Professional Documents
Culture Documents
Crime
KT44103
Ethics and Law in ICT
Sem 1: 2021/2020
14 November 2022
Contents
• Virus
• Worm
• Trojan horse
• Distributed denial of service
• Rootkit
• Spam
• Phishing & pharming
Viruses
• Harmful programs
Reside in active memory of a computer
Duplicate themselves
• Can propagate without human intervention
• Negative impact of worm attack
Lost data and programs
Lost productivity
Additional effort for IT workers
Trojan Horses
• Phishing
• Act of using email fraudulently to try to get the recipient to reveal
personal data
• Legitimate looking emails lead users to counterfeit Web sites
Spear-phishing (Fraudulent emails to an organization’s employees)
Smishing (via text messages)
Vishing (via voice mail messages)
• Pharming – attack intended to redirect a website’s traffic to
another, fake site by installing a malicious program on
computer
Types of Perpetrators
• Perpetrators include:
Thrill seekers wanting a challenge
Common criminals looking for financial gain
Industrial spies trying to gain an advantage
Terrorists seeking to cause destruction
• Different objectives and access to varying resources
• Willing to take different levels of risk to accomplish
an objective
Types of Perpetrators
Hackers & Crackers
• Hackers
• Test limitations of systems out of intellectual curiosity
Some smart and talented
Others inept; termed “lamers” or “script kiddies”
• Crackers
• Cracking is a form of hacking
• Clearly criminal activity
Malicious Insiders
• Major security concern for companies.
• Fraud within an organization is usually due to weaknesses in internal
control procedures
• Collusion
Cooperation between an employee and an outsider
• Insiders are not necessarily employees
Can also be consultants and contractors
• Extremely difficult to detect or stop
Authorized to access the very systems they abuse
• Negligent insiders have potential to cause damage
Industrial Spies
• Hacktivism
Hacking to achieve a political or social goal
• Cyberterrorist
Attacks computers or networks in an attempt to
intimidate or coerce a government in order to advance
certain political or social objectives
Seeks to cause harm rather than gather information
Uses techniques that destroy or disrupt services
Implementing Trustworthy
Computing
• Trustworthy computing
Delivers secure, private, and reliable computing
Based on sound business practices
Plan and Prevention
• Risk Assessment
Process of assessing security-related risks
Identify investments that best protect from most likely and serious threats
Focus security efforts on areas of highest payoff
• Establishing a Security Policy – defines organization’s security
requirements, and controls & sanctions needed to meet
requirements
Delineates responsible & expected behavior
Outlines what needs to be done
Written policies
Plan and Prevention
• Prevention
• Implement a layered security solution
Make computer break ins harder
• Installing a corporate firewall
Limits network access
• Intrusion prevention systems
Block viruses, malformed packets, and other threats
• Installing antivirus software
Scans for sequence of bytes or virus signature
Plan and Prevention
• Safeguards against attacks by malicious insiders
• Departing employees and contractors
Promptly delete computer accounts, login IDs, and passwords
• Carefully define employee roles and separate key responsibilities
• Create roles and user accounts to limit authority
• Defending against cyberterrorism
• Conduct periodic IT security audits
Evaluate policies
Review access and levels authority
Test system safeguards
Plan and Prevention
• Detection
• Detection systems
Catch intruders in the act
• Instruction detection system
Monitors system/networks resource and activities
Notifies the proper authority when identifies:
Possible instructions
Misues from within organization
• Knowledge and behavior –based approach
Plan and Prevention
• Response
• Response plan (in advance –approved by legal and management)
• Primary goal : Regain control and limit damage
• Incident notification (who to notify and not to notify)
• Document all details of a security incident
• Act quality to contain attack
• Eradication effort (collect, verify necessary backups and create new backups)
• Follow-up
• Review
• Weight carefully the amount of effort required to capture the perpetrator
• Consider the potential for negative publicity
• Legal precedent
Computer Crime Act
KT44103
Ethics and Law in ICT
Sem 1: 2021/2020
14 November 2022
Contents
• Introduction
• Content of Act
• Part I
• Part II
• Part III
Computer Crime Act 1997 -
Introduction
• An Act to provide for offences relating to the misuse of
computers. Act 563
• Part 1: Preliminary
• Part 2: Offences
• Part 3: Ancillary and General Provisions
Part I : Preliminary
S1 Short title and commencement
• Cited as the Computer Crimes Act 1997.
• This Act shall come into force on such date as the
Prime Minister may, by notification in the Gazette,
appoint.
Part I: Preliminary
S2: Interpretation
• Computer – An electronic, magnetic, optical, electrochemical or other data
processing device : “programmable”
Performing logical
Arithmetic
Storage (storage /communication facility)
Display function
• Computer Network – Interconnection of communication lines and circuits with a
computer or a complex consisting of two or more interconnected computers
• Computer Output/output – Statement/representation whether in written, printed,
pictorial, film, graphical, acoustic or other form –
Produced by a computer
Displayed on the screen of a computer; or
Accurately translated from a statement or representation so produce:
Part1: Interpretation
Data
• representations of information or of concepts that are being prepared or have
been prepared in a form suitable for use in a computer
Function
• includes logic, control, arithmetic, deletion, storage and retrieval and
communication or telecommunication to, from or within a computer
Premises
• includes land, buildings, movable structures and conveyance by land, water
and air
Program
• data representing instructions or statements that, when executed in a computer,
causes the computer to perform a function.
Part1: Interpretation
• Associate action (secures access):
Alters/erases the program/data
Copies/moves it to any storage medium
Uses it (executing the program and functioning the program)
Causes it to be output from the computer in which it is held whether by having
it displayed or in any other manner.
• Computer is unauthorized if:
Not entitled to control access of the kind in question to the program or data:
and
Does not have the consent or exceeds any right or consent to access by him of
the kind in question to the program or data from any person who is so entitled
Part1: Interpretation
• Content modification:
any program or data held in the computer concerned is altered or
erased
any program or data is introduced or added to its contents; or
any event occurs which impairs the normal operation of any computer
• Unauthorized modification:
the person whose act causes it is not himself entitled to determine
whether the modification should be made; and
does not have consent to the modification from any person who is so
entitled.
Part II: Offences
S3: Unauthorized access to computer material
• Guilty of an offences if –
causes a computer to perform any function with intent to
secure access to any program/data in any computer
the access he intends to secure is unauthorized; and
knows at the time when he causes the computer to perform
the function that is the case.
• Penalty:
a fine not exceeding fifty thousand ringgit or to imprisonment
for a term not exceeding five years or to both
Part II: Offences
S4: Unauthorized access with intent to
commit/facilitate commission of further offence
• Directed at:
any particular program or data
a program or data of any kind; or
a program or data held in any particular computer
• Immaterial whether an unauthorized modification is, or is intended to be,
permanent or merely temporary
• Penalty:
Fine not exceeding one hundred thousand ringgit or to imprisonment for a term not
exceeding seven years or both.
Fine not exceeding one hundred and fifty thousand ringgit or to imprisonment for a
term not exceeding ten years or to both, if the act is done with the intention of causing
injury as defined in the Penal Code.
Part II: Offences
S6: Wrongful communication
• Guilty – communicates directly or indirectly a number, code,
password or other means of access to a computer to any
person other than a person to whom he is duly authorized to
communicate
• Penalty:
Fine not exceeding 25thousand ringgit or to
imprisonment for a term not exceeding three years
or to both.
Part II: Offences
S7: Abetments and attempts punishable as
offences
• Guilty:
A person who abets the commission of or who attempts to
commit any offence.
A person who does any act preparatory to or in furtherance of
the commission of any offence
• Penalty
Imprisonment imposed shall not exceed one-half of
the maximum term provided for the offence
Part II: Offences
S8: Presumption
A person who has in his custody or control any
program, data or other information which is held in
any computer or retrieved from any computer which
he is not authorized to have in his custody or control
shall be deemed to have obtained unauthorized access
to such program, data or information unless the
contrary is
proved.
Part III
S9: Territorial Scope of offences
• The provision – any person regardless the citizenship,
effect outside as well as within Malaysia and
committed at any place within Malaysia.
• The computer, program or data was in Malaysia or
capable of being connected to or sent to or used by or
with a computer in Malaysia at the material time
• Further proceedings against him under any written law
relating to the extradition of persons, in respect of the
same offence outside Malaysia.
Part III
S10: Power of search, seizure and arrest
• Entitled to:
have access to any program or data held in any computer / have access
to, inspect or check the operation of, any computer and any associated
apparatus or material which he has reasonable cause to suspect is or
has been in use in connection with any offence under this Act;
Require:
the person by whom or on whose behalf the police officer has reasonable
cause to suspect the computer is or has been so used: or
any person having charge of or otherwise concerned with the operation of,
the computer, apparatus or material
– 수고했어요 ! –
감사합니다 .