Professional Documents
Culture Documents
PAYMENT SYSTEM
Introduction of Cybercrime
Cybercrime Law
Ethics and Professionalism
Until now there is no exact definition for computer crime and
cyber crime. Usually, computer crime refers to cyber crime and
vice versa. It all depends on 4how researcher interprets these
crimes based on the research.
Generally, computer crime consists of several crimes. Computer
crimes also known as crime that were done using computer as a
tool. This requires a direct connection between the criminal and
computer.
Cyber crime does not happen without internet. Through direct
lines, criminals can expand his crime activities to other countries
which are out of Malaysian authorities.
However, it is not totally wrong to refer computer crime as cyber
crime for both of them needs computer to commit the crime.
The major difference is that computer crime is under the
observation of Malaysian laws and cyber crime has no boundaries
and it surely does give effects on to other country’s authorities.
4
Cyber crime on to Properties
◦ stealing information, properties, money as well as
services.
Cyber Crime on to Human Being
◦ spam e-mails, website intrusion and accessing
individual’s computer system without permission.
Terror Cyber Crime
◦ advantage from a poor computer system to
launch a terror attack
5
Crimes committed via internet
Examples : Spreading Virus, Hacking,
Illegal Access, Illegal interception, Data
Interference and communication
Interference. Non-Reconstructable
Network Packet
Networ
k Crime operation methods… Evidence from …
Packet
Traditional crimes committed
via Internet.
Examples: Internet Auction fraud,
trafficking in contraband goods,
Reconstructable
Internet sexual assault, internet-
network Packet
advertising bank loans fraud
6
1. Crime Time Evidence
2. Crime location Collection
3. Corpus delicti
4. Crime method
5. Perpetrator Analysis
6. Criminal damage Internet
7. Criminal charges Interception
Search
Seizure
8
1. Viruses & Worms, Hacking &
Trojans ... ...… …
Non-Reconstructable
Network Packet
Reconstructable
Network Packet
9
1 Forensics tools
2 3
“Stop, look and listen”
Off-Line Forensics
software
Wired , HTTPS/SSL
and VoIP
Wireless
“Catch-it-while-you-can”
forensics systems Off-Line packet
reconstruction
software
By using Forensic Tools, we can obtain supporting evidence like log, files
and records from both victim and suspect computers.
11
By Using Off-Line packet reconstruction
software to reconstruct the recorded traffic
data
Off-Line packet
reconstruction
software
Network
Packet
12
Digital Evidence Court
Forensic Analysis
Forensic Reports 13
Cyber crime on to Properties
◦ stealing information, properties, money as well as
services.
Cyber Crime on to Human Being
◦ spam e-mails, website intrusion and accessing
individual’s computer system without permission.
Terror Cyber Crime
◦ advantage from a poor computer system to
launch a terror attack
15
Theft Crime allocated under Section 378
Kanun Keseksaan
Fraud Crime allocated under Section 415
Kanun Keseksaan.
Betrayal Crime allocated under Section 425
Kanun Keseksaan.
16
◦ Accessing computer materials without
permission or known as hacking, under Section
3 Computer Crime Act 1997
◦ Accessing without permission with intention to
do further crimes or known as cracking, under
Section 4 Computer Crime Act 1997
◦ Modifying of any contents of a computer without
permission under Section 5 Computer Crime Act
1997
17
In Computer Crime Act 1997, computer is defined
as:
“An electronic, magnetic, optical, electrochemical,
or other data processing devise, or a group of such
interconnected or related device, performing
logical, arithmetic, storage and display functions
and includes any data storage facility or
communications facility directly related to or
operating in conjunction with such devise or group
of such interconnected or related devices, but does
not include an automated typewriter or typesetter,
or a portable hand held calculator or other similar
devise which is non-programmable or which does
not contain any data storage facility.”
18
Section 3(1) Computer Crime Act 1997 allocate that
one is committing a crime when:-
◦ He/she cause one computer to function with
intention to gain access to any program or data
kept in any computer.
◦ Intention of access is without permission
◦ He/she knows when the computer function, the
consequences is in the way it should happened.
These terms are cumulative. To fulfill the first term,
hacker must function a computer in order to have
access to program or data. The word “function a
computer” is not clear. In Section 2 Computer
Crime Act 1997, functions are defined as logic,
arithmetic, storage and communication to, from or
in a computer.
19
It is not mentioned that the criminal must have specific access for
any computer. Usually, hackers dialed telephone number randomly.
The first term of Section 3 is fulfilled when access is made without
knowing the identity of the victims.
The second term in this section is related to access without
permission. Whether an access is done without permission or not, it
must refer to the definition under Section 2(5) Computer Crime Act
1997.
Referring to this section:-
◦ He/she have no rights to control access in the related form of the
program or data
◦ He/she have no permission or abuse the permission given in
accessing related form of program or data from any authorized
person.
The first term is clear. It refers to individual that have no rights on to
computer system or databases but made access without the owner’s
permission.
The second term refers to individual that in the beginning has
permission to have access but have no rights to permit other people
in accessing the same material.
20
One is convicted under Section 5 Computer Crime Act
1997 if involved in activities that are known able to
modify without permission.
The definition of modify is given under Section 2(7)
Computer Crime Act 1997. Modifying the contents of a
computer if with conducting any function of the
computer or any other computer happened when:-
◦ Any program or data kept inside the computer is
modified or erased
◦ Any program or data is entered or added to its
content
◦ Any circumstances that leads to malfunctioning a
computer.
Based on the definition, modification without
permission is quite broad. However, to convict the
committed crime, a very solid evidence of the
existence of modification activities without permission
is needed.
21
Section 4 Computer Crime Act 1997 is crime related to
accessing without permission with intention to do
further crimes.
One can be charged under this section if committing
this crime that involve fraud or that can cause casualty
which defined by “Kanun Keseksaan”.
It is not material to see the crime is done within the
same time as accessing without permission or in other
time. For example, a hacker tries to gain access to a
computer with intention to send threatening message
but fails to do so.
It is quite difficult to convict this hacker for it is just in
the beginning of the process. However, conviction
made under Section 4 can be a success as long as the
intention to do the crime can be proven.
22
A computer can perform many roles in a crime.
A particular computer can be subject, object or
medium of a crime
A computer can be attacked, used to be attack
and used as a means to commit crime. It is
hard to prosecute for the following reasons:
◦ Lack of understanding
◦ Lack of physical evidence
◦ Lack of recognition of assets
◦ Lack of political impact
◦ Complexity of case
◦ Juveniles
23
Derived from the Greek word “ethos”, which means “custom”,
“habit”, and “way of living”
Ethics is concerned with human conduct, i.e., behavior of
individuals in society
Ethics is a system of morals of a particular person, religion or a
group
Moral: means dealing with, or capable of, distinguishing between
right and wrong, and between just and unjust
Ethical Theory: a system of ethics guides towards actions good
for all
Applied Ethics:
◦ The practice of ethics
◦ Rules for ethical behavior for everyday life
◦ Impossible for all people to share same applied ethics in all
details
Never copy anyone else’s work
Never plagiarize from an outside source
Do not make copies of a friend’s software to