CyberSecurity Malaysia | An Agency Under MOSTI
Organizer:
Endorsed by:
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
People First,
Performance Now
Ministry od Science,
Technology and Innovation
BRIDGING BARRIERS:
LEGAL AND TECHNICAL OF
CYBERCRIME CASES
Session 1 :
The Scenes of Cyber Crime
Professor Abu Bakar Munir
Faculty of Law
University of Malaya, Kuala Lumpur
5 July 2011
Organizer:
Endorsed by:
People First,
Performance Now
Outline
•
•
•
•
•
•
•
Introduction
Cybercrime : The Growing Global Threat
Know The Hackers
The Law in Action
Some Recent Developments
Lessons from Cyber Storm
Recommendations
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cybersecurity is one of
the risks that the world will
have to face in the next
ten years
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cybercrime is not a
brave new world –
It s a bad new world
CEO of Sony Corporation
Organizer:
Endorsed by:
People First,
Performance Now
2000-2003
• Cybercrooks looked for
ways to turn attention
towards real computer
threat
• They showed off their skills
by temporarily taking down
popular websites such as
CNN, Yahoo and E-Bay
through DOS attack
2004-2005
• By this time cyber
scammers had proved their
skills and it was time to
move beyond doing
damage and make real
money
• Use softwatre to get access
to computer and steal
passwords and credit cards
information
• Cybercriminals also spread
viruses
2006-2008
• With a growing amonut of
money at stake,
cybercriminals began
organising into gangs
• Became more discreet in
their methods, while still
showing off their techs
savvy
What’s
Next?
2009-2010
• Social networking sites
started to take off,
cybercrooks realised they
could get their hands on a
wealth of personal
information if they played
the game right
• With users posting huge
amounts of information, all
cybercrooks had to do was
virtually interact with usese
to gain access to their
information
Ministry od Science,
Technology and Innovation
• Continuation of socialnetworking scams and
tricks
• Phishing
• Mobile devices and
application present great
opportunity for
cybercrooks
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
NOT slowing down
•
•
•
•
•
Internet penetration is increasing
Social Networking Sites are extremely popular
Domain Names are increasing
Mobile Devices and applications are increasing
Cybercriminals are quickly developing new
techniques
• Easy to learn and access tools to commit cybercrime
• Awareness is lacking
Organizer:
Endorsed by:
People First,
Performance Now
We are not afraid of the
threat because we are
prepared… with the
layers and shields
created by government
technical experts, it was
not easy to hack
government portals
although some had been
affected. Government will
take actions against the
hackers responsible
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Their perceptions
• Always yield the hands-on imperative – access to computers
and anything else which might teach you about the way the world
works should be unlimited and total
• All information should be free
• Mistrust Authority
• Hackers should be judged by their hacking, not criteria such as
degrees, age, race or position
• You can create art and beauty on a computer
• Computers can change your life for the better
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Hacking subculture as a social movement
• Minimal organization – the hacking culture has a
significant membership of followers and its share
of leaders
• Uninstitutionalised collectivity – always been
considered as an out group
• Proposes or opposes change
• Counted by an established order
• Significantly large in scope
• Persuasion
Organizer:
Endorsed by:
People First,
Performance Now
They are smart; they ingenious; they
are creative; and I can tell you that on
one level, they are people you would
enjoy hanging out with.
Misha Glenny
(Journalist)
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Why Difficult to Get Them?
In the Hackers Words…
And at this point, many people assume we would then
proceed to copy everything we find and then thrash the
system… It makes no sense. We thirst for knowledge
and information, and then you can possibly thing that we
can destroy that which is sacred to us? To take away
someone else s chance to succeed in getting in as we
did? To fuel an already terrible reputation and increased
our chances of getting court and thus have our life and
carriers effectively ruined?
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
This shows that many hackers, as is
their primary intention, go completely
unnoticed on the system they chose to
hack and are never discovered.
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
A hacker said,
… and whatever you do continue the fight.
Whether you know it or not, if you are a hacker,
you are a revolution crash.
Another hacker said,
I am a hacker and this is my manifesto. You may stop
this individual, but you can t stop us all … after all, we
are all alike
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
No.
Case
Court/Date
Offence
Offender
Outcome
1.
R v. Zachary
Woodham
Crown Court/
13 May 2011
Unauthorized
Modification
Teenager
Guilty Plea
2.
R v Paul Mc Loughlin
Crown Court/
13 May 2011
Making, supplying
or obtaining
articles for use in
offence
Student
Guilty Plea
3.
R v. Ashley Mitchell
Crown Court/
3 Feb 2011
Unauthorized
Access
Poker
Guilty Plea
4.
R v. Matthew
Anderson
Crown Court/
22 Oct 2010
Unauthorized
Modification
Manager and Virus
Writer
Guilty Plea
5.
R v. Dale Trever
Crown Court/
16 Sept 2010
Unauthorized
Access
Manager
Guilty Plea
6
R v. Balvinder Basran
Magistrates
Court/ 9 Sept
2010
Unauthorized
Access
Police Officer
Guilty Plea
7
R v. Robert Campbell
Crown Court/
8 Jun 2010
Unauthorized
Access
Police Officer
Guilty Plea
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cont..
8.
R v. Susan Holmes
Magistrates
Court/15 Feb
2008
Unauthorized
Access
Ex employee
Guilty Plea
9.
R v. Mark Hopkins
Magistrates
Court/9 Aug
2007
Unauthorized
Access
Managing
Director and
Website Designer
Guilty Plea
10.
R v. Scott Gelsthorpe
and Jeremy Young
Crown Court/
27 Jun 2007
Unauthorized
Modification
and Conspiracy
Police Officer
Guilty Plea
11.
R v. Matthew Byrne
Crown Court/
7 Nov 2006
Unauthorized
Modification/
Website
Defacement
Hacker
Guilty Plea
12.
R v. David Lennon
Youth Court/ 23
Aug 2006
Unauthorized
Modification
Teenager
Guilty Plea
13.
R v. Daniel Cuthbert
Magistrates
Court / 7 Oct
2005
Unauthorized
Modification
IT Security
Consultant
Found Guilty
14.
R v. Joseph Mc Elroy
Crown Court/ 3
Feb 2005
Unauthorized
Modification
University
Student
Found Guilty
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cont..
15.
R v. Aaron Caffrey
Crown Court/
17 Oct 2003
Unauthorized
Modification/ DDoS
Attack
Teenager
Acquitted
16.
R v. Simon Vallore
Crown Court/
21Jan 2003
Unauthorized
Modification
Web Designer
Guilty Plea
17.
R v. Stephen Carey
Crown Court/
19 Sept 2002
Unauthorized
Modification
Computer
Engineer
Found Guilty
18.
Yarimaka v.
Governor of HM
Prison Brixton
Queen Bench
Division/ 20 Mar
2002
Unauthorized
Modification
Foreigner
Habeas Corpus
denied
19.
R v. Raphael Gray
Crown Court/
6 Jul 2001
Unauthorized
Modification
Teenage hacker
Guilty Plea
20.
R v. Paul Maxwell
King
Court of Appeal/
24Nov 2000
Unauthorized
Modification
Unknown
Guilty Plea
21.
R v. William Culbert
Crown Court/
No date
Unauthorized Access/
Unauthorized
Modification
Technician
Guilty Plea
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cont..
22
Morgans v. Director
of Public
Prosecutions
House of Lords/
17 Feb 2000
Unauthorized Access
Unknown
Conviction
Quashed
23.
R v. Michelle Begley
Magistrates
Court/
No date
Unauthorized Access/
Harassment
Police Officer
Found Guilty
24.
R v. Ian Morris and
Richard Airlie
Crown Court/
No date
Unauthorized Access
IT Supplier
Found Guilty
25.
R v. Matthew Bevan
Magistrates
Court/ 21 Nov
1997
Unauthorized Access/
Unauthorized
Modification
Teenage hacker
Acquitted
26.
R v. Simon Regan,
Julian Taylor
Magistrates
Court/
no date
Unauthorized Access
Engineer
Found Guilty
27.
R v. Moody
Crown Court /
No date
Unauthorized
Modification
Ex Employee
Found Guilty
28.
DPP v. Bignall &
Anor
Queens Bench/
6 Jun 1997
Unauthorized Access
Police Officers
Acquitted
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cont..
29
R v. Pryce
Magistrates
Court/
21Mar 1997
Unauthorized Access/
Unauthorized
Modification
Teenage Hacker
Guilty Plea
30.
R v.Feltis
Crown Court/
No date
Unauthorized
Modification
Computer
Operator
Found Guilty
31
R v. Spielmann
Magistrates
Court /
No date
Unauthorized Access
Ex Employee
Found Guilty
32
R v. Rymer
Crown Court/
no date
Unauthorized
Modification
Male Nurse
Found Guilty
33
R v. Alfred
Whitetaker
Magistrates
Court/
no date
Unauthorized
Modification
Software
Developer
Found Guilty
34
R v. Vatsal Patel
Crown Court /
2 Jul 1993
Unauthorized
Modification
Progarammer
Acquitted
35
R v. Elaine Borg
Court not
known/ no date
Unauthorized Access
with intent to commit
further Offence
Computer
Operator
Acquitted
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cont…
36.
R v. Richard Goulden
Crown Court/
18 Jun 1982
Unauthorized
Modification/
DDoS
Tsoftware
Contractor
Found Guilty
37.
R v. Cropp
Crown Court/
5 Jul 1991
Unauthorized
Access
Ex Employee
Acquitted
38.
R v. Ross Pearlstone
Magistrates
Court /
No date
Unauthorized
Access
Ex Employee
Found Guilty
39.
R v. Bernnett
Court not known/
no date
Unauthorized
Access
Ex Police Officer
Guilty Plea
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Nations are not united…International
Cybercrime Treaty was rejected
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
US Current Thinking
Preemptive cyber strike?
Pentagon is contemplating an
aggressive approach to
defending its computer systems
that includes preemptive actions/
preemptive strikes.
We have to have offensive
capabilities, to, in real time, shoot
down somebody trying to attack
us.
General Keith Alexander
Pentagon Cyber Command
(July 2010)
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
• Inter agency coordination
• Contingency Planning, risks assessment and roles and
responsibilities
• Correlation of multiple incidents between public and private
sectors
• Training and exercise programmes
• Coordination between entities
• Common framework for response and information access
• Strategic communications and public relations plans
• Improvements of processes, tools and technology
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
SOME RECOMMENDATIONS
• Consider reviewing the law and practice
• Seriously consider to ratify the Council of Europe
Convention on Cybercrime
• Target the underground cybercrime economy
• Target the botherders
• Tackle botnets through disruption
Organizer:
Endorsed by:
People First,
Performance Now
Cyber Law: Policies
and Challenges
Bu8erworths Asia
(1999)
Privacy and
Data Protec@on
Sweet & Maxwell
(2002)
Internet Banking:
Law and Prac@ce
LexisNexis UK
(2004)
Ministry od Science,
Technology and Innovation
Informa@on &
Communica@on
Technology Law
Legal & Regulatory
Challenges
Thomson Reuters
(2010)
Personal Data
Protec@on in
Malaysia: Law
and Prac@ce
Thomson Reuters
(2010)
27
Organizer:
Endorsed by:
People First,
Performance Now
abmunir@um.edu.my
profabm.blogspot.com
+6012 2185242
Ministry od Science,
Technology and Innovation
Endorsed by:
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
People First,
Performance Now
Ministry od Science,
Technology and Innovation
BRIDGING BARRIERS:
LEGAL AND TECHNICAL OF
CYBERCRIME CASES
Session 1 :
The Scenes of Cyber Crime
Professor Abu Bakar Munir
Faculty of Law
University of Malaya, Kuala Lumpur
5 July 2011
Organizer:
Endorsed by:
People First,
Performance Now
Outline
•
•
•
•
•
•
•
Introduction
Cybercrime : The Growing Global Threat
Know The Hackers
The Law in Action
Some Recent Developments
Lessons from Cyber Storm
Recommendations
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cybersecurity is one of
the risks that the world will
have to face in the next
ten years
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cybercrime is not a
brave new world –
It s a bad new world
CEO of Sony Corporation
Organizer:
Endorsed by:
People First,
Performance Now
2000-2003
• Cybercrooks looked for
ways to turn attention
towards real computer
threat
• They showed off their skills
by temporarily taking down
popular websites such as
CNN, Yahoo and E-Bay
through DOS attack
2004-2005
• By this time cyber
scammers had proved their
skills and it was time to
move beyond doing
damage and make real
money
• Use softwatre to get access
to computer and steal
passwords and credit cards
information
• Cybercriminals also spread
viruses
2006-2008
• With a growing amonut of
money at stake,
cybercriminals began
organising into gangs
• Became more discreet in
their methods, while still
showing off their techs
savvy
What’s
Next?
2009-2010
• Social networking sites
started to take off,
cybercrooks realised they
could get their hands on a
wealth of personal
information if they played
the game right
• With users posting huge
amounts of information, all
cybercrooks had to do was
virtually interact with usese
to gain access to their
information
Ministry od Science,
Technology and Innovation
• Continuation of socialnetworking scams and
tricks
• Phishing
• Mobile devices and
application present great
opportunity for
cybercrooks
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
NOT slowing down
•
•
•
•
•
Internet penetration is increasing
Social Networking Sites are extremely popular
Domain Names are increasing
Mobile Devices and applications are increasing
Cybercriminals are quickly developing new
techniques
• Easy to learn and access tools to commit cybercrime
• Awareness is lacking
Organizer:
Endorsed by:
People First,
Performance Now
We are not afraid of the
threat because we are
prepared… with the
layers and shields
created by government
technical experts, it was
not easy to hack
government portals
although some had been
affected. Government will
take actions against the
hackers responsible
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Their perceptions
• Always yield the hands-on imperative – access to computers
and anything else which might teach you about the way the world
works should be unlimited and total
• All information should be free
• Mistrust Authority
• Hackers should be judged by their hacking, not criteria such as
degrees, age, race or position
• You can create art and beauty on a computer
• Computers can change your life for the better
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Hacking subculture as a social movement
• Minimal organization – the hacking culture has a
significant membership of followers and its share
of leaders
• Uninstitutionalised collectivity – always been
considered as an out group
• Proposes or opposes change
• Counted by an established order
• Significantly large in scope
• Persuasion
Organizer:
Endorsed by:
People First,
Performance Now
They are smart; they ingenious; they
are creative; and I can tell you that on
one level, they are people you would
enjoy hanging out with.
Misha Glenny
(Journalist)
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Why Difficult to Get Them?
In the Hackers Words…
And at this point, many people assume we would then
proceed to copy everything we find and then thrash the
system… It makes no sense. We thirst for knowledge
and information, and then you can possibly thing that we
can destroy that which is sacred to us? To take away
someone else s chance to succeed in getting in as we
did? To fuel an already terrible reputation and increased
our chances of getting court and thus have our life and
carriers effectively ruined?
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
This shows that many hackers, as is
their primary intention, go completely
unnoticed on the system they chose to
hack and are never discovered.
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
A hacker said,
… and whatever you do continue the fight.
Whether you know it or not, if you are a hacker,
you are a revolution crash.
Another hacker said,
I am a hacker and this is my manifesto. You may stop
this individual, but you can t stop us all … after all, we
are all alike
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
No.
Case
Court/Date
Offence
Offender
Outcome
1.
R v. Zachary
Woodham
Crown Court/
13 May 2011
Unauthorized
Modification
Teenager
Guilty Plea
2.
R v Paul Mc Loughlin
Crown Court/
13 May 2011
Making, supplying
or obtaining
articles for use in
offence
Student
Guilty Plea
3.
R v. Ashley Mitchell
Crown Court/
3 Feb 2011
Unauthorized
Access
Poker
Guilty Plea
4.
R v. Matthew
Anderson
Crown Court/
22 Oct 2010
Unauthorized
Modification
Manager and Virus
Writer
Guilty Plea
5.
R v. Dale Trever
Crown Court/
16 Sept 2010
Unauthorized
Access
Manager
Guilty Plea
6
R v. Balvinder Basran
Magistrates
Court/ 9 Sept
2010
Unauthorized
Access
Police Officer
Guilty Plea
7
R v. Robert Campbell
Crown Court/
8 Jun 2010
Unauthorized
Access
Police Officer
Guilty Plea
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cont..
8.
R v. Susan Holmes
Magistrates
Court/15 Feb
2008
Unauthorized
Access
Ex employee
Guilty Plea
9.
R v. Mark Hopkins
Magistrates
Court/9 Aug
2007
Unauthorized
Access
Managing
Director and
Website Designer
Guilty Plea
10.
R v. Scott Gelsthorpe
and Jeremy Young
Crown Court/
27 Jun 2007
Unauthorized
Modification
and Conspiracy
Police Officer
Guilty Plea
11.
R v. Matthew Byrne
Crown Court/
7 Nov 2006
Unauthorized
Modification/
Website
Defacement
Hacker
Guilty Plea
12.
R v. David Lennon
Youth Court/ 23
Aug 2006
Unauthorized
Modification
Teenager
Guilty Plea
13.
R v. Daniel Cuthbert
Magistrates
Court / 7 Oct
2005
Unauthorized
Modification
IT Security
Consultant
Found Guilty
14.
R v. Joseph Mc Elroy
Crown Court/ 3
Feb 2005
Unauthorized
Modification
University
Student
Found Guilty
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cont..
15.
R v. Aaron Caffrey
Crown Court/
17 Oct 2003
Unauthorized
Modification/ DDoS
Attack
Teenager
Acquitted
16.
R v. Simon Vallore
Crown Court/
21Jan 2003
Unauthorized
Modification
Web Designer
Guilty Plea
17.
R v. Stephen Carey
Crown Court/
19 Sept 2002
Unauthorized
Modification
Computer
Engineer
Found Guilty
18.
Yarimaka v.
Governor of HM
Prison Brixton
Queen Bench
Division/ 20 Mar
2002
Unauthorized
Modification
Foreigner
Habeas Corpus
denied
19.
R v. Raphael Gray
Crown Court/
6 Jul 2001
Unauthorized
Modification
Teenage hacker
Guilty Plea
20.
R v. Paul Maxwell
King
Court of Appeal/
24Nov 2000
Unauthorized
Modification
Unknown
Guilty Plea
21.
R v. William Culbert
Crown Court/
No date
Unauthorized Access/
Unauthorized
Modification
Technician
Guilty Plea
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cont..
22
Morgans v. Director
of Public
Prosecutions
House of Lords/
17 Feb 2000
Unauthorized Access
Unknown
Conviction
Quashed
23.
R v. Michelle Begley
Magistrates
Court/
No date
Unauthorized Access/
Harassment
Police Officer
Found Guilty
24.
R v. Ian Morris and
Richard Airlie
Crown Court/
No date
Unauthorized Access
IT Supplier
Found Guilty
25.
R v. Matthew Bevan
Magistrates
Court/ 21 Nov
1997
Unauthorized Access/
Unauthorized
Modification
Teenage hacker
Acquitted
26.
R v. Simon Regan,
Julian Taylor
Magistrates
Court/
no date
Unauthorized Access
Engineer
Found Guilty
27.
R v. Moody
Crown Court /
No date
Unauthorized
Modification
Ex Employee
Found Guilty
28.
DPP v. Bignall &
Anor
Queens Bench/
6 Jun 1997
Unauthorized Access
Police Officers
Acquitted
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cont..
29
R v. Pryce
Magistrates
Court/
21Mar 1997
Unauthorized Access/
Unauthorized
Modification
Teenage Hacker
Guilty Plea
30.
R v.Feltis
Crown Court/
No date
Unauthorized
Modification
Computer
Operator
Found Guilty
31
R v. Spielmann
Magistrates
Court /
No date
Unauthorized Access
Ex Employee
Found Guilty
32
R v. Rymer
Crown Court/
no date
Unauthorized
Modification
Male Nurse
Found Guilty
33
R v. Alfred
Whitetaker
Magistrates
Court/
no date
Unauthorized
Modification
Software
Developer
Found Guilty
34
R v. Vatsal Patel
Crown Court /
2 Jul 1993
Unauthorized
Modification
Progarammer
Acquitted
35
R v. Elaine Borg
Court not
known/ no date
Unauthorized Access
with intent to commit
further Offence
Computer
Operator
Acquitted
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Cont…
36.
R v. Richard Goulden
Crown Court/
18 Jun 1982
Unauthorized
Modification/
DDoS
Tsoftware
Contractor
Found Guilty
37.
R v. Cropp
Crown Court/
5 Jul 1991
Unauthorized
Access
Ex Employee
Acquitted
38.
R v. Ross Pearlstone
Magistrates
Court /
No date
Unauthorized
Access
Ex Employee
Found Guilty
39.
R v. Bernnett
Court not known/
no date
Unauthorized
Access
Ex Police Officer
Guilty Plea
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
Nations are not united…International
Cybercrime Treaty was rejected
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
US Current Thinking
Preemptive cyber strike?
Pentagon is contemplating an
aggressive approach to
defending its computer systems
that includes preemptive actions/
preemptive strikes.
We have to have offensive
capabilities, to, in real time, shoot
down somebody trying to attack
us.
General Keith Alexander
Pentagon Cyber Command
(July 2010)
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
• Inter agency coordination
• Contingency Planning, risks assessment and roles and
responsibilities
• Correlation of multiple incidents between public and private
sectors
• Training and exercise programmes
• Coordination between entities
• Common framework for response and information access
• Strategic communications and public relations plans
• Improvements of processes, tools and technology
Organizer:
Endorsed by:
People First,
Performance Now
Ministry od Science,
Technology and Innovation
SOME RECOMMENDATIONS
• Consider reviewing the law and practice
• Seriously consider to ratify the Council of Europe
Convention on Cybercrime
• Target the underground cybercrime economy
• Target the botherders
• Tackle botnets through disruption
Organizer:
Endorsed by:
People First,
Performance Now
Cyber Law: Policies
and Challenges
Bu8erworths Asia
(1999)
Privacy and
Data Protec@on
Sweet & Maxwell
(2002)
Internet Banking:
Law and Prac@ce
LexisNexis UK
(2004)
Ministry od Science,
Technology and Innovation
Informa@on &
Communica@on
Technology Law
Legal & Regulatory
Challenges
Thomson Reuters
(2010)
Personal Data
Protec@on in
Malaysia: Law
and Prac@ce
Thomson Reuters
(2010)
27
Organizer:
Endorsed by:
People First,
Performance Now
abmunir@um.edu.my
profabm.blogspot.com
+6012 2185242
Ministry od Science,
Technology and Innovation