and network system. Certification bodies should establish to
certify experts and a high standard of security measures should be produced and constantly
upgraded. These organizations must set up a security management and adopt good
information security practices to ensure their own defenced against cyber crime.

2. Law Enforcement

The current cyber law is still inefficient to deal with cyber crime. The complex nature of ICT
renders traditional laws irrelevant to handle crime related to this new technology. The law
enforcement, legal and jurisdiction bodies must develop new skills to be able to respond
adequately to the challenge presented by computer crime. More judges and lawyers who
specialise in cyber laws and know how to cope with technicality of the crime should be
trained. A cyber court which could accelerate the prosecution of cyber criminals should be
established. The Malaysian government for example, has executed a policy and enacted laws
like the Computer Crime Act 1997 and the Communication and Multimedia Act 1998. The
1998 Communication and Multimedia Act paves the way for a more comprehensive method
to cope with cyber crime.. The purpose of this act is to enable an establishment of a special
committee that will monitor all matters regarding network and internet security. It has also set
up institutions like Cyber Security Malaysia and establishes the National Cyber Security
Policy to face all the challenges. This will also in still cyber security awareness among
Internet users so that they will not become easy prey for cyber crime.
The security departments of nations need to establish a special task force trained in
investigating cyber crime and are well equipped to bring the criminals to justice. The
dynamics of ICT advances rapidly which requires the law enforcement agencies to be
provided with expertise to deal with the technical aspects of cyber crimes. The law enforcer,
prosecutors and jurisdiction bodies must be able to understand security technologies well so
that prosecution cases cannot be manipulated by defence lawyers and cyber criminals.

3. Educating the Society

The world community in general should be more aware of the threats of various types of
cyber crimes. The general public should be well informed about the danger they face every
time they use the internet. Internet users should be informed about the importance of
protecting confidential personal information such as personal data, bank account and also
credit cards against cyber criminals. They should not reveal this information to any unknown
person, organization or websites because this information exposes the person to financial and
identity frauds. Once a person‘s personal information is obtained by a cyber criminal, the
person will be exposed to all sorts of cyber crime. Internet users should know that it is crucial
to keep their passwords a secret and that they should not reveal their passwords to any
unknown person. Each time they are required to give out their personal information in any
online transaction, they should first clarify the identity and the status of the respective person
or organisation they are dealing with.

In computer subjects in schools, children can be taught about the danger of cyber crime and
how to protect themselves from falling prey to the crime. Other internet users should also be
exposed to information about cyber crimes through available media. In carrying out online
transaction, they should always ascertain the identity of the person or organisation they are
dealing with.

4. Use a firewall

Firewalls monitor traffic between your computer or network and the Internet and serve as a
great first line of defenced when it comes to keeping intruders out. Make sure to use the
firewall that comes with your security software. And if you have a home wireless network,
enable the firewall that comes with your router. 3) Click with caution - When you‘re checking
your email or chatting over instant messenger (IM), be careful not to click on any links in
messages from people you don‘t know. The link could take you to a fake website that asks for
your private information, such as user names and passwords, or it could download malware
onto your computer. Even if the message is from someone you know, be cautious. Some
viruses replicate and spread through email, so look for information that indicates that the
message is legitimate.
5. Practice safe surfing

When navigating the web, you need to take precautions to avoid phony websites that ask for
your personal information and pages that contain malware. Use a search engine to help you
navigate to the correct web address since it will correct misspellings. That way, you won‘t
wind up on a fake page at a commonly misspelled address. (Creating a phony site at an
address similar to the real site is called ―typo squatting,‖ and it is a fairly common scam.)
You may also want to use a product like McAfee® Site Advisor® software to help you
navigate. Site Advisor software is a free browser tool that tells you if a site is safe or not right
in your search results, so you are warned before you click.

6. Use strong passwords

Although it may be easier for you to remember short passwords that reference your birthday,
middle name, or pet‘s name, these kinds of passwords also make it easy for hackers. Strong
passwords can go a long way in helping secure your information, so choose a password that
is at least 10 characters long and consists of a combination of letters, numbers and special
characters. Also consider changing your password periodically to reduce the like lihood of it
being compromised.

7. Use comprehensive security software and keep your system updated

Because hackers have a wide variety of ways to access your system and information, you
need comprehensive security software that can protect you from all angles. Software like
McAfee® Security center, available preloaded on Dell™ PCs can help protect you from
malware, phishing, spyware, and other common and emerging threats. Just make sure that
you keep your security software up to date by selecting the automatic update function on your
security control panel. And don‘t forget to perform regular scans. You also want to update
your operating system (OS) and browser with the latest security patches. If you are a
Microsoft Windows user, you can enable automatic updates to keep your OS safe.

8. Practice safe shopping

In addition to practicing safe surfing, you also need to be careful where you shop online. Be
cautious when shopping at a site that you‘ve never visited before and do a little investigation
before you enter your payment information. Look for a trust mark, such as McAfee
SECURE™, to tell you if a site is safe. And when you‘re on a payment page, look for the
lock symbol in your browser, indicating that the site uses encryption, or scrambling, to keep
your information safe. Click on the icon to make sure that the security certificate pertains to
the site you are on. You also want to look at the address bar to see if the site starts with
―https://‖ instead of ―http://‖ because this is another way to see if the site uses encryption.
When it comes time to pay, use a credit card instead of a debit card. If the site turns out to be
fraudulent your credit card issuer may reimburse you for the charges, but with a debit card
your money is gone. Finally, evaluate the site‘s security and privacy policies in regards to
your personal data.

9. Be suspicious

Even if you consider yourself cyber savvy, you still need to keep your guard up for any new
tricks and be proactive about your safety. Backup your data regularly in case anything goes
wrong, and monitors your accounts and credit reports to make sure that a hacker has not
stolen your information or identity. Although protecting yourself does take some effort,
remember that there are a lot of resources and tools to help you. And by adopting a few
precautions and best practices, you can help keep cybercrime from growing.

10. Secure your wireless network

Hackers can access data while it‘s in transit on an unsecured wireless network. You can keep
the hackers out by enabling the firewall on your router and changing the router‘s
administrator password. Cybercriminals often know the default passwords and they can use
them to hack into your network. You may also want to set up your router so it only allows
access to people with passwords that are encrypted. Check your owner‘s manual for
instructions on setting up encryption.

Conclusion

Based on the above discussion, it can be concluded that cyber crime cannot be downplayed
because it has become a major threat to the international community. A coordinated effort
should be carried for the benefit of internet users so that they are protected from cyber crime.
A strong support and cooperation from members of society and the government is crucial in
order to establish a coordinated effort to combat cyber crime effectively. Members of society
should work together to contribute in the fight against cyber crime. They should also take
precautions when using the internet to avoid becoming cyber crime victims. An international
effort should be geared towards fighting cyber crime. Negative and erroneous attitude should
be eradicated as their only makes it easier for cyber criminal to strike.

Before I step down from the rostrum, I would like to say, ‗ONLINE HARASSMENT
HAS AN OFF-LINE IMPACT, SO BE NICE ON THE NET‘

I hope you have found my talk helpful. Thank you for listening attentively.