Introduction

“Computer hackers are a big threat when It comes to the computer security. It is a big
question how computer security can be affected by computer hackers. The one that create
threats on the computer are the people who victimize others for their own gain while
computer is the platform to perform the activity. Computer hackers are unauthorized users
who illegally break and access into computer systems of the victim in order to steal, modify,
alter or destroy information. Often, the computer hacker usually will destroy information by
installing dangerous malware without knowledge or consent of the victim. The computer
hacker’s clever tactics and good computer skills will help them to access valuable
information that people would not want them to have.”

“Other than that, in order the computer hackers to give a threat to people, they will
perform their activity by targeting anyone who uses a computer which connected to the
internet as it is one of the threats that computer hackers pose. The methods that computer
hackers typically use are phishing scams, spam email and suspicious Web sites to send
dangerous malware to victim’s computer and compromise the computer security illegally.
Besides, if the victim’s computer is not protected with a firewall, computer hackers can easily
access to their computer and private information directly. The computer hackers can monitor
your conversation on any medium or intruding your personal Web page.”

“One of the big threats that computer hackers do to us is while user connected to the
internet, the malware that computer hacker has installed on our PC will be able to transmits
our personal and financial information without out consent or authorization. They also can
hijack victim’s usernames and passwords, steal victim’s money and open credit card and
bank accounts in their name, ruin victims credit card, request new account Personal
Identification Numbers (PINs) or additional credit cards, make purchases online, use and
abuse victim’s Social Security number and etc.”

“Many governments worldwide have come up with specific legislation criminalizing

hacking. Malaysia joined the list of countries with computer specific legislation with the
enactment of its Computer Crimes Act 1997 (Annamalai, 1997). The Act deals with
unauthorized access to computer material, unauthorized access with intent to commit other
offences and unauthorized modification of computer intent. It also makes the provision to
facilitate investigation. In certain circumstances, the Act has extra territorial effects (The
Computer Crime Act 1997).”

“This paper examines concept of the computer hackers and its relation to
Malaysia/society and to understand the law applied in Malaysia. The law applied in Malaysia
for computer hackers is falls under Malaysia’s CCA 1997. The authors need to understand
the basis of policy that gives powers of investigation and sets penalties in computer crime
legislation for the computer hackers. The Malaysian legislation will be compared with that
from other countries. The paper will seek to answer several questions: What is the current
computer crime situation in Malaysia? Is Malaysia enforcing its CCA 1997, and what are the
difficulties? What can Malaysia learn from other countries in order to amend or fine tune the
CCA 1997? The paper focuses on violations that deal with hacking and unauthorized access
to computer-based information systems.”
 2. Literature Review

“According to Edappagath (2004). The definition of computer crime has revealed in

the legislation of many countries. Appudurai and Ramalingam (2007) has mentioned that
Malaysia and every country are giving a special attention within their Internet rules and
regulation regarding to computer crimes. There are two overlapping domains in computer
crimes which is the first one is activities that is illegally performed at or harming through the
use of computer, the materials such as software and data of the computer, and its uses as a
processing tool. Other than that, it also includes hacking, denial of service attack,
unauthorized access of information and cyber vandalism. The second area is the protection or
security of information, which include a several proper legal measures related to the
protection of information from unlawful use and distribution which concerned with intrusion
and illegal access to computer systems, since this paper will focus on hacking that perform by
computer hackers.”

“Computer hackers access computer networks, without authorization, to read, copy,

alter, or destroy information (Zeng, & Hamzah, 2005). Hacking is basically a procedure in
which computer savvy background of individuals will be able to penetrate into the security
system of the computer systems of victims to steal data and information and to activate
certain files for their own purposes, or to plant viruses or Trojan Horses.”

From computer hacker’s perspectives, however, hacking is ‘gaining knowledge about

computers and security’ or ‘self-teaching about computers and security’ (Granger, 1994).
Many hackers promote ‘hacker ethics’, which is a belief that essentially all information
should be open and available (Hamzah, 2005).

“Indeed, hacking is a very complicated ethical and legal issue that causes problems
regarding the creation of laws and the enforcement of policies. Computer hackers may be
driven by greed, power, revenge, adventure and the desire to be able to penetrate a secured
system. It can also be ideologically motivated, as when someone attacks the web site of
religious or political groups to erase or change their content, therein entailing an element of a
dangerous adventure. The fact that these destructive activities will bring official”
condemnation is often sufficient to attract the defiant, the rebellious, or the curious
(Grabasky, 2001). “An example of hacking attack is Denial of Service, a crime that is unique
to computer systems. In February 2000, a number of targeted sites which included amongst
others, Amazon.com, Yahoo.com, and CNN.com who were flooded with phony connection
requests. Bogged down by efforts to handle all the requests, these sites slowed to a crawl or
crashed.”

“As for the prevention of such attacks, a number of fixes have been proposed
(Bellouin, 2001), including encryption and firewalls. Despite all these efforts, computers are
still being hacked. Why haven’t these solutions worked? Hackers have ways to overcome
these solutions and come out with new methods of breaking into systems. Certainly,
computers will still face threats with the emergence of new technologies (Posch, 2001).
Detecting an intrusion is a first step in defending against a hacking attack (Durst et. al 1999).”

“In Malaysia as elsewhere, there has been an increase in the number of Internet
Providers (IPs), and in the number of users. Within a population of 27.4 million in the year
2006, there are about 11.0 million Internet users in Malaysia today (Malaysian Statistics
Dept., 2006). The growth of the Internet has meant more windows of opportunities for
computer crimes. To anticipate such abuses, the Malaysian Parliament has passed several
pieces of cyber related legislation since 1997.”

“Hacking is an increasing problem in Malaysia, even though it is done progressively

in small doses. In June 2000, a vandal calling himself ‘Xenophoria’ attacked 21 pro
government web sites, posting a list of demands for greater press freedom and an end to
corruption. Thereafter, in the early year of 2001, a vandal calling himself ‘Topeira’ hacked
Journal of Digital Forensics, Security and Law, Vol. 2(2) 10 the official web site belonging to
the Parliament and University Teknologi Malaysia (UITM). It was alleged that this could
have been in response to the Malaysian Government’s announcement that it is establishing a
special IT security lab and task force (ZDNetAsia, 2001).”

“According to the National ICT Security and Emergency Response Centre of

Malaysia (NISER), 899 information and technology intrusions were reported between the
months of January to December 2006 (NISER, 2006). According to NISER, the number of
computer intrusions for the period of the year 2006 had increased by 100 per cent compared
to the year of 2005. Statistics may show the trend on hacking crime activities, but they are not
the reliable source to determine the actual position of the computer hacking rate.”
Criminologists use the term ‘dark figure’ to describe the undetermined actual position which
refers to undetected computer of hacking activities. Several contributing factors below may
explain why it is called the ‘dark figure’. “First, the fast-operational speed of today’s
computer hardware makes criminal activity very difficult to detect. Second, law enforcement
officials often lack the necessary technical expertise to deal with criminal activity. Third,
once criminal activity has been detected, many businesses are reluctant to lodge a report due
to fear of adverse publicity, loss of goodwill, embarrassment, loss of public confidence,
investor loss, or economic repercussions (NISER, 2004).”

The Royal Malaysia Police (RMP) as the main law enforcement agency in the country
has specific offences to deal with. Among the offences investigated by the Commercial
Crime Investigation Department (CCID) of RMP are cyber crime under the Computer Crime
Act 1997 such as hacking, email fraud, Internet fraud, ATM or credit card fraud. (Shuan,
2005). According to the South China Morning Post (2016) There has been a sharp spike in
computer hacking cases detected by CyberSecurity Malaysia (CSM) over the past two years,
and explained that the use of “ransomware” has been on the rise since 2015. “These were
cases where victims’ computers were infected by malicious software, preventing users from
accessing the system until a sum of money was paid and hackers will take over the system
before blackmailing the victim” says Malaysia’s Science, Technology and Innovation Deputy
Minister Datuk Dr Abu Bakar Mohamad Diah.

“According to the case of United States of America V. Gregory (N.D. TX). This case
is classified as a telecommunication fraud and computer hacking. This case was chosen for
discussion, as it is involved in computer hacking. Among other things, it includes use of
stolen access devices, PIN obtained from other hacking organization and stolen credit card
information. With access to these equipment and information, Gregory could make free
teleconferences at the expense of the Telecommunication Service Provider. An important
lesson or reminder that we can take from this case is that the hacker network is large and they
are willing to trade information amongst themselves. Therefore, there are both pros and cons
about this situation. The obvious disadvantage against the authorities is that they are fighting
against a very large network of cyber criminals. The advantage for the authorities is that there
are more leads to follow up on. The more people who are involved or know about a crime,
the higher the likelihood of obtaining useful leads to the criminals.”
 According to Ishak (2005) Malaysia is a hacker’s heaven. People think that the
internet security of most organizations in Malaysia is far from secure. "The system
administrators of the organisations or companies should pay attention to the latest in
information technology It is easy to hack a website and to find weaknesses in the system.
Even a primary school kid can do it. If a hacker is malicious, he can do a lot of damage to a
system or to individuals. Hackers can re-create a bogus website that looks exactly like the
real one and no one can tell the difference. This is not such good news if you are a banking
website, for example. It does not even take a computer genius to hack, according to hackers.
You can find hacking software on the Internet and downloading the programmes and using
them maliciously is just a click away.” said Anonymous, 24, a hacker from Shah Alam.
 References

 Edappagath, Ajmal (2004), Cyber-Laws and Enforcement by Ajmal Edappagath, Vol.

14, No. 3, December 2004, Retrieved from:
http://www.iimahd.ernet.in/egov/ifip/dec2006/dec2006.html
 Granger, S. (1994), “The Hacker Ethic”, Ethics in the Computer Age, ACM
Proceedings, pp. 7-9
 Grabasky, P. (2001), The Global and Regional Cyber Crime Problem, The University of
Hong Kong Center for Criminology
 Hamzah, Z. (2005), E-Security Law and Strategy: LexisNexis and Malayan Law Journal
 Posch, R. (2001) Will the Internet Ever Be Secure? Journal of Universal Computer
Science, Vol. 7, No. 5, pp. 447-453
 ZDNetAsia (2001), Malaysian Parliament hackers took it as a challenge. 2nd January,
2001
 National ICT Security and Emergency Response Centre (NISER): Statistics on Cyber
Crime May Not Be Real”, NISER’s Quarterly Bulletin, 2004, Vol. 1, pg. 4
 Ishak, N (2005), “In Malaysia, it’s a hackers heaven”. New Straits Times, 15th May,
2005

 Fadzil, F (2016, 2 November) Sharp rise in Malaysian hacking cases. Soutch China

Morning Post. Retrieved from: https://www.scmp.com/tech/article/2042273/sharp-

rise-hacking-cases-over-past-two-years