Organizer: Endorsed by: Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation People First, Performance Now Ministry od Science, Technology and Innovation BRIDGING BARRIERS: LEGAL AND TECHNICAL OF CYBERCRIME CASES Session 1 : The Scenes of Cyber Crime Professor Abu Bakar Munir Faculty of Law University of Malaya, Kuala Lumpur 5 July 2011 Organizer: Endorsed by: People First, Performance Now Outline • • • • • • • Introduction Cybercrime : The Growing Global Threat Know The Hackers The Law in Action Some Recent Developments Lessons from Cyber Storm Recommendations Ministry od Science, Technology and Innovation Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Cybersecurity is one of the risks that the world will have to face in the next ten years Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Cybercrime is not a brave new world – It s a bad new world CEO of Sony Corporation Organizer: Endorsed by: People First, Performance Now 2000-2003 • Cybercrooks looked for ways to turn attention towards real computer threat • They showed off their skills by temporarily taking down popular websites such as CNN, Yahoo and E-Bay through DOS attack 2004-2005 • By this time cyber scammers had proved their skills and it was time to move beyond doing damage and make real money • Use softwatre to get access to computer and steal passwords and credit cards information • Cybercriminals also spread viruses 2006-2008 • With a growing amonut of money at stake, cybercriminals began organising into gangs • Became more discreet in their methods, while still showing off their techs savvy What’s Next? 2009-2010 • Social networking sites started to take off, cybercrooks realised they could get their hands on a wealth of personal information if they played the game right • With users posting huge amounts of information, all cybercrooks had to do was virtually interact with usese to gain access to their information Ministry od Science, Technology and Innovation • Continuation of socialnetworking scams and tricks • Phishing • Mobile devices and application present great opportunity for cybercrooks Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation NOT slowing down • • • • • Internet penetration is increasing Social Networking Sites are extremely popular Domain Names are increasing Mobile Devices and applications are increasing Cybercriminals are quickly developing new techniques • Easy to learn and access tools to commit cybercrime • Awareness is lacking Organizer: Endorsed by: People First, Performance Now We are not afraid of the threat because we are prepared… with the layers and shields created by government technical experts, it was not easy to hack government portals although some had been affected. Government will take actions against the hackers responsible Ministry od Science, Technology and Innovation Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Their perceptions • Always yield the hands-on imperative – access to computers and anything else which might teach you about the way the world works should be unlimited and total • All information should be free • Mistrust Authority • Hackers should be judged by their hacking, not criteria such as degrees, age, race or position • You can create art and beauty on a computer • Computers can change your life for the better Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Hacking subculture as a social movement • Minimal organization – the hacking culture has a significant membership of followers and its share of leaders • Uninstitutionalised collectivity – always been considered as an out group • Proposes or opposes change • Counted by an established order • Significantly large in scope • Persuasion Organizer: Endorsed by: People First, Performance Now They are smart; they ingenious; they are creative; and I can tell you that on one level, they are people you would enjoy hanging out with. Misha Glenny (Journalist) Ministry od Science, Technology and Innovation Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Why Difficult to Get Them? In the Hackers Words… And at this point, many people assume we would then proceed to copy everything we find and then thrash the system… It makes no sense. We thirst for knowledge and information, and then you can possibly thing that we can destroy that which is sacred to us? To take away someone else s chance to succeed in getting in as we did? To fuel an already terrible reputation and increased our chances of getting court and thus have our life and carriers effectively ruined? Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation This shows that many hackers, as is their primary intention, go completely unnoticed on the system they chose to hack and are never discovered. Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation A hacker said, … and whatever you do continue the fight. Whether you know it or not, if you are a hacker, you are a revolution crash. Another hacker said, I am a hacker and this is my manifesto. You may stop this individual, but you can t stop us all … after all, we are all alike Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation No. Case Court/Date Offence Offender Outcome 1. R v. Zachary Woodham Crown Court/ 13 May 2011 Unauthorized Modification Teenager Guilty Plea 2. R v Paul Mc Loughlin Crown Court/ 13 May 2011 Making, supplying or obtaining articles for use in offence Student Guilty Plea 3. R v. Ashley Mitchell Crown Court/ 3 Feb 2011 Unauthorized Access Poker Guilty Plea 4. R v. Matthew Anderson Crown Court/ 22 Oct 2010 Unauthorized Modification Manager and Virus Writer Guilty Plea 5. R v. Dale Trever Crown Court/ 16 Sept 2010 Unauthorized Access Manager Guilty Plea 6 R v. Balvinder Basran Magistrates Court/ 9 Sept 2010 Unauthorized Access Police Officer Guilty Plea 7 R v. Robert Campbell Crown Court/ 8 Jun 2010 Unauthorized Access Police Officer Guilty Plea Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Cont.. 8. R v. Susan Holmes Magistrates Court/15 Feb 2008 Unauthorized Access Ex employee Guilty Plea 9. R v. Mark Hopkins Magistrates Court/9 Aug 2007 Unauthorized Access Managing Director and Website Designer Guilty Plea 10. R v. Scott Gelsthorpe and Jeremy Young Crown Court/ 27 Jun 2007 Unauthorized Modification and Conspiracy Police Officer Guilty Plea 11. R v. Matthew Byrne Crown Court/ 7 Nov 2006 Unauthorized Modification/ Website Defacement Hacker Guilty Plea 12. R v. David Lennon Youth Court/ 23 Aug 2006 Unauthorized Modification Teenager Guilty Plea 13. R v. Daniel Cuthbert Magistrates Court / 7 Oct 2005 Unauthorized Modification IT Security Consultant Found Guilty 14. R v. Joseph Mc Elroy Crown Court/ 3 Feb 2005 Unauthorized Modification University Student Found Guilty Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Cont.. 15. R v. Aaron Caffrey Crown Court/ 17 Oct 2003 Unauthorized Modification/ DDoS Attack Teenager Acquitted 16. R v. Simon Vallore Crown Court/ 21Jan 2003 Unauthorized Modification Web Designer Guilty Plea 17. R v. Stephen Carey Crown Court/ 19 Sept 2002 Unauthorized Modification Computer Engineer Found Guilty 18. Yarimaka v. Governor of HM Prison Brixton Queen Bench Division/ 20 Mar 2002 Unauthorized Modification Foreigner Habeas Corpus denied 19. R v. Raphael Gray Crown Court/ 6 Jul 2001 Unauthorized Modification Teenage hacker Guilty Plea 20. R v. Paul Maxwell King Court of Appeal/ 24Nov 2000 Unauthorized Modification Unknown Guilty Plea 21. R v. William Culbert Crown Court/ No date Unauthorized Access/ Unauthorized Modification Technician Guilty Plea Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Cont.. 22 Morgans v. Director of Public Prosecutions House of Lords/ 17 Feb 2000 Unauthorized Access Unknown Conviction Quashed 23. R v. Michelle Begley Magistrates Court/ No date Unauthorized Access/ Harassment Police Officer Found Guilty 24. R v. Ian Morris and Richard Airlie Crown Court/ No date Unauthorized Access IT Supplier Found Guilty 25. R v. Matthew Bevan Magistrates Court/ 21 Nov 1997 Unauthorized Access/ Unauthorized Modification Teenage hacker Acquitted 26. R v. Simon Regan, Julian Taylor Magistrates Court/ no date Unauthorized Access Engineer Found Guilty 27. R v. Moody Crown Court / No date Unauthorized Modification Ex Employee Found Guilty 28. DPP v. Bignall & Anor Queens Bench/ 6 Jun 1997 Unauthorized Access Police Officers Acquitted Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Cont.. 29 R v. Pryce Magistrates Court/ 21Mar 1997 Unauthorized Access/ Unauthorized Modification Teenage Hacker Guilty Plea 30. R v.Feltis Crown Court/ No date Unauthorized Modification Computer Operator Found Guilty 31 R v. Spielmann Magistrates Court / No date Unauthorized Access Ex Employee Found Guilty 32 R v. Rymer Crown Court/ no date Unauthorized Modification Male Nurse Found Guilty 33 R v. Alfred Whitetaker Magistrates Court/ no date Unauthorized Modification Software Developer Found Guilty 34 R v. Vatsal Patel Crown Court / 2 Jul 1993 Unauthorized Modification Progarammer Acquitted 35 R v. Elaine Borg Court not known/ no date Unauthorized Access with intent to commit further Offence Computer Operator Acquitted Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Cont… 36. R v. Richard Goulden Crown Court/ 18 Jun 1982 Unauthorized Modification/ DDoS Tsoftware Contractor Found Guilty 37. R v. Cropp Crown Court/ 5 Jul 1991 Unauthorized Access Ex Employee Acquitted 38. R v. Ross Pearlstone Magistrates Court / No date Unauthorized Access Ex Employee Found Guilty 39. R v. Bernnett Court not known/ no date Unauthorized Access Ex Police Officer Guilty Plea Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation Nations are not united…International Cybercrime Treaty was rejected Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation US Current Thinking Preemptive cyber strike? Pentagon is contemplating an aggressive approach to defending its computer systems that includes preemptive actions/ preemptive strikes. We have to have offensive capabilities, to, in real time, shoot down somebody trying to attack us. General Keith Alexander Pentagon Cyber Command (July 2010) Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation • Inter agency coordination • Contingency Planning, risks assessment and roles and responsibilities • Correlation of multiple incidents between public and private sectors • Training and exercise programmes • Coordination between entities • Common framework for response and information access • Strategic communications and public relations plans • Improvements of processes, tools and technology Organizer: Endorsed by: People First, Performance Now Ministry od Science, Technology and Innovation SOME RECOMMENDATIONS • Consider reviewing the law and practice • Seriously consider to ratify the Council of Europe Convention on Cybercrime • Target the underground cybercrime economy • Target the botherders • Tackle botnets through disruption Organizer: Endorsed by: People First, Performance Now Cyber Law: Policies and Challenges Bu8erworths Asia (1999) Privacy and Data Protec@on Sweet & Maxwell (2002) Internet Banking: Law and Prac@ce LexisNexis UK (2004) Informa@on & Communica@on Technology Law Legal & Regulatory Challenges Thomson Reuters (2010) Ministry od Science, Technology and Innovation Personal Data Protec@on in Malaysia: Law and Prac@ce Thomson Reuters (2010) 27 Organizer: Endorsed by: People First, Performance Now [email protected] profabm.blogspot.com +6012 2185242 Ministry od Science, Technology and Innovation
© Copyright 2026 Paperzz