c


c 
c 

 

?
  
 ? ?


?




  ? 
?

Y
 V
Y
Y 
Y
 Y

Computer crime includes traditional criminal acts committed with a computer, as well as new
offenses that lack any parallels with non-computer crimes. The diversity of offenses renders any
narrow definition unworkable. The U.S. Department of Justice (DOJ) broadly defines computer
crimes as "any violations of criminal law that involve knowledge of computer technology for
their perpetration, investigation, or prosecution." Accurate statistics on the extent of this
phenomenon have proven to be elusive because of the difficulty in adequately defining computer
crimes. The statistics also are untrustworthy due to victims' failure to report incidents. The
aggregate annual losses to businesses and governments are estimated to be in the billions of
dollars. Some of the most notorious computer crimes have involved computer viruses, such as the
Melissa virus that appeared on the Internet in March 1999 and infected systems in the United
States and Europe, and the February 2000 distributed denial of service (DDS) attacks on several
leading commercial Web sites including Yahoo!, E*Trade, Amazon.com, and eBay. Cyber-
crimes are frequently grouped into three categories. The first are those in which the computer
comprises the "object" of a crime and in which the perpetrator targets the computer itself. This
includes theft of computer processor time and computerized services. The second category
involves those in which the computer forms the "subject" of a crime, either as the physical site of
the offense or as the source of some form of loss or damage. This category includes viruses and
related attacks. Finally, the third category includes those in which the computer serves as the
"instrument" used to commit traditional crimes in cyberspace. This encompasses offenses like
cyber-fraud, online harassment, and child pornography. Though teenage hackers and underage, e-
fraud perpetrators have captured headlines, no "typical" cyber-criminal exists. Perpetrators also
commit cyber-crimes for a variety of reasons. Motives range from a desire to showcase technical
expertise, to exposing vulnerabilities in computer security systems, retaliating against former
employers, or sabotaging government computer systems.
  Y
Y 
Y
 Y

Computer crimes involve activities of software theft, wherein the privacy of the users is
hampered. These criminal activities involve the breach of human and information privacy, as also
the theft and illegal alteration of system critical information. The different types of computer
crimes have necessitated the introduction and use of newer and more effective security measures.

 The activity of breaking into a computer system to gain an unauthorized access is
known as hacking. The act of defeating the security capabilities of a computer system in order to
obtain an illegal access to the information stored on the computer system is called hacking. The
unauthorized revelation of passwords with intent to gain an unauthorized access to the private
communication of an organization of a user is one of the widely known computer crimes.
Another highly dangerous computer crime is the hacking of IP addresses in order to transact with
a false identity, thus remaining anonymous while carrying out the criminal activities.

 Phishing is the act of attempting to acquire sensitive information like usernames,
passwords and credit card details by disguising as a trustworthy source. Phishing is carried out
through emails or by luring the users to enter personal information through fake websites.
Criminals often use websites that have a look and feel of some popular website, which makes the
users feel safe to enter their details there.

Y Computer viruses are computer programs that can replicate themselves and
harm the computer systems on a network without the knowledge of the system users. Viruses
spread to other computers through network file system, through the network, Internet or by the
means of removable devices like USB drives and CDs. Computer viruses are after all, forms of
malicious codes written with an aim to harm a computer system and destroy information. Writing
computer viruses is a criminal activity as virus infections can crash computer systems, thereby
destroying great amounts of critical data.

 Y! The use of communication technology, mainly the Internet, to torture other
individuals is known as cyber stalking. False accusations, transmission of threats and damage to
data and equipment fall under the class of cyber stalking activities. Cyber stalkers often target the
users by means of chat rooms, online forums and social networking websites to gather user
information and harass the users on the basis of the information gathered. Obscene emails,
abusive phone calls and other such serious effects of cyber stalking have made it a type of
computer crime.

"Y# This is one of the most serious frauds as it involves stealing money and obtaining
other benefits through the use of a false identity. It is the act of pretending to be someone else by
using someone else's identity as one's own. Financial identity theft involves the use of a false
identity to obtain goods and services and a commercial identity theft is the using of someone
else¶s business name or credit card details for commercial purposes. Identity cloning is the use of
another user's information to pose as a false user. Illegal migration, terrorism and blackmail are
often made possible by means of identity theft.

The different types of computer crimes involve an illegal exploitation of the computer and
communication technology for criminal activities. While the advancing technology has served as
a boon to mankind, the destructively directed human intellects are all set to turn technology into a
curse. However, crimes are sure to end, as it is truth that always triumphs.

Y
Y
Y
 $  
% VY$ Y
Y
&"YYYY!Y

(1) A person shall be guilty of an offence if -

(a) he causes a computer to perform any function with intent to secure access to any

program or data held in any computer;

(b) the access he intends to secure is unauthorized; and

(c) he knows at the time when he causes the computer to perform the function that

is the case.

(2) The intent a person has to have to commit an offence under this section need not be directed

at-

(a) Any particular program or data;

(b) A program or data of any particular kind; or

(c) A program or data held in particular computer.

(3) A person guilty of an offence under this section shall on conviction be liable to a fine not
exceeding fifty thousand ringgit or to imprisonment for a team not exceeding five years or to
both.

&"YY'YYYYY#!YY#Y#Y##Y

(1)A person shall be guilty of an offence under this section if he commits an offence referred to
in section 3 with intent-Y

(a) To commit an offence involving fraud or dishonesty or which causes injury as define

in the Penal Code [Act 574]; or

 (a)Y to facilitate the commission of such an offence whether by himself or by any other

person

(2) For the purpose of this section, it is immaterial whether the offence to which this section
applies to be committed at the same time when the unauthorized access is secured or any future
occasion.

(3) A person guilty of an offence under this section shall on conviction be liable to a fine not
exceeding one hundred and fifty thousand ringgit or to imprisonment for a term not exceeding ten
years or both.

&"Y"#Y#YYY#YYY

(1) A person shall be guilty of an offence if he does any act which he knows will cause
authorized modification of the contents of any computer.

(2) For the purpose of this, it is immaterial that the act in question not directed at

(a) Any particular program or data;

(b) A program or data of any or

(c) A program or held in any particular computer.

(3) For the purpose of this section, it is immaterial whether an unauthorized modification is or is
intended to be, permanent or merely temporary.

(4) A person guilty of an offence under this section shall on conviction be liable to a fine not
exceeding one hundred thousand ringgit or to imprisonment for term not exceeding 7 years or to
both; or be liable to a fine not exceeding one hundred and fifty thousand ringgit or to
imprisonment for a term not exceeding 10 years or two both, if the act is done with the intention
of causing injury as defined in the Penal Code.
  Y
Y   Y

The Computer Crime Act 1997 relates to offences due to the misuse of computers and
complement existing criminal legislation. Under this law, unauthorised access/modification to
any programme or data held in computer is an offence and will be penalized. This Act also has an
effect outside Malaysia if the offences are committed by any person in any place outside
Malaysia if the computer, programme or data is in Malaysia or capable of being connected to or
used with a computer in Malaysia.

An abstract of the offences, punishment and enforcement under the Act are listed below:

LIST OF OFFENCES
SECTION OFFENCES
3 Unauthorized access to computer material
4 Unauthorized access with intent to commit or facilitate
commission of further offence
5 Unauthorized modification of the contents of any computer
6 Wrongful communication
7 Abetments and attempts punishable as offences

8 Presumption
11 Obstruction of search
LIST OF PUNISHMENT
SECTION IMPRISONMENT FINE OR BOTH
3 Not > 5 years Not > RM 50,000 UY
4 Not > 10 years Not > RM 150,000 UY
5 Not > 7 years; if cases injury, Not > RM 100,000; If cause UY
Not>10 years injury. Not > RM 150,000
6 Not > 3 years Not > RM 25,000 UY
7 Not . ½ of maximum term Same amount as offences UY
abetted
11 Not > 3 years Not > Rm25,000 UY

LIST OF ENFORCEMENT
SECTION OFFENCES SEARCH & ARREST
SEIZURE
10 Powers of search, Person : Not less than Person : Any Police
seizure & arrest Inspector Officer

With or without Without warrant

warrant (seizable)
  Y
Y$ Y

Y(Y

à


 
  
 



 

KUALA LUMPUR, July 22 (Bernama) -- Loss of data and cyber-attacks have been identified as top business
risks for small and medium businesses (SMBs), according to a survey by Symantec Corp.
This came ahead of traditional criminal activity, natural disasters and terrorism, said Symantec's country
manager for Malaysia, Alex Ong. The survey showed that the average SMB worldwide was spending
US$51,000 a year to protect their information, he told Bernama Thursday. Wong said the survey, carried
out from May to June 2010, and involved 2,152 SMBs worldwide, with 1,000 of them from the Asia
Pacific and Japan, including Malaysia. "It also revealed that the annual cost of cyber-attacks in the Asia
Pacific and Japan was US$152,266 while US$12,500 was the average spent by SMBs in the region on
information protection annually," he said. The survey classified small businesses as those having
between 10 and 99 employers and medium businesses as those with 100 to 499 employees. Symantec is
the world's leading provider of computer security software. Its principal consultant for Asia South region,
Nigel Tan, said SMBs needed comprehensive solutions that could be easily deployed and managed while
providing the highest level of protection. "Symantec is giving SMB customers more choices for protecting
their growing business with hosted options for e-mail and web security, and new lower pricing for the
Symantec Protection Suite," he said. To complete the protection for growing businesses, Symantec offers
the Advanced Business Edition, Enterprise Edition and Small Business Edition of its Symantec Protection
Suite product.
Y
Y)Y

YYY!Y"Y

 $*+Y,$$: Online news portal 
 

was hacked.

Its homepage went blank between 8.30pm and 8.45pm yesterday and was replaced by a banner
proclaiming ³Tribute to MalangSial (bad luck)´.It was the first time the site had been attacked.
About 15 minutes later, the 
technology team restored the main portions of the site. As at
press time, the team was reposting news reports lost in the attack. Consultant editor Leslie Lau
described the hacking as ³an inconvenience´.³We don¶t know the reason and we do not know
who we may have offended to warrant such an act. I don¶t know what kind of message the
perpetrator is trying to send to us,´ he said. Lau said the website security would be increased to
prevent a recurrence of the incident. In a message posted on its website following the hacking,
the 
asked its readers to avoid any unnecessary or irresponsible speculation. A security
consultant for the site, who asked to remain anonymous, said he would have a lead on where the
attack originated from by today.³Our security people are tracing the IP address of the hacker,´
said Lau said. Each and every computer on the Web has a unique Internet protocol address that
identifies the machine and its location. Another online news site, Malaysiakini, said its system
was hit by an unsuccessful distributed denial-of-service (DDoS) attack a few days ago.A
spokesman for Malaysiakiniwho also asked not to be named, said such attempts were nothing
new to the site.³We are hit by such attempts quite regularly. We¶re used to it,´ she said. A DDoS
attack saturates a computer network with so much communications requests that the system
becomes unable to respond to legitimate traffic. Under Malaysian law, anyone found guilty of
hacking into a computer can be fined up to RM100,000 or be jailed up to seven years, or both.Y

Y
 !Y

Computers add a new dimension to criminal law, presenting many issues for law enforcement. At
the forefront of law enforcement concerns is the necessity to secure adequate training to combat
these crimes. This requires additional resources. In some cases data are encrypted, making it
difficult for police authorities to discern the contents of the information. The detection of criminal
conduct may also be hampered by the reluctance of entities to report an unauthorized computer
access. Corporations may fear the negative publicity that might result as a consequence of their
systems being compromised. In many cases, unauthorized computer access may go undetected by
the individual or entity whose computer system had been invaded. Equally challenging are the
policy and legal issues. It is necessary to enact legislation that will sufficiently prohibit the abuses
of new and developing technology. The speed with which technology develops makes this a
continual concern. In some cases, the line between what will be considered criminal conduct and
what will be civil remains uncertain. A common debate in discussions of business crimes is
whether the activity is an aggressive business practice, or alternatively a crime. Further, this can
become particularly problematic when countries adopt different standards of what constitutes
crime and different penalties for computer related criminal activity. The Internet also presents
national security concerns since computers serve instrumental roles in the delivery of emergency
services, government operations, banking, transportation, energy, and telecommunications. As
technology develops, the law needs to respond to these new developments to deter those who
would abuse and misuse the new technology.

Y
Y
Y

Y



 Y

http://ecommerce.hostip.info/pages/242/Computer-Crime.html

http://www.rbs2.com/ccrime.htm#anchor111111

http://csrc.nist.gov/publications/secpubs/computer.pdf

http://www.mampu.gov.my/mampu/pdf/MyMIS/chapter5.PDF

LAWS OF MALAYSIA, ACT 563, COMPUTER CRIME ACT 1997 [OFFENCES]

http://bernama.com.my/bernama/v5/newsindex.php?id=515709