OUMH1203 ENGLISH FOR WRITTEN COMMUNICATION

The internet, as we know, has grown rapidly over the last decade. It has given rise to many avenues in every field we can think of be it education, entertainment, business, or sports. However with every boon there is a curse too. This curse is Cybercrime illegal activities committed over the internet. The internet, along with its advantages, has also exposed us to security risks. Computers today are being misused for unlawful activities like e-mail espionage, credit card fraud, spam, software piracy, spreading of viruses and so on, which invade our privacy and offend our senses. Cybercrime is a term used broadly to describe criminal activity in which computers or networks are a tool, a target, or a place of criminal activity. These categories are not exclusive and many activities can be characterized as falling in one or more categories. Although the term cybercrime is usually restricted to describing criminal activity in which the computer or network is an essential part of the crime, this term is also used to include traditional crimes in which computers or networks are used to enable the illicit activity. The terms cyber crime and computer-related crime can be used interchangeably. Cyber crime takes three general forms. There are crimes where the computer is used as the instrument of crime (as in the production and dissemination of child pornography), crimes where the computer is the target of crime (as in a denial of service attack), and crimes where the computer is incidental to the offence (such as communications in furtherance of criminal conspiracies, or the use of computers in maintaining records of criminal transactions such as drug dealing) (Peter Grabosky, 2007). Mr. Pavan Duggal, who is the President of www.cyberlaws.net and consultant, in a report has clearly defined the various categories and types of cybercrimes. Therefore, cyber crimes in Malaysia can be classified into three major aspects which are cybercrimes against persons, cybercrimes against property, and cybercrimes against government. Cybercrimes against persons are cybercrimes committed against persons include various crimes like transmission of child-pornography, harassment of any one with the use of a computer such as e-mail. The trafficking, distribution, posting, and dissemination of obscene material including pornography and indecent exposure, constitutes one of the most important cybercrimes known today. The potential harm of such a crime to humanity can hardly be amplified. This is one Cybercrime which threatens to undermine the growth of the younger generation as also leave irreparable scars and injury on the younger generation, if not controlled. Another example wherein the damage was not done to a person but to the masses is the case of the Melissa virus. The Melissa virus first appeared on the internet in March of 1999. It spread rapidly throughout computer systems in the United States and Europe. It is
1

OUMH1203 ENGLISH FOR WRITTEN COMMUNICATION

estimated that the virus caused 80 million dollars in damages to computers worldwide. In the United States alone, the virus made its way through 1.2 million computers in one-fifth of the country's largest businesses. David Smith pleaded guilty on Dec. 9, 1999 to state and federal charges associated with his creation of the Melissa virus. There are numerous examples of such computer viruses few of them being "Melissa" and "love bug". Cyberharassment is a distinct Cybercrime. Various kinds of harassment can and do occur in cyberspace, or through the use of cyberspace. Harassment can be sexual, racial, religious, or other. Persons perpetuating such harassment are also guilty of cybercrimes. Cyberharassment as a crime also brings us to another related area of violation of privacy of citizens. Violation of privacy of online citizens is a Cybercrime of a grave nature. No one likes any other person invading the invaluable and extremely touchy area of his or her own privacy which the medium of internet grants to the citizen. Cybercrimes against property are the second category of Cyber-crimes is that of Cybercrimes against all forms of property. These crimes include computer vandalism (destruction of others' property), transmission of harmful programmes. A Mumbai-based upstart engineering company lost a say and much money in the business when the rival company, an industry major, stole the technical database from their computers with the help of a corporate cyberspy. Cybercrimes against government are the third category of Cyber-crimes relate to Cybercrimes against Government. Cyberterrorism is one distinct kind of crime in this category. The growth of internet has shown that the medium of Cyberspace is being used by individuals and groups to threaten the international governments as also to terrorise the citizens of a country. This crime manifests itself into terrorism when an individual "cracks" into a government or military maintained website. To date, there are several types of cybercrime that have been recognised worldwide. There are spamming, hacking, phishing, spoofing, computer viruses, Worms, Trojan, pornography, and theft of software. Spamming is the abuse of electronic messaging systems to send unsolicited bulk messages, which are generally undesired. While the most widely recognized form of spam is email spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, mobile phone messaging spam, internet forum spam and junk fax transmissions. Hacking in simple terms means illegal intrusion into a computer system without the permission of the computer owner/user. The most prominent definition of hacking is the act of
2

OUMH1203 ENGLISH FOR WRITTEN COMMUNICATION

gaining access without legal authorization to a computer or computer network. A hacker first attacks an easy target, and then uses it to hide his or her traces for launching attacks at more secure sites. The goal of an attack is to gain complete control of the system (so you can edit, delete, install, or execute any file in any users directory), often by gaining access to a "superuser" account. This will allow both maximum access and the ability to hide your presence. Phishing is essentially an online con game, and phishers are nothing more than tech-savvy con artists and identity thieves. They use spam, fake Web sites, crimeware and other techniques to trick people into divulging account sign-in information. In most cases, phishers send out a wave of spam email, sometimes up to millions of messages. Each email contains a message that appears to come from a well-known and trusted company. Usually the message includes the company's logo and name, and it often tries to evoke an emotional response to a false crisis. Couched in urgent, business-like language, the email often makes a request of the users personal information. Sometimes the email directs the recipient to a spoofed Web site. The Web site, like the email, appears authentic and in some instances its URL has been masked so the Web address looks real. Spoofing is the creation of TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through the Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source. A common misconception is that "IP spoofing" can be used to hide your IP address while surfing the Internet, chatting on-line, sending e-mail, and so forth. This is generally not true. Forging the source IP address causes the responses to be misdirected, meaning you cannot create a normal network connection. However, IP spoofing is an integral part of many network attacks that do not need to see responses (blind spoofing). In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine by spoofing the IP address of that machine. A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. The original may modify the copies or the copies may modify themselves. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or carrying it on a removable medium such as a floppy disk, CD, or USB drive.Additionally, viruses can spread to other computers by infecting files on a network file system or a file system that is
3

OUMH1203 ENGLISH FOR WRITTEN COMMUNICATION

accessed by another computer. The term comes from the term virus in biology. A computer virus reproduces by making, possibly modified, copies of itself in the computer's memory, storage, or over a network. This is similar to the way a biological virus works. A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computer terminals on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms always harm the network (if only by consuming bandwidth), whereas viruses always infect or corrupt files on a targeted computer. An early worm on the Internet, and the first to attract wide attention, was the Morris worm. It was also termed 'The Internet Worm' by Peter Denning in an article in American Scientist (March-April, 1988) in which he distinguished between a virus and a worm, thereby becoming an early computer zoologist. Trojan Horse is a destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer. The term comes from a Greek story of the Trojan War, in which the Greeks give a giant wooden horse to their foes, the Trojans, ostensibly as a peace offering. But after the Trojans drag the horse inside their city walls, Greek soldiers sneak out of the horse's hollow belly and open the city gates, allowing their compatriots to pour in and capture Troy. Pornography is the first consistently successful e-commerce product. With deceptive

marketing tactics and mouse trapping technologies, Pornography encourage customers to access their websites. Anybody including children can log on to the internet and access websites with pornographic contents with a click of a mouse. Publishing, transmitting any material in electronic form which is lascivious or appeals to the prurient interest is an offence under the provisions of section 67 of I.T. Act -2000. Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original. Retail revenue losses worldwide are ever increasing due to this crime. It can be done in various ways such as end user copying, hard disk loading, counterfeiting, and illegal downloads from the internet. The country saw a surge in cyber crimes last year with over 15,000 reports lodged. However, the government has a plan in place to combat the threat. Science, Technology and Innovation
4

OUMH1203 ENGLISH FOR WRITTEN COMMUNICATION

Minister Datuk Seri Dr Maximus Ongkili said a total of 15,218 incidents were reported via the Cyber999 Help Centre, which was an 88 per cent increase compared with 2010 when only 8,095 incidents were reported. He said a technologically empowered world meant national security could no longer be viewed as an isolated issue. According to him, cyber crime is a global phenomenon that affects all net citizens, corporations and governments, which can also cripple the social wellbeing and economic development of our country. The threat of cyber attacks and the increasing number of cyber crimes can potentially cripple the key components of the National Critical Information Infrastructure. The internet solution security is a newly developed business Internet security solution by 1Machine Technology Group. In realising the danger that cyber crimes posed to the country, the government had put in place a National Cyber Security Policy, which was implemented in 2006. However, recent developments of industry players proactively initiating research and development and introducing new products and services had been positive. Moving forward, in today's world where boundaries are being replaced by Internet gateways and information is placed online for safekeeping. In Malaysia, if there is a cybercrime, if it involves content or activities on a network, the Malaysian Communications and Multimedia Commission must be informed. In order to trace something or require technical assistance, Cyber Security Malaysia is the agency that responsible to solve the related matters. The cybercrimes unit of the police must be informed if the matter is criminal in nature. In USA, by pleading guilty in this first case, Diekman admitted he illegally accessed government computers at NASAs Jet Propulsion Laboratory in Pasadena, NASA computers at Stanford University, and numerous other government and university computer systems. Diekman, who used the nicknames "Shadow Knight" and "Dark Lord," gained unauthorized "root-level" access to at least three computer systems at JPL. This hacking activity gave him control over all aspects of the computers, including the ability to modify files and alter security on the systems. The NASA computer systems at Stanford were used to develop sensitive satellite flight control software used to control NASA satellites. As part of his guilty plea, Diekman admitted that he had caused $17,000 in damage to these computers. The case was investigated by Special Agents of NASAs Office of Inspector General, Computer Crime Division and the Computer Crimes Squad of the Federal Bureau of Investigation, Los Angeles Field Office.

OUMH1203 ENGLISH FOR WRITTEN COMMUNICATION

Texas hacker pleads guilty to 7 charges of unlawfully obtaining access to computers belonging to the U.S. Postal Service, the State of Texas, the Canadian Department of Defence and the private sector. Robert Russell Sanford pled guilty in District Court of Dallas County, Texas, to six felony charges of breach of computer security and one felony charge of third degree aggravated theft. Sanford, a member of the HV2K hacking group, pled guilty to bunlawfully obtaining access to computers belonging to the USPS, the State of Texas, the Canadian Department of Defence and Glinn Publishing Company of Milwaukee, WI, between November 1999 and January 2000 and depriving owners and users from their use of these systems. In order to curb cyber crimes in our country, there are few actions that can be done. First of all, more laws and codes to be amended. The current laws and codes in Malaysia are to be amended. As there are indeed loopholes in the Malaysian legal landscape that have to be addressed. It is suggested that Malaysias amendments must take into account that its laws concerning technology are to be technology neutral. This is because of the fact that technology is fast evolving in the on-line world. Hence, the best way forward is to entrench rules in cyberspace to protect Malaysians instead of to entrench technology into the law. It is suggested that the Royal Malaysian Police and any other investigative body in Malaysia are to have a complete and comprehensive guide as to the preservation of evidence from digital crimes. At the moment, it is noted that S.90A of the Evidence Act of 1950 provides for the admission of documents. The effect of this section is that any document printed by a computer is admissible in court, provided that the computer produces the document in its ordinary use. To prove that the document was issued by the computer in its ordinary use, a person who is responsible for the management of the operation of that computer, or for the conduct of the activities for which that computer was used, is to issue a certificate stating that the document was indeed produced by the computer in its ordinary use. It is submitted that at the moment with the prevalence of worms, viruses and Trojans, such a certificate may not be enough. Perhaps an additional certificate is required from a qualified computer specialist to certify that the computer was not tampered with or affected by any malicious codes. Besides that, the public should be guided and educated. Educational and informative materials are to be supplied to the public to be made aware of risk of the different types of cybercrimes and the different protection technologies that are available to combat against the same. Over and above that, the public should be encouraged to develope homegrown security
6

OUMH1203 ENGLISH FOR WRITTEN COMMUNICATION

technologies

that

are

in

compliance

with

international

standards,

such

as

the

ISO/IEC17799:2000 for Information Security management and the British Standards Industries (BSI) BS7799-2:002 for data protection. Both these standards are being promoted by Niser and SIRIM QAS International Sdn. Bhd. (a subsidiary of SIRIM Berhad) in Malaysia to enhance security in the ICT sector. In a nutshell, cyber crimes occurred not only in a developed country, but growth in the developing country such as Malaysia. The cyber securities in Malaysia still need improvement in order to prevent or reduce cyber crimes. In line with that, all related agencies should call for alliance in order to prevent and reduce the numbers of cyber crimes in our country. Therefore, we must focus in combating the threats that trigger the onset of cyber attacks from the outsider which potentially harm our own country as well as the neighbourhood region. (2830 words).

References: http://library.thinkquest.org/06aug/02257/more.html http://www.cybercrime.gov/

OUMH1203 ENGLISH FOR WRITTEN COMMUNICATION

http://www.malaysianbar.org.my/information_technology_and_cyberlaws_2005_2007/cyber_c rimes_the_net_is_not_in_a_legal_vacuum.html https://www.cyberguru.my/cybersec/aboutus http://en.wikipedia.org/wiki/Computer_crime. www.oxfordreference.com/views/ENTRY.html http://www.reportcybercrime.com/classification.phphttp://library.thinkquest.org/06aug/02257/ more.html http://www.bestarticleworld.com/2009/12/article-on-society-and-increasing-cyber.html http://www.cybersecurity.my/en/media_centre http://www.malaysiandigest.com/news/21919-cybersecurity-malaysia-intensifies-fight-againstcybercrime.html http://www.mycert.org.my/en/services/statistic/mycert/2010/main/detail/725/index.html http://scamfraudalert.wordpress.com/2010/03/13/fbi-2009-cybercrime-statistics

Peter Grabosky.( 2007). Requirements of prosecution services to deal with cyber crime. Springer Science + Business Media B.V. 2007. Crime Law Soc Change (2007) 47:201223. DOI 10.1007/s10611-007-9069-1 . Sonya Liew Yee Aun. (2005). AN INTRODUCTION TO CYBERCRIMES: A MALAYSIAN PERSPECTIVE. Prosiding Seminar Kebangsaan E-Komuniti 2005. UKM. 6-7 Disember 2005. Putrajaya

OUMH1203 ENGLISH FOR WRITTEN COMMUNICATION