INTRODUCTION

Cyber Crimes Definitions

Cyber crimes is a major concern for the global community. The introduction, growth, and
utilisation of information and communication technologies have been accompanied by an
increase in criminal activities. With respect to cyberspace, the Internet is increasingly used as a
tool and medium by transnational organised crime.
Cyber crimes is an obvious form of international crime that has been affected by the
global revolution in ICTs. As a resent study noted, cybercrimes differ from terrestrial crimes in
four ways (David, 2007) : They are easy to learn how to commit; they require few resources
relative to the potential damage caused; they can be committed in a jurisdiction without being
physically present in it; and they are often not clearly illegal. On such a basis, the new forms of
cybercrime present new challenges to lawmakers, law enforcement agencies, and international
institutions. This necessitates the existence of an effective supra-national as well as domestic
mechanisms that monitor the utilisation of ICTs for criminal activities in cyberspace.
The Oxford Reference Online defines cyber crime as crime committed over the Internet.
The Encyclopedia Britannica defines cyber crime as any crime that is committed by means of
special knowledge or expert use of computer technology.
According to Cyber Security Malaysia, there is no comprehensive definition of cyber
crime. There were some attempts but no conclusive definition was agreeable. Cyber crime comes
under three categories.
The first is when information and communications technology (ICT) systems and
intellectual property become targets of exploitation, intrusion, identity and information theft.
The second is when ICT devices are used as means to commit crimes. For example,
computers at home are used to run malicious programs to intrude other computers to steal
money, identity and passwords.

The third category is where the ICT devices are used as mediums of committing crimes.
For example, sedition, disharmony or unrest, slandering and instigating at higher scale come
under this category. Some people say these cases must be prosecuted under cyber laws. But there
are already laws that can be used to handle these cases. For example, for sedition and slander,
one can be charged under the Penal Code.
Despite the fact that the word cyber crimes has entered into common usage, many
people would find it hard to define the term precisely. Furthermore, there is no catch all term for
the tools and software which are used in the commission of certain online crimes. The definition
cyber crimes are broad and formalize an emerging term, crimeware, which is an inclusive term
for the many different trojans, tiruses, bots, spyware and worms which are instrumental in
facilitating certain cyber crimes.

CONTENTS
Classification Of Cyber Crimes
The subject of cyber crime may be broadly classified under the following three groups.
1. Cyber crime against Individual
2. Cyber crime Against Organization
3. Cyber crime Against Society

(1) Against Individuals

(i) Email spoofing : A spoofed email is one in which e-mail header is forged so that mail
appears to originate from one source but actually has been sent from another source
(ii) Spamming : Spamming means sending multiple copies of unsolicited mails or mass emails such as chain letters.

(iii) Cyber Defamation : This occurs when defamation takes place with the help of
computers and or the internet. Example. someone publishes defamatory matter about
someone on a website or sends e-mails containing defamatory information.
(iv) Harassment & Cyber stalking : Cyber Stalking Means following the moves of an
individual's activity over internet. It can be done with the help of many protocols
available such at e- mail, chat rooms, user net groups.

(2) Against Organisation

(i) Unauthorized Accessing of Computer: Accessing the computer/network without
permission from the owner. It can be of two forms:
a) Changing/deleting data: Unauthorized changing of data.
b) Computer voyeur: The criminal reads or copies confidential or propiertary
information, but the data is neither deleted nor changed.
(ii) Denial Of Service : When Internet server is flooded with continuous bogus requests
so as to denying legitimate users to use the server or to crash the server.
(iii) Virus attack : A computer virus is a computer program that can infect other computer
programs by modifying them in such a way as to include a (possibly evolved) copy of it.
Viruses can be file infecting or affecting boot sector of the computer. Worms, unlike
viruses do not need the host to attach themselves to.
(iv) Email Bombing : Sending large numbers of mails to the individual or company or
mail servers thereby ultimately resulting into crashing.
(v) Salami Attack : When negligible amounts are removed & accumulated in to
something larger. These attacks are used for the commission of financial crimes.

(vi) Logic Bomb : Its an event dependent programme , as soon as the designated event
occurs, it crashes the computer, release a virus or any other harmful possibilities.
(vii) Trojan Horse : An unauthorized program which functions from inside what seems to
be an authorized program, thereby concealing what it is actually doing.
(viii) Data diddling : This kind of an attack involves altering raw data just before it is
processed by a computer and then changing it back after the processing is completed.

(3) Against Society

(i) Forgery : Currency notes, revenue stamps, mark sheets etc can be forged using
computers and high quality scanners and printers.
(ii) Cyber Terrorism : Use of computer resources to intimidate or coerce others.
(iii) Web Jacking : Hackers gain access and control over the website of another, even they
change the content of website for fulfilling political objective or for money

COMPARISON OF CYBER CRIMES IN MALAYSIA AND USA

In Malaysia, several types of cyber crimes cases have been reported and increasing rapidly.
According to The Stars, there has been an increase in cyber crimes in Malaysia over the last two
years, more than 3,500 of them reported in the first three months of this year.
CyberSecurity Malaysia chief operating officer Zahri Yunos said some 8,000 cases were
reported last year and attributed this to the growth in Internet usage and broadband penetration
that now stood at 55 per cent.
'The cases have increased exponentially. In the first quarter of this year, our Cyber999
security incident help centre handled 3,563 cases, of which 36 per cent or 1,273 cases were
related to online fraud, which included phishing and identity theft".
Phishing sites targeting local banks have also increased, with 400 sites detected for the
first quarter of this year compared to 900 last year.
Mr Zahri said industry estimates revealed that the cost of cyber crimes worldwide could
easily reach US$1 trillion (S$1.23 trillion).
There are over 4,000 cyber complaints, majority of them relating to cyber crimes, were
filed with CyberSecurity Malaysia between 2007 and 2008. The complaints comprised fraud,
hack threats, Denial-of-Service conditions and other PC problems like viruses corrupting files or
data getting exposed.
In Malaysia, cases of computer fraud would normally be investigated under the Computer
Crimes Act 1997 (Act 563) (CCA), which provides for the punishment of unauthorized access
with intent to commit the offence of fraud or dishonesty under the Penal Code.
Compare to US, there are not many laws governing the cyberscape in Malaysia. Since
1997, some of the cyber laws that have been passed by the Parliament include:

the Digital Signature Act 1997,

the Computer Crimes Act 1997,
the Copyright (Amendment) Act 1997, (also read Copyright Act 1987)
the Telemedicine Act 1997,
the Communications and Multimedia Act 1998,

the Communications and Multimedia Commission Act 1998, and

the Electronic Commerce Act 2006.

It was reported that the Government would introduce some new cyber laws including:
the Electronic Government Activities Bill and the Personal Data Protection Bill.
In USA, more heavier cyber crimes cases reported. According to Computer Crime &
Intellectual Property Section from the United States Department of Justice, most of the cases are
done by profesional individually or by group and organization. The crimes that have been
reportedly are most consists of hacking personal data banking such as credit card fraud
information, ATM PIN and identity theft.
From January 1, 2009 through December 31, 2009, the Internet Crime Complaint Center
(IC3) Web site received 336,655 complaint submissions. This was a 22.3% increase as compared
to 2008 when 275,284 complaints were received. Of the 336,655 complaints submitted to IC3,
146,663 were referred to local, state, and federal law enforcement agencies around the country
for further consideration. The vast majority of referred cases contained elements of fraud and
involved a financial loss by the complainant. The total dollar loss from all referred cases was
$559.7 million with a median dollar loss of $575. This is up from $264.6 million in total reported
losses in 2008. Unreferred submissions generally involved complaints in which there was no
documented harm or loss (e.g., a complainant received a fraudulent solicitation email but did not
act upon it) or complaints where neither the complainant nor perpetrator resided within the
United States (i.e., there was not an appropriate domestic law enforcement agency for direct
referral).
Complaints received by IC3 cover many different fraud and non-fraud categories,
including auction fraud, non-delivery of merchandise, credit card fraud, computer intrusions,
spam/unsolicited email, and child pornography. All of these complaints are accessible to local,
state, and federal law enforcement to support active investigations, trend analysis, and public
outreach and awareness efforts.
On January 1, 2009, IC3 implemented a new complaint classification system based on a
redesigned questionnaire that generates an automatic classification of the complaint into one of

79 offense-based categories. This redesign also resulted in a number of changes to the way the
system gathers and classifies complaint data. Significant findings related to an analysis of the
complaint data include:
There are huge major differences of cyber crimes cases in Malaysia and in USA. In
Malaysia, the cyber crimes cases are not really the big deal or serious problems for MSC and
CyberSecurity to handle. Most like e-mail scam, advance fee fraud and fake website are always
reported in Malaysia.
Futhermore in Malaysia, the specific law that governs the misuse of computer is the CCA
(Criminal Crime Act). Given the increase in computer related crimes and computer abuse, the
enactment of the CCA was timely to govern and regulate this cyberspace activity and impose
sanctions for criminal acts related to it. There was also a need for a specific legislation on
computer crimes as the Penal Code, a general statute catered for criminal offences obviously
being a 19th century piece of legislation, did not envisage for computer related crimes and are
inadequate to provide for these categories of offences.
In USA, most cases that have been reported are shown in the table below. (Source:
Internet Crime Complaint Center, IC3). FBI, NSA, CIA are the agents that involved the
investigation of the cyber crimes in USA.

Table 1: Top 10 Computer Crimes In USA

The most treated cyber crimes cases in USA have been reported increasing about 25% a
year and increasingly more than 60% from the year of 2001 to 2010. There huge differences
between the cyber crimes cases in Malaysia and USA is the level of the cyber crimes that is have
been committed.

Suggestions
Based on findings and related study above, there are following recommendations for cyber space
participants to fight against threats.
1. Enforce More Strictly Law
Many countries now have legislation against cybercrime. Legislation is not a simple
solution. There are areas of conflicts involving human rights and communication secrecy,
and a trade off of between deregulation and industrial order.
The other difficulty is that cybercrime can take place regardless of borders, but
legislations and jurisdictions are based on a nation-by-nation framework. So,
international collaboration and coordination are very important. If an international,
seamless restriction and regulation network could be established, it would provide a great
boost to efforts to suppress cyber threats.

Information technology evolves day-by-day. Cybercrime technology is also

constantly evolving. Hackers invent IT and social engineering methods to commit
cybercrime. The important thing to prevent cybercrime is, therefore, to cover any security
holes. It is also necessary to ensure better quality through improved software engineering
development. An early warning partnership to eliminate vulnerabilities is another
potential area of major benefit. The final point is to fill the legislation gaps and holes
among countries. Do not create a hacker haven.

2. Educations Among Citizens

Individual users do not have enough information about the danger of cyber threats. As
cyber attacks tend to aim at money, they face a bigger risk of fraud and financial
damages. Many Internet users are easily lured by unknown mails and web site buttons,
falling victim to spyware and phishing.
Education of users is most important. This is a typical area where public-private
collaboration can work well. It is recommended that every country should have such
educational program or activities to improve civil awareness of cyber threats.

3. Damage Control
Completely exterminating cybercrime is impossible, just as real crime cannot be
completely suppressed. The next best alternative is to prepare for unexpected attacks and
damages.

Prevention is one way. Precautions, protections, detections and preventions should

be properly implemented. Tools and services are available. Employ appropriate and
effective prevention measures.
Mitigation is the next step. In order to minimize the impact of attacks, it is
important to prepare for incidents. Measures to limit the extent of damage include the
creation of a backup to enable rapid recovery. This helps businesses resume with limited
loss and system down time. Business continuity planning should also include damage
mitigation strategies.

4. Cooperations to Overcome the Cyber Crimes Threats

This include both government and non-governmental cooperations fight against the cyber
crimes. Although they have formed an effective international network, the collaboration
must be expanded between participants. What the international community and respective
national governments should do is to reinforce support for all agencies that involved in
internet securities or cyberspace so that they can be more active.

CONCLUSION
Criminals have adapted the advancements of computer technology to further their own illegal
activities and these inventiveness have however, far out-paced the ability of law enforcement
agencies to react effectively. Therefore, within the law enforcement agencies, a set of rules must
be developed to address the various categories of computer crime. As such, investigators will
know what and which materials to search and seize, the electronic evidence to recover, and the
chain of custody to maintain.
Cybercrime is a persisting international evil that transcends national boundaries in a
manner that renders this form of organized crime a global concern. Cybercrime may take several
forms including online fraud, theft and cyberterrorism. It has been seen that amongst the major
reasons that facilitate the perpetration of this crime is the globalisation of technology and the
revolutionary advancement of ICTs that have impacted on criminal activity. Broadband, wireless
technologies, mobile computing and remote access, Internet applications and services, software
and file transfer protocols are amongst the tools utilized by cybercriminals to commit their crime.
By and large, it is submitted that cybercrime should be subject to a global principle of
public policy that aims at combating and preventing this form of organized crime through raising
global awareness and increasing literacy rates, coordinating legislative efforts on national,
regional and global levels, and establishing a high level global network of cooperation between
national, regional, and international enforcement agencies and police forces.

(2562 WORDS)

REFERENCES

David S. Wall (2007). Policing Cybercrime: Situating The Public Police in Networks of
Security in Cyberspace, Police Practice and Research: An International Journal, vol 8,
no. 2.

Department of Justice Computer Intrusion Cases.

http://www.cybercrime.gov/cccases.html

Edelhertz, H (1970). The Nature, Impact and Prosecution of White Collar Crime, U.S.
Department of Justice.

Francis Ng Aik Guan (2000). Criminal Procedure. Malayan Law Journal.

http://www.cybersecurity.my/

http://www.ic3.gov/

http://www.techterms.com/

Malaysian Computer Crimes Act 1997

http://ktkm.netmyne.com.my/contentorg.asp?
Content_ID=80&Cat_ID=1&CatType_ID=17&SubCat_ID=40&SubSubCat_ID=15

Social Networking Study Shows Cybercrime Risk, Network Security, Volume 2006, Issue 11,
November 2006