Digital Forensics Background It is a scientifically derived and proven methods toward the presentation, collection, validation, identification, analysis,

interpretation, documentation and presentation of digital evidence, derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations. "Uncovering the truth beyond digital imagination". In 1998, Digital Forensics Laboratory (DFL) was established under National ICT Security & Emergency Response Centre (NISER). The 4 years of intensive research in Computer Forensics resulted DFL to officially announce their digital forensics services in 2002. In year 2007, NISER underwent a transformation and was renamed to CyberSecurity Malaysia. On the same year, DFL grew bigger and became Digital Forensics Department (DFD). Since then, we have strengthen our technology and resources, and had started to offer a full-fledge digital forensics investigation and examination including in the area of audio and video forensics. For the ease of understanding the kind of services that we offer, the trademark "CyberCSI" was introduced to the stakeholders and to the public. Our clients are from Law Enforcement Agencies (LEA's), Government-Linked Companies (GLC) and private agencies. Some of our distinguished clients are Royal Malaysia Police (RMP), Royal Malaysia Customs, Malaysian Communication & Multimedia Commission (MCMC), Ministry of Domestic Trade, Co-operatives & Consumerism (MDTCC), Central Bank of Malaysia, Petronas and many more. To date, we have contributed in solving numerous forensics cases; including the high profile involving Altantuya murder, the V.K Lingam tape, Danafuture quick rich scheme and Maldivians credit card fraud. Our notable achievement is when our analysts are gazetted under the Criminal Procedure Code 399 on 23rd February 2009. This is the same gazette that was awarded to Malaysia Chemistry Department on 3rd August 2004. All reports and testimonials from our analysts are acceptable by the Malaysia Court of Law.

Digital Forensics services Computer Forensics " What one can hide, another can discover " Computer Forensics is the application of scientific examination and data analysis performed on computer storage media to discover potential digital evidence for the purpose of presentation in the court of law.

Mobile Phone Forensics " Every action leaves trail of evidence " The application of scientific examination and data extraction performed on mobile phone device for the purpose of presentation in the court of law.

Audio Forensics " It is more than just a sound that you are hearing " The application of digital audio science and technology performed on digital audio file or media to discover potential digital evidence for the purpose of presentation in the court of law.

Video Forensics " Evidence does not lie " The application of digital video science and technology performed on digital video file or media to discover potential digital evidence for the purpose of presentation in the court of law.

First Responder " Securing the digital evidence " The task of assisting Malaysia's Law Enforcement Agencies (LEA'S) in joint-raid activities related to digital crime.

Training Training Program Our trainers are dedicated and motivated personnel, who deal with real day-to-day cases

CSMDF Essentials This course is designed for personnel who have no IT background, but involve directly with digital and cyber crimes related cases.

CSMDF01 - First Responder This course is designed for officers who involves in identifying, seizing and preserving digital evidence at the crime scene.

CSMDF02 - Investigation & Analysis This course is designed for analysts who involve directly in digital forensic examining and analyzing of digital evidence.

CSMDF03 - Data Recovery (Advanced) This course is designed for analysts who do forensics examination and analysis at the forensics laboratory.

CSMDF04 - Forensics on Internet Applications (Advanced) This course is designed for Information Security/ forensic practitioners who want to have and advanced forensic knowledge specifically in Internet Applications area. Participants will be trained in hands-on environment with latest techniques and tools available.

Security Management and Best Practices Our services categorised under "Security Management and Best Practices (SMBP)" include specialised training and advisories in the areas of Information Security Management System (which complies to the ISO/IEC 27001:2005 standard) and Business Continuity Management (BCM). Besides these two specific areas, we have been developing information security guidelines and best practices for the ICT community. With these guidelines, we aim to share expertise and knowledge with organisations and the public to create sustainable and resilient information security environment. We also contribute towards Standard development in areas of information security; both locally (with Standards Malaysia) and internationally (with ISO). For example, we have consistently contributed to standards development through the Technical Committee on Information Security (TC5) and Technical Committee for BCM (TC-BCM). We have been entrusted to chair the Technical Working Group (WG4), a core group that handles Security Controls and Services and we have successfully pushed through the acceptance of ISO Information Security Standard proposal on "Guideline for Identification, Collection and/or Acquisition and Preservation of Digital Evidence" with the objective to ensure right procedure is globally accepted in the international court of law.

Information Security Management (ISM) ISMS Policy How to define ISMS scope Giving Access to Files and Documents Retaining or Deleting Electronic Mail (Email) Securing Against Unauthorised Physical Access

Business Continuity Management (BCM) BCM Guideline URL Link : DRI's BCM Professional Practices Becoming Certified - What are the Benefits?

General Information Security Best Practices Social Network Sites Online Identity Theft Web Browsing: Play It Smart, Don't Be Played! Best Practices Protecting Your Mobile Device Cyberstalking Safe Online Gaming Safer Internet Surfing Social Networking Online shopping Online banking

General Information Security Guidelines Guidelines for Small & Medium Enterprises (SMEs) Code of Ethics for Information Security Professionals Guidelines on Information Security in ICT Outsourcing Guidelines on Computer Security Wireless Local Area Network (LAN) Security Guideline 3rd Party Information Security Assessment Guideline

Suggestions to curb cyber crimes MYCERT Malaysia computer emergency response team

Mission To address the computer security concerns of Malaysian Internet users.

Vision To reduce the probability of successful attacks and lower the risk of consequential damage.

Background Malaysia Computer Emergency Response Team (MyCERT) was formed on January 13, 1997 and started its full operation on March 1, 1997. Operating from the office of CyberSecurity Malaysia, MyCERT provides a point of reference for the Internet community in Malaysia to deal with computer security incidents. MyCERT provides assistance in handling incidents such as intrusion, identity theft, malware infection, cyber harassment and other computer security related incidents. Currently MyCERT operates the Cyber999 computer security incident handling and response help centre as well as the Cybersecurity Malaysia Malware Research Centre. MyCERT works closely with law enforcement agencies such as the Royal Malaysian Police, Securities Commission, and Bank Negara Malaysia. MyCERT also has close collaborations with Internet Service Providers (ISP), computer security incident response teams and various computer security initiatives world wide.

MyCERT Core Functions Cyber999 * National point of contact for reporting computer security incidents. * Provide technical analysis of computer security incidents. * Assist Malaysian Internet users in escalating abuse reports to relevant parties.

Malware Research Centre * Conduct operational research and development work in the area of malware and emerging threats. * Issue relevant alerts and advisories on emerging threats to our constituency.

Technical Coordination * Co-ordination of computer security incident responses with trusted parties at the national and international arena. From time to time, MyCERT conducts hands-on training and technical presentations on computer security related topics.

Malaysia steps up effort to curb cyber crime To establish one stop centre on lines of Taiwan PTI | MARCH 25 2011 Share In a bid to stamp out the growing menace of cyber crimes, Malaysian police today said it plans to set up 'a one-stop centre' to curb commercial crimes and threats on the net. Federal Commercial Crime Investigation Department director Wira Syed Ismail Syed Azizan said the centre would be modelled after the Taiwan Cybercrime Prevention and Fighting Centre which managed to control cyber crimes. The setting up of the centre will help speed up commercial crime investigations as time is crucial, he told reporters. "For example, when a customer is duped by an online banking scam, he must contact the centre quickly to enable to the police to tell the bank to block the transaction," he said. He said besides the one-stop centre, the Commercial Criminal Investigation Department (CCID) was also planning set up a database on white-collar criminals, including their modus operandi through police intelligence and complaints from victims. "At present, the data is done manually and an application for facilities to set up the database had been submitted to the Logistics Department. We hope it can be set up in June or July," he said. Cases involving misuse of information and communication technology (ICT) have been growing since 2000 and transcended national boundaries, he said, adding that they had changed with times from merely slanders, instigations and intimidations. Referring to the surge in the internet users by 45.2 per cent over the last 10 years, he said this had resulted in cyber criminals unleashing new scams at every opportunity. In retrospect, he said corporate, financial, insurance and cooperative frauds began to emerge in the 1980s followed by organised credit card, ATM, Employees Provident Fund (EPF) and share scams which transcended across borders in 1990s. He said fraud, criminal breach of trust and cyber crimes took a turn for the worse in 2009 with 24,590 cases involving the loss of more than a billion ringgit national news agency Bernama said.

Malaysia calls for alliance to curb cyber crime Malaysia proposes to establish collaboration with several countries to fight cyber crime. Information, Communication and Culture Minister, Datuk Seri Rais Yatim said the collaboration would also include the branch of technology as well as developments in the monitoring of crimes in the cyber world. Dr Rais, who is attending the World Information and Communication Summit (WCIS) 2010 in South Korea, said cyber security was one of the topics which Malaysia touched on at the conference. He added that participating countries offered their respective views on cyber security, some of them in a serious tone. "We will look at several reports of this conference for consideration at the national level," he told Malaysian journalists. In his presentation at the summit, Dr Rais said cyber security was a national concern that would require all countries to adopt a united-front approach. "The rise in cyber security attacks over the last few years reinforces the urgency to address the said issues through the establishment of appropriate global frameworks for assessment and exchange of information related to cyber security," Rais said. He added that Malaysia did not enforce prohibitions on or censor the internet but there were rations in cyber laws such as the Communication and Multimedia Act governing individuals who committed cyber crimes. WICS 2010 is organised by the Korean Communications Commission and carries the theme 'Expanding Digital Economy and Culture'. The summit is attended by ministers and deputy ministers from 15 countries, including Mongolia, Ghana, Peru and Mexico. The two-day WISC 2010 aims to strengthen collaboration and build a more sustainable future by sharing participating nations' experiences and vision in Information and Communication Technology (ICT).