Cyber Security - NRE
  • No tags were found...

Cyber Security - NRE

|Malaysian Communications and Multimedia Commission|Cyber SecurityNRE EXECUTIVE DISCOURSEMINISTRY OF NATIONAL RESOURCES & ENVIRONMENT4 May 2012Eneng Faridah IskandarDigital Security Services Division| M a l a y s i a n C o m m u n i c a t i o n s a n d M u l t i m e d i a C o m m i s s i o n |

SALIENT POINTS|Malaysian Communications and Multimedia Commission|Internet inMalaysiaRole ofMCMCCybercrime &Security Risks-CybercriminalsHiding TheirTracksRelevant LegalProvisions-Action by SKMM& LEAs

Where are we?|Malaysian Communications and Multimedia Commission|Until 11 April 2012

|Malaysian Communications and Multimedia Commission|Who are the players?Fixed BroadbandProvidersWirelessBroadbandProvidersContent andApplicationsY MAX

|Malaysian Communications and Multimedia Commission|Facebook in MalaysiaNumber of FBaccounts:12,231,94017 th of 213 countriesaround the worldPenetrationRate 46.76%(TotalPopulation)72.37%(Internet Users)By AgeSource: Gender

|Malaysian Communications and Multimedia Commission|Internet in our daily life….EMAILINFORMATIONCHATSHOPPINGSOCIALNETWORKDOWNLOAD/UPLOADCONTENT

|Malaysian Communications and Multimedia Commission|What’s the attraction?YOU CAN BEANYONECHEAP &FASTBORDERLESS

|Malaysian Communications and Multimedia Commission|A bit about you! How many of you have Internet athome? On your mobile? What do you/ your kids like to dowhen on the Internet? What are your concerns – as anindividual or parent – about theInternet?

SALIENT POINTS|Malaysian Communications and Multimedia Commission|Internet inMalaysiaRole ofMCMCCybercrime &Security Risks-CybercriminalsHiding TheirTracksRelevant LegalProvisions-Action by SKMM& LEAs

|Malaysian Communications and Multimedia Commission|ROLE OF MCMC• To regulate according to the :‣ Communications and Multimedia Act (CMA)1998‣ Postal Services Act 1991 (PSA)‣ Digital Signature Act 1997 (DSA)‣ Strategic Trade Act 2010• Covers telecoms, broadcasters and ISPs; postaland courier services and digital certificationauthorities

|Malaysian Communications and Multimedia Commission|ROLE OF MCMC1. To advise the Minister onnational policy objectives2. To implement and enforcecommunications andmultimedia laws3. To regulate matters relating tocommunications andmultimedia activities notrelated to communications andmultimedia laws4. To consider and recommendreforms to the communicationsand multimedia laws5. To supervise and monitorcommunications andmultimedia activities6. To encourage and promotedevelopment of thecommunications andmultimedia industry7. To encourage and promoteself regulation8. To promote and maintain theintegrity of licensees9. To render assistance topersons engaged incommunications andmultimedia10. To carry out any function asthe Minister may prescribeNOTE: Abbreviated from Section 16 of theMalaysian Communications and MultimediaCommission Act 1998 (Act 589)

SALIENT POINTS|Malaysian Communications and Multimedia Commission|Internet inMalaysiaRole ofMCMCCybercrime &Security Risks-CybercriminalsHiding TheirTracksRelevant LegalProvisions-Action by SKMM& LEAs

|Malaysian Communications and Multimedia Commission|WHAT IS CYBERCRIME?Offences against Confidentiality, Integrity and Availability• Illegal access to a computer system• Illegal interception• Data interference• System interference• Misuse of devicesComputer Related Offences• Fraud and forgeryContent Related Offences• Child Pornography• Racism• SeditionOffences related to intellectual property rights and similar rights• Distribution of copyrighted music, video and books without owner’spermission

|Malaysian Communications and Multimedia Commission|COMBINATION OF OFFENCESICT facilitate the activitiesof organized criminalgroups• Email-basedphishing scam• Pretending to belegitimate company• Seeking todisclose informationOrganizedCybercrime•Create propaganda•Collecting information•Providing information•Communication amongterrorist•Terrorist financing•Training for real world attacksPhishingandIdentityTheftTerroristuse of theinternet

|Malaysian Communications and Multimedia Commission|How are cyber crimes committed?• Malware/Crimeware– Bots->Botnets– Keyloggers– Virus– Spywares– Trojans/Backdoors• Exploiting the vulnerabilities– Operating system-Windows,Linux ,OS X– Application / Services• Social Engineering• Ignorance15

|Malaysian Communications and Multimedia Commission|Hacking• Unauthorized access / forced entry into acomputer or network system• Can lead to– Information stealing->extortion– Steal/Use available resources-> increaseoperation cost– Information tampering or deletion->shame,damage to business (cost)– Planting time bomb for future execution->attack when it hurts most16

|Malaysian Communications and Multimedia Commission|Denial of Service (DOS)• Attack targeting on disrupting the service orresources of the provider until the providerunable to offer the service• Usually done using bots called zombies that areinstalled in hundreds/thousands (DistributedDOS) which are controlled by one computer• Can lead to– Extortion– Shame17

|Malaysian Communications and Multimedia Commission|Anatomy of DDOS18

|Malaysian Communications and Multimedia Commission|Phishing“Imitation is the best form of flattery”Phishing - misrepresent, cheat and steal -relying on “social engineering”Financial institutions are mostly targetedMost “phishers” can be found in the USand Korea. Other places, China, Brazil,Russia and Canada….

|Malaysian Communications and Multimedia Commission|Example of Phishing Typical phishing email What should you do? Forward the email toantiphishing (at) MCMC is a member ofthe Internet BankingTask Force (IBTF) Working withinternational partners totake down phishing sites

|Malaysian Communications and Multimedia Commission|• Impersonating victimin email, chat roomsand other services• Can result from– Hacking– Phishing/Pharming• Can lead to– HarassmentIdentity Theft– Crime committed underyour identity21

|Malaysian Communications and Multimedia Commission|Identity TheftNB. Social networking websites allow multiple registrationof a single name

|Malaysian Communications and Multimedia Commission|Identity TheftNB. Social networking websites also allow creation ofcommunity groups of ‘fan pages/profiles’

|Malaysian Communications and Multimedia Commission|Cyber pornography• Difficult to curb as it is legal in some countries• Many illegal child porn sites leads to promotingPaedophilia, or sexual attraction to children byan adult• Children (victims) on the internet are lured togive their addresses by pedophiles• Some free porn sites are traps that will activateinstallation of malware upon visit24

|Malaysian Communications and Multimedia Commission|Offensive Content• Indecent, obscene, false, menacing, or offensivecontent.• Seditious tendency –(a)(b)(c)(d)(e)(f)to bring into hatred or contempt or to excite disaffection against any Ruler or against anyGovernment;to excite the subjects of the Ruler or the inhabitants of any territory governed by anygovernment to attempt to procure in the territory of the Ruler or governed by theGovernment, the alteration, otherwise than by lawful means, of any matter as by lawestablished;to bring into hatred or contempt or to excite disaffection against the administration ofjustice in Malaysia or in any State;to raise discontent or disaffection amongst the subjects of the Yang di-Pertuan Agong or ofthe Ruler of any State or amongst the inhabitants of Malaysia or of any State;to promote feelings of ill-will and hostility between different races or classes of thepopulation of Malaysia; orto question any matter, right, status, position, privilege, sovereignty or prerogativeestablished or protected by the provisions of part III of the Federal constitution or Article152, 153 or 181 of the Federal Constitution.25

|Malaysian Communications and Multimedia Commission|Cyber Scam• Targets people to participate in somefoolproof scheme which will return higherinvestment• Usually sent through a convincing email• Can lead to– Monetary loss– Shame26

|Malaysian Communications and Multimedia Commission|Scam email• The Nigerian NationalPetroleum Company haslarge contract USD$40,000,000 and neednon-Nigerian citizen todo some transaction.Commission 10%• But need USD$100,000first to be legitimatetransferee• Invest USD$100,000 ->USD$4,000,00027

|Malaysian Communications and Multimedia Commission|SPAM• Abuse of electronic messaging systems toindiscriminately send unsolicited bulk messages• Advertise some illegal sites selling drugs orpirated software/movies/music.• Very irritating and waste of resources• Main vehicle for spreading virus/malware/trojanand phishing sites.• Use of botnets to collect email addresses andsend SPAMs28

|Malaysian Communications and Multimedia Commission|Intellectual Property - Piracy• Making and distributeillegal copies ofcopyrighted materials likesoftware, movies, songsand e-books.• Heavily perpetrated onP2P networks and auctionsites• Websites providing cracksand serial keys (WAREZ)29

|Malaysian Communications and Multimedia Commission|Cyber Espionage• Gaining crucial information like tradesecrets, patents and confidential financialdocuments about competitors• Hacking, Backdoor and spyware used.• Virus can be sent to delete someimportant files30

|Malaysian Communications and Multimedia Commission|Cyber Terrorism• Conduct of terrorism by terrorist usingcyberspace• Ranging from DDOS attacks to hacking intoNuclear power plants (possible)• Using chat rooms and encrypted emails tocoordinate attacks• Usually aims at the critical infrastructures likewater, electricity and telecommunications tohave the physical effect31

|Malaysian Communications and Multimedia Commission|Critical InfrastructuresSTUXNET32

|Malaysian Communications and Multimedia Commission|Estonian Incident• Started April 2007• Motive: Protest against reallocation of theBronze Soldier• Russian hackers suspected• Riots followed by DDOS• Estonia is a pioneer of "e-government" andone of the most wired countries in Europe,crippled• Government websites, Mobile networks andRescue service network attacked• Forced to shutdown international links33

|Malaysian Communications and Multimedia Commission|34

|Malaysian Communications and Multimedia Commission|WIFI hijacking• Use of WIFI spots without permission• Crack if encrypted• Harmless crime?• Deprives ISPs revenue and steals bandwidth35

|Malaysian Communications and Multimedia Commission|Why commit cyber crimes?• Curiosity• Being a hacker is cool?• Abundance of resources and ready made software• Vulnerabilities• Monetary reasons• Malicious reasons• Political agenda• Anonymity and difficult to trace36

|Malaysian Communications and Multimedia Commission|Cybercrime today $$$• Its mostly about money• Systems are built superfast toaccommodate commercialneeds• Information security is nottaken seriously• Traceability is hard• Anonymity is easy

|Malaysian Communications and Multimedia Commission|Is hacking cool?• The Orange County Register reports that a19 year old from Washington state brokeinto the Orange County California 911emergency system. He randomly selectedthe name and address of a Lake Forest,California couple and electronicallytransferred false information into the 911system. The Orange County CaliforniaSheriff's Department's Special Weapons andTactics Team was immediately sent to thehome of a couple with two sleepingtoddlers. The SWAT team handcuffed thehusband and wife before deciding it was aprank. Says the article, 'Other lawenforcement agencies have seen similarbreaches into their 911 systems as part of atrend picked up by computer hackers in thenation called "SWATting“-Slashdot38

|Malaysian Communications and Multimedia Commission|Meet Millionaire SpammerJeremy Jaynes• One of the world's biggest spammers• Earns about an estimated US$500,000 toUS$750,000 a month• Owns a million-dollar house, a restaurant and aMaserati• 16 High speed Internet lines at home withmonthly bill up to US$20,000• CDs containing more than 384 million emailsaddresses• He works from home39

|Malaysian Communications and Multimedia Commission|Ignorance is not an excuseAh Longs ‘book’ customers on FacebookLOAN sharks are getting tech-savvy — they are now sourcing forpotential customers through Facebook, Nanyang Siang Pau reported.The daily said the loan sharks had appointed middlemen who wouldtrawl the social networking site for customers. It quoted DeputyInspector-General of Police Tan Sri Ismail Omar as saying that the loansharks seemed to be very good at identifying people who had failed toobtain loans through legal channels. “They will then get in touch withthem through Facebook and convince them to take a loan.”40

|Malaysian Communications and Multimedia Commission|Modern-Day Revenge• A man in Sweden who was angry with hisdaughter's husband has been chargedwith libel for emailing the FBI that theson-in-law had links to al-Qaeda.• The son-in-law was arrested upon landingin Florida. He was placed in handcuffs,interrogated and placed in a cell for 11hours before being put on a flight back toEurope41

|Malaysian Communications and Multimedia Commission|Cybervillains for Hire• You can’t do it, just hire• 20 millions of mail's = €350 euro• Starter Kit = €140– 5 Millions email address with spammer appconfigured in your own server• DDOS attack– Free for 10 mins– USD$20 for 1 hour and USD$100 for 24 hours42

SALIENT POINTS|Malaysian Communications and Multimedia Commission|Internet inMalaysiaRole ofMCMCCybercrime &Security Risks-CybercriminalsHiding TheirTracksRelevant LegalProvisions-Action by SKMM& LEAs

|Malaysian Communications and Multimedia Commission|MethodsAnonymous SurfingAnonymous ProxyWireless accessTOR NetworkUse ofHacked/ServersIP Spoofing Website hostedoverseas subject toprivacy laws False registration Extra territorialityapplies

SALIENT POINTS|Malaysian Communications and Multimedia Commission|Internet inMalaysiaRole ofMCMCCybercrime &Security Risks-CybercriminalsHiding TheirTracksRelevant LegalProvisions-Action by SKMM& LEAs

|Malaysian Communications and Multimedia Commission|RELEVANT PROVISIONS FROM CMA 1998Section 231Section 232Section 233Offence if useapparatus or devicewithout authorityFraudulent use ofnetwork facilities,network service etcImproper use ofnetwork facilities ornetwork serviceUses any apparatus or device with intent toobtain information, content, sender or addresseewithout an approval from SIRIMdevices, gadgets meant for interception of dataWith intent to avoid payment or fraudulent use ofservice or facility:- Stealing of telephone lines (PSTN / PCCB)Cellular cloningTapping wireless internet for free serviceusage etcAnnoying, abusive, threatening, harassing,obscene:-Emails (spamming), SMS, MMSWebsite content publishing, postingViruses etc

|Malaysian Communications and Multimedia Commission|RELEVANT PROVISIONS FROM CMA 1998Section 234Section 235Section 236Interception &disclosure ofcommunicationsprohibitedDamage to networkfacilities etcFraud and relatedactivity in connectionwith access devicesInterception of telephone line etc and use of theinformation compromising / jeopardizing an ongoinginvestigationSabotage of communication infrastructure orserviceRemote Denial of Service (DoS) attack e.g. virusthat damage or halt internet service belonging toa providerProduction, sale or use of devices or softwarethat can be used to modify a gadget, device togain illegal access to a service, content serviceetcE.g. card reader being modified to reader/writerwhich can gain access to MyKad databaseillegally.

|Malaysian Communications and Multimedia Commission|THE DIGITALSIGNATURE ACT 1997Regulate the use of digital signaturesSection 4 - Certification authorities under theDSA are licensed (also provision on exemption)Section 67 - Presumptions on digital signaturesINFRINGEMENT OFCOPYRIGHTCopyright (Amendment) Act 1997Section 13 (nature of copyright in literacy,musical or artistic works, films and soundrecordings.Section 41 (Offence)COMPUTER CRIMESACT 1997Section 3 (unauthorized access to computermaterials)Section 4(unauthorized access with intent tocommit or facilitate commission of furtheroffenceSection 5(unauthorized modification ofcontents of any computer)Section 6(wrongful communications)ELECTRIC COMMERCE ACT 2006& ELECTRONIC GOVERNMENTACTIVITIES ACT 2007Section 6 of ECA and Section 10 of EGAA (legalrecognition of electronic message)

|Malaysian Communications and Multimedia Commission|TELEMEDICINE ACTPractice of medicine using audio, visual and datacommunications.ONLINE SEDITIONSection 3 and 4 of the Sedition Act 1948Section 8 of Internal Security Act 1960 (anyperson who, by word of mouth or in writingor in any newspaper, periodical, book,circular or other printed publication or by anyother means spreads false reports or makesfalse statements likely to cause public alarm,shall be guilty of an offence)Section 211 (prohibition on provision ofoffensive content) and Section 233 (Improperuse of network facilities or network service)of the Communications and Multimedia Act1998INTERNETDEFAMATIONSection 500 of the Penal CodeSection 28 of the ISA 1960Section 211 of the CMA 1998Section 233 of the CMA 1998CYBER PORNOGRAPHYAND EXPLOITATION OFCHILDRENSection 292, 293 and 294 of the Penal CodeSection 5 of Film Censorship Act 2002Section 31 Child Act 2001

|Malaysian Communications and Multimedia Commission|PROSTITUTION ANDOTHER ILLEGAL CYBERSEXUAL ACTIVITIESSection 372 (person living on or trading inprostitution), 372B ( soliciting for purpose ofprostitution) and 373 (suppression ofbrothels) of the Penal CodeSPAMSpam Control Regulation has been finalizedand forwarded to Ministry of Information,Communications and Culture on 9 February2010.CYBER TERRORISMPenal Code contains provisions that deals withterrorism that may apply to cyber terrorism aswellChapter VIA Sections 130B -130T (incorporated inPenal Code on 6 March 2007)CROSS BORDER ANDJURISDICTIONAL ISSUESExtradition Act 1992Mutual Assistance in Criminal Matters Act 2002Reciprocal Enforcement of Judgment Act 1958

SALIENT POINTS|Malaysian Communications and Multimedia Commission|Internet inMalaysiaRole ofMCMCCybercrime &Security Risks-CybercriminalsHiding TheirTracksRelevant LegalProvisions-Action by SKMM& LEAs

|Malaysian Communications and Multimedia Commission|• A cybersecurity monitoring centre initiated by the MalaysianCommunication and Multimedia Commission (SKMM)• In line with National Cyber security Policy (NCSP) and the10th National Policy Objective under the Communications andMultimedia Act 1998 (CMA 1998)• Provide preventive early warnings to all relevant stakeholdersin Malaysia• Serves as the national Internet network thermometer toprovide overall understanding of macro cyber threat level withthe involvement and cooperation of both public and privatesectors

|Malaysian Communications and Multimedia Commission|SNSC : Watch & AlertMonitors and analyze1 Petabytes (1,000,000,000,000,000 Bytes)

|Malaysian Communications and Multimedia Commission|MAIN RESPONSIBILITIES• Network Threat Monitoring and Management– Recommends threat level for Malaysian network– Monitor the criticality of threats coming into the localnetwork• Incident Management, Network Forensic, Recovery andAdvisory– Analyze network – forensic– Provide early warning, handling, advisory and coordinationduring incidences• Vulnerability Management– Network auditing activities to ensure continuous security


|Malaysian Communications and Multimedia Commission|SNSC-ISP Connectivity

|Malaysian Communications and Multimedia Commission|Cyber Incidents Detected (2011)TOTAL: 3,921

|Malaysian Communications and Multimedia Commission|Phishing Cases Escalated (2011)

|Malaysian Communications and Multimedia Commission|Content-Related Complaints

|Malaysian Communications and Multimedia Commission|Content-Related ComplaintsTYPE ACCORDING TO MEDIUM 2011 1 Jan-11 Apr 2012WEBSITE/ BLOG/ EMAIL 1,112 274SOCIAL NETWORKING 716 239TOTAL COMPLAINTS 1,828 513TYPE 2011 1 Jan-11 Apr 2012OFFENSIVE & MENACING 789 144FALSE 362 148OBSCENE 183 58HACKING 196 55OTHERS 298 108TOTAL COMPLAINTS 1828 513

|Malaysian Communications and Multimedia Commission|Action Taken (2011)

|Malaysian Communications and Multimedia Commission|Investigation under CMA 1998YEARCATEGORYEMAIL BLOG FB/YOUTUBE WEBSITE TOTAL2010 35 13 21 45 1142011 35 14 23 47 1192012(UNTIL MAC 2012)11 4 6 12 33TOTAL 81 31 50 104 266

|Malaysian Communications and Multimedia Commission|

|Malaysian Communications and Multimedia Commission|Enforcement Action under S.263(2)CMA 1998 (2011)CATEGORY AGENCY JAN FEB MAR APR MAY JUN JULY AUG SEPT OCT NOV DEC TOTALPHISHING SITE SKMM/ PDRM 79 83 133 65 79 108 124 74 139 149 119 106 1258LUCAH SKMM 124 0 21 0 4 0 0 0 0 0 17 0 166JENAYAH SYARIAH JAIN/JAKIM 0 0 2 4 0 0 0 0 0 0 0 0 6MEDICINE KKM 0 0 1 0 0 0 0 0 0 0 0 0 1S233 CMA SKMM 0 0 0 0 0 0 0 1 0 0 0 0 1S211 CMA SKMM 5 1 3 4 9 0 0 0 0 0 0 0 22COPYRIGHT KPDNKK 0 0 0 0 10 0 0 0 0 0 0 0 10FINANCIAL SSM 0 0 6 0 0 0 0 0 0 0 0 0 6SECURITIES SC 1 0 0 0 0 0 0 0 0 0 0 0 1ONLINE GAMBLING PDRM 0 0 4 0 0 0 0 0 0 0 0 0 4Total 209 84 170 73 102 108 124 75 139 149 136 106 1475

|Malaysian Communications and Multimedia Commission|CONCLUSIONS

|Malaysian Communications and Multimedia Commission|Conclusions• Continuous and systematic monitoring due tooverwhelming number of web presence– Issues requiring further action/ feedback• Pro-active action required:-– Reporting to web host/ moderator– Media engagement through mainstream and alternativemedia on issues raised• Intensify awareness campaign– SKMM’s “Klik Dengan Bijak” Campaign– Participation in seminars, conferences etc.– Media engagement through multi-platforms

|Malaysian Communications and Multimedia Commission|ConclusionsInterface with international bodies and organizations to enhancecooperation and exchange of information, expertise andintelligence.Meridian ProcessConnecting and Protecting


|Malaysian Communications and Multimedia Commission|INTERNATIONAL COLLABORATIONChair of ASEAN Telecommunications Regulatory Council (ATRC)Network Security Working GroupMember of the Security & Prosperity Steering Group (SPSG) ofAPEC Telecommunications and Information Working Group(APECTEL)Member of Steering Committee of the Meridian (A meeting andwork shop for Governmental and Regulatory bodies responsible for theprotection of critical infrastructure)Signatory of the Seoul-Melbourne MoU against SpamMember of the London Action PlanMoU with RSA (Security Division of EMC) – collaboration to takedown phishing websites for foreign banks hosted in Malaysia

|Malaysian Communications and Multimedia Commission|SKMM Contact youGeneral Line : +60 3 8688 8000Facsimile : +60 3 8688| M a l a y s i a n C o m m u n i c a t i o n s a n d M u l t i m e d i a C o m m i s s i o n |70

More magazines by this user
Similar magazines