1.

Introduction The 21st century nations witness the revolution of the Internet and its majestic impact on people all over the world. It provides us with latest information, helps us managing our lives systematically, and today it becomes the ultimate instrument for people to connect and create bonds through social networks. However, this new friend of us is like a two-sided coin. Despite its benefits, it also offers us with disadvantages and the main drawback is cybercrime. Cybercrime has become one of the notorious offenses, besides homicide, harassment and robbery, done by high profile criminals. According to Babu and Parishat (2004), in the article entitled What is Cybercrime? Cybercrime is defined as any criminal activity committed on the Internet. This broad term that describes everything from electronic cracking to denial of service attacks that cause electronic commerce sites to lose money. However, there is no definition which is comprehensive enough to describe the overall scope of cybercrime. There were some attempts but no conclusive definition was agreeable. Some organizations including CyberSecurity Malaysia (2011), in its website prefers to explain this terminology by dividing it to three main categories: The first is when information and communications technology (ICT) systems and intellectual property become targets of exploitation, intrusion, identity and information theft. The second is when ICT devices are used as means to commit crimes. The third category is where the ICT devices are used as mediums of committing crimes. In respect to the second classification, crimes are done using the Internet or computers at home; they are used to run malicious programs to intrude other computers to steal money, identity and passwords. For example, treason, disharmony or unrest, slandering and instigating at higher scale come under this category. On the other hand, some people believe that these cases must be prosecuted under cyber laws. But there are already laws that can be used to handle these cases. For example, for crimes such as sedition and slander, an individual can be charged under the Penal Code. The Internet citizens or also known as netizens are concerned with the menacing virtual assaults that take place today. The modern thief can steal more with a computer than with a gun. Tomorrows terrorist may be able to do more damage with a keyboard than with a bomb (National Research Council, 1991). Though, some people like Stephen M. Walt who claims himself as A Realist in an Ideological Age has a quite contradictory opinion in regard to the issue of Cyber threats. In his article Is the Cyber Threat Overblown? (2010), Walt believes that the matter is somehow exaggerated by all forms of mass media.
1

2. Types of Cyber Crimes In the effort to classify and recognize this new age threat, people have brought forth different sets of computer crimes. Mr Pavan Duvan, a consultant and the president of cyberlaw.net in his report attempts to group the types of cyber crimes into three categories (Babu & Parishat, 2004), which if compared to other classifications, is the simplest of all. Mr Duvan basically divides the types of cyber crimes based on the target or victim of the crimes. Firstly, virtual crimes might be done against persons or individuals. In this case, the attacker would probably have aimed his or her victim beforehand and planned to do harms on that particular individual. The second type of computer crime is the crimes which are done against property. On the other hand, Mr. Duvan categorizes the last type as any crime that is done against organization and society, which affect large number of people. 2.1. Cyber crimes against Individual This type of cybercrime exists in many forms. It can be very notorious like nudity and pornography, or it can be subtle like intrusion of personal computers by hackers. One of the cases that was reported in Ahmedabad India witnessed teenage girl who was lured to come to an isolated place by a man through a cyber chat, who brought his few friends with him to gang rape her. The poor girl was later rescued by some passer-by when they heard she cried. This is only one of uncountable cases happened all over the world, while some are reported to the authority, some remain unknown. Sometimes, the victim especially minors have disappeared and could not be tracked as in the case of human trafficking, which its culprit used the Internet to trick young ladies and offered them jobs with high salary. Other than that, computer crimes that are committed against individuals also include crimes such as transmission of child-pornography, human-animal pornography, and harassments to any person by using a computer such as e-mail. Babu & Parishat (2004) explains that the trafficking, distribution, posting and dissemination of obscene materials including pornography and indecent exposure, constitutes one of the most grievous computer crimes known today. The authors elaborate the issue by saying that the potential harm of such a crime to the essence of humanity can hardly be amplified. This offence is not only threatens the growth of the young generation, who after all live in the world of without boundary, but also may leave deep scars and pains on the generation Y, if cybercrime is not keep under control. Another example of cybercrime against person is cyberharassment. According to Babu and his colleague, Parishat, cyberharassment is a distinct cybercrime. People are
2

able to do numerous kinds of harassment which ranges from sexual, religious and others in cyberspace, or through the use of cyberspace. The individuals who perpetuate and propagate these harassments can be charged guilty of computer crimes. The authors of the article What is Cybercrime? continue elaborating on cybercrime and its relation to violation of privacy of online citizens which is also deemed as a perturbing problem of the use the Internet. 2.2. Cyber crimes against Property This type of cybercrime has made thousands or even millions of losses among individual persons and businesses. The popularity and effortlessness of online transactions such as bill payment, flight ticket booking, tax and insurance payment, and others has its drawbacks. Persons who favour online transaction must have credit card to do so. The major problem of credit card usage is fraud. Black hat hackers who carry out illegal malicious hacking work are able to access and manipulate the credit cards of others. A strong system and professional white hat hackers are needed in order to secure websites from credit card fraud. Other than that, intellectual properties are often become a victim of cyber crimes. Intellectual property or its short form IP refers to creations of the mind: inventions, literary and artistic works, and symbols, names, images, and designs used in commerce. According to a report in a website; http://www.reportcybercrime.com, the intellectual property crimes include software piracy, copyright infringement, trademark violation and theft of computer source code. 2.3. Cyber crimes against Organization and Society Unlike the previous types of cyber crimes, this category of virtual crime strikes large number of people and often involves experts and programmers of computers who choose to misuse their expertise to gain personal or in-group satisfaction. The most popular crime under this category is unauthorised access of computer. This has happened in Malaysia in which government and NGOs websites are intruded and hacked as the sign of protest by Malaysians netizens to the new law enacted by Malaysian government regarding accessibility of some file-sharing websites. This does not exclude the crime that is done to the society like cyber terrorism which manipulates the resources to crack into government and military-protected websites.

3. Comparison of Cyber crimes in Malaysia and USA Since the usage of the Internet became fully accepted in Malaysia approximately in year 2000, Malaysian government has created laws and regulations to control possible threats by the Internet. Among the cyber laws that have been enacted in Malaysia are Malaysian Computer Crimes Act 1997 (CCA 1997) and the Communication and Multimedia Act 1998. The government sees cyber crimes as a serious problem hence the unbending penalties for any form of cybercrime. If a person is found guilty and had intention to cause injury while performing the crime, he or she can be charged imprisonment ranges from three to 10 years or monetary fine of between RM 25,000 to RM150,000 or both (SANS Institute, 2002). With rapid increase of number of the Internet users in Malaysia that now reaches its 17.5th million users as of April 2011(Kugan, 2011), it is important that the government takes a proactive action to prevent cyber crimes. Some suggest the government and authorities to communicate and collaborate with other countries in order to resolve computer crimes. According to SANS Institute (2002), one of the examples of the strong working relationship between authorities is when Malaysias parliamentary website was hacked in 2000, Brazil and Frances government offered assistance as the IP addresses of the hackers were located in both countries. This collaboration can fasten the process of catching the Internet criminals all over the world. An agency known as CyberSecurity Malaysia operating under the Ministry of Science Technology and Innovation (MOSTI) is one of the organizations that seek to control cyber crimes by conducting research and studies. The agency gives assistance to relevant authorities such as police and military as well as the victims of cyber crimes to make sure justice is upheld. Not only that, CyberSecurity Malaysia defends the society especially the Internet citizens by aiding cyber forensic, the process of extracting information and data from computer storage media and guaranteeing its accuracy and reliability. According to CyberSecurity, the percentage of cases handled increased dramatically in year 2008 as 2,123 incidents were reported, it was hundred per cent more than the previous year. However, the increase may not relate to the actual occasion of cyber crimes. The most recent information of cybercrime rate was reported in New Straits Times dated 27 October 2010 shows the increase of 2539 cases from 2009 (2642 cases) to 5181 cases in October 2010. On March 2011, 3,563 incidents were reported to the Cyber999 Security Incident Help Centre and of those, 400 phishing sites targeting Malaysian banks were reported according to an article
4

entitled Cybersecurity Malaysia Intensifies Fight Against Cybercrime retrieved from Malaysiandigest.com dated on 27 April 2011. CyberSecurity Malaysia has established 2010 statistics of cyber crimes in Malaysia. It includes content related, denial of service, cyber harassment, fraud, intrusion, intrusion attempt, malicious codes, spam, and vulnerability report. While fraud has the highest percentage of 7.34%, content related has the lowest percentage of 0.48% in these eight types of computer crimes listed by the agency. Below is the statistics retrieved from CyberSecurity website (2011):

Table 1. Reported cyber crimes in Malaysia

The stated cyber crimes in are not complete since there might be incidents that have not been reported or detected by the agency. Thus, CyberSecurity aims to create a culture infosecurity among Malaysians(2011), especially on children, teenagers, parents and organizations. CyberSecurity has conducted activities targeted on the most fragile users of the Internet in order to raise their level of awareness. The agency has found out that the Internet users in Malaysia tend to concentrate on the ease of using the Internet and enhancing its infrastructure; while there are only small portions of netizens in Malaysia really consider safety and security as a big issue. In describing this phenomenon, CyberSecurity in its website elaborates the example as follow: If we subscribe to Internet banking, we should learn about the risk factors. In social networking sites like Friendster and Facebook, we must be aware of the risk in dealing with people on these sites. We should never blindly trust people and we must be critical about what we read and see.
5

However, knowing the rate of cybercrime in Malaysia alone is not enough to educate Malaysians to be aware before giving any crucial information online. One of the best countries that can be compared to Malaysia is United States. Known by its technology and creative invention, this big country seems able to control the cyber crimes, despite many populations living in it. According to the statistics in 2010 that was derived from Federal Bureau of Investigation (FBI) in collaboration with the Internet Crime Complaint Centre (ic3) for cybercrime statistic in USA, they received approximately 25,000 complaints per month. The 2010 Internet Crime Report shows that dangerous and pervasive online crime has become, which affect people in all over the world.

Table 2. Top ten cyber crimes in USA

The Internet Crime Report has divided specifically the types of frauds which are miscellaneous fraud, advance fee fraud, auction fraud, credit card fraud and overpayment fraud which totals up the highest rate type of cyber crimes of 32.7 %. While spam in USA was 6.9%, 8.7% lower than Malaysians spam percentage. According to both agencies, CyberSecurity Malaysia and Internet Crime Report, there were 38777 complaints received in Malaysia and 2078895 complaints made in United States. Though the number of complaints in USA might seem overwhelming, it is not accurate to compared Malaysians rate with that of USA due to some reasons. The difference is contributed by the number of populations in each country, the actual user of the Internet and level of awareness of cybercrime and cyber security. According to Izwan Ismail (New Strait Times, 22 October 2007) local cybercrime activities are increasingly becoming more money-motivated according to the latest statistics from CyberSecurity Malaysia. The cyber crimes were previously done for fun but later the

Internet becomes means for financial gains. This is true in case of Malaysia and USA. The following are table illustration number of complaints in both countries for the past five years: Year 2005 2006 2007 2008 2009 2010 TOTAL Numbers of complaints received 835 1372 1038 2123 3564 8090 17022
Table 3. Cases complained and percentages in Malaysia

Percentage (%) 4.91 8.6 6.1 12.4 20.9 47.5 100

Year 2005 2006 2007 2008 2009 2010 TOTAL

Numbers of complaints received 231493 207492 206884 275284 346655 343809 1611617
Table 4. Cases complained and percentages in USA

Percentage (%) 14.4 12.9 12.8 17.1 21.51 21.33 100

Based on the information above that is provided by CyberSecurity Malaysia (2011) and ic3 agency (2011), Malaysia has the highest complaints rate in 2010, and the numbers of complaints keep on increasing each year except in 2007, it dropped 2.5% from the previous year, while in the USA, the number of complaints steadily increasing and slightly dropped 2846 cases in 2010 from the previous year. Both countries share the same lowest percentage of complaints in 2007, in which Malaysia has 6.1% and the USA has 12.8% of overall complaints made from 2005 to 2010. There are many reasons contributing to the figures as listed in both tables. As a country populated by more than 311 million people, USA has shown positive response of the impact of the Internet to its people. This shows that the American citizens are well-educated on the cyber security and more research are done in USA compared to Malaysia. On the other hand, the population of Malaysia is approximately over 28 million people, yet, the statistic shows that the roles played by cyber security agency like CyberSecurity Malaysia are not effective compared to ic3 and FBI agencies in the United States. Besides that, the figure demonstrates that the technology used in USA to prevent and control cyber crimes in USA is more advanced compared to that of Malaysia.
7

4. Suggestions The most important step to be done in order to reduce the cases of cyber crime is to make each and every user of the Internet aware of the potential threats they might get out of the Internet. This essentially can be implemented to school children and then the adults. Early education is very crucial especially when it comes to cyber crimes against individuals which witnessed a number of children all over the world have been lured through cyber chats. However, the technology changes very fast. The expertise also shifts together with the technological changes. Black hat hackers are very creative and there are adaptive to new software and technology. Thus, the society needs more the experts and professional who are able to develop devices to fight against those hackers. Although CyberSecurity has done a good work for Malaysian in controlling crime activities virtually, more agencies like this are required. It is beneficial for Malaysian government to develop more specialised organizations to specific crimes in order to increase effectiveness in controlling and preventing cyber crimes. As mentioned earlier, Computer Crime Act 1997 and the Communication and Multimedia Act 1998 are two acts that used in implementing and giving penalties to cyber criminals. These acts should be tightened and penalties ought to be severe to make cyber crime impossible for the hackers. 5. Conclusion In conclusion, the problem of cyber crime need to be decreased and one of the best ways to do it is by imitating and taking initiative as what has been done by the United States. It is best to take USA as a benchmark on how to prevent and control computer crimes in Malaysia. There are three types of computer crimes which are, cyber crime against individual, cyber crime against property, and cyber crimes against organizations and society. These classifications are used as a tool by the experts like CyberSecurity Malaysia and ic3 agency in order to find alternatives to ensure the cyber world is safe for everybody. Despite the challenges that can be faced by the agency like CyberSecurity Malaysia, every organization and individual user of the Internet must take part in preventing, or if possible, abolishing the cyber crimes in Malaysia.

(2926 words)

References National Research Council (1991). Computers at Risk: Safe Computing in the Information Age. National Academy Press. N.W. Washington D.C 204 18 Izwan Ismail (2007). Proactive take on Cybercrime. New Straits Times. 22 October 2007. Babu M. & Parishat M.G (2004). What is Cybercrime?. Retrieved from http://www.crimeresearch.org/analytics/702/ on 29 September 2011. Star of Mysore Online. Internet Crime Complaint Center Website (2010). 2010 Internet Crime Report. Retrieved from http://www.ic3.gov/media/default.aspx on 29 September 2011. CyberSecurity Malaysia Website (2011). Is CyberSecurity Malaysia an Enforcement Agency?. Retrieved from http://www.cybersecurity.my/en/media_centre/media_faqs/media_faqs/main/detail/1691/index. html on 29 September 2011. Federal Bureau of Investigation Website (2011). Reporting Computer, Internet-Related, or Intellectual Property Crime. Retrieved from http://www.cybercrime.gov/reporting.htm on 28 September 2011.