THE problem of data theft which has emerged as one of the major cyber crimes worldwide has attracted little attention of law makers in Malaysia.
Hackers are criminals who gain unauthorised access to a network and devices, to steal sensitive data, such as individual personal particulars, financial information or company secrets and are sold in the dark web.
Monetary gain is the main reason for thieves to steal data. The leak of data can be from hackers, IT vendors as well as internal employees. The 2018 Ponemon statistics showed that at least 56% percent of organisations have experienced a data breach due to a vendor’s security shortcomings.
An alleged data leak containing the information of 22.5 million Malaysians born between 1940 and 2004, purportedly stolen from the National Registration Department (NRD), has once again put the country's data security measures in the spotlight and having a negative effect.
It is shocking to know when a local tech portal Amanz reported that the database, 160GB in size, is being sold for US$10,000 (S$13,846) on the dark web.
In the screenshot shared by the portal, the seller claimed that this is an expanded database compared to the one he sold in September last year, which was only up to 1998. Home Minister, Datuk Hamzah Zainuddin meanwhile denied the alleged data leaked from NRD and said that the NRD firewall is quite strong.
It is important for the relevant law enforcement agencies to thoroughly investigate and confirm these allegations if the leak is genuine.
Never underestimate the stupidity of these criminal’s hackers.
The sensitive departments should work to continuously strengthen and refine the firewall and keep all the software up to date and by following best practices for computer use.
Hackers are becoming more skilled and sophisticated and where some countries take proactive initiative by hiring the “ethical hackers” to deal with the cyber-attacks and the dark web.
In 2021, total of RM25.5mil worth of properties, luxury cars and watches including cash was seized by the Malaysian Anti-Corruption Commission (MACC) following arrests of five suspects involved a syndicate which hacked into the Immigration Department's computer systems to issue fake temporary work permits (PLKS). The Immigration director-general Datuk Khairul Dzaimee Daud said that investigations were ongoing as it is believed that the syndicate had help from within the Department.
Prior to this incident there were threats levelled at the Royal Malaysian Navy (TLDM), US air forces as well the as Nigeria navy on highly classified documents have been leaked and have ended up on the dark web.
This has raised a heightened awareness of the need to be more secure, vigilant and resilient. TLDM is aware of the stolen military related information, and they have confirmed that is already obsolete.
Whatever it is, the hackers and criminals had successfully broken our system by attacking both cyber space and cyber security.
Prior to this, a cybercriminal claimed to have the complete set of records and personal details of 1,164,540 Universiti Teknologi Mara (UiTM) students and alumni who studied between 2000 and 2018. The hackers wanted to prove a point and to tell UiTM to beef up their IT security in the university. The information was eventually sold in the dark web.
In 2014, Richard Huckle posed as freelance photographer and an English teacher in Kuala Lumpur was sentenced to life in prison for sexually abusing scores of children and his activities in the dark web, where members exchanged child sex abuse images and tips.
So, what is Dark Web? There are three layers of Internet namely; surface web, deep web and dark web.
Like an iceberg, interestingly, the surface web contains only 4% of the Internet; the remaining 96 % is hidden in the part of deep web.
However, this is not to say the deep web are necessarily malicious. Medical records, academic and legal document are also kept and stored there for protection and privacy purposes.
What is disconcerting about the deep web is that a part of it called the dark web which is also internationally hidden and not accessible through the traditional search engine or standard browsers.
To access this level, one need to have a special browse known as Onion Router browser (TOR), originally developed by the US Navy to protect government intelligence communications. It protects users’ privacy, and hides all users’ IP addresses which makes it is impossible to be traced.
The dark web is used for nefarious purposes by hackers aiming to disrupt critical infrastructure or sensitive or classified information. It also serves as “criminal underground” to facilitate money laundering and other criminal activities.
The organised criminal sites offer their largest marketplace on the dark web for purchasing illegal products and services such as sensitive data, financial transaction, corruption, drugs, contract killers, human organs, child sex, child pornography, counterfeit money, fake passports, firearms, and stolen bank account information, etc. They even have their respective business models, advertising and collaboration among hackers and criminals and exploit organisations around the clock.
What would happen if a cyber-attack takes over the electronic voting system or the government IT network? The government has need to be proactive and introduce a more serious and dedicated cybercrime unit to tackle hackers and the dark web.
Combating criminal activities operating in the dark web environment requires the law enforcement agencies to be more proactive. It demands cyber security experts and technical resources combined with an innovative approach.
In Malaysia there is a need to raise the knowledge, skills and capability across all members of Malaysian Police Force, Malaysian Intelligence agencies and the Cybersecurity Malaysia. Malaysian Armed Forces that have set up cyber warfare regiment to strengthen cyber defence.
Law enforcement agencies, regulators and ethical hackers should form a task force with Cybersecurity Malaysia and acquire capabilities pertaining to deep web analysis. This is to enable the task force effectively conduct investigations and continuous monitoring to effectively curb cybercrime activities to ensure a safer, secure to the public and ensure our cyber-space remain immune to cyber-attacks.
The ethical hackers can add immerse value to an organisation to identify their system and security weak points and upgrade an organisation’s network by defending it from threat in cyberspace.
Even with the best infrastructure, technologies and legislation in place, the human factor that is subjective plays an important part to prevent data breaches. Therefore, integrity of the data handlers is critical to combat cyber threats. Stealing data can be done by
In cybersecurity world, tracking and attacking cybercriminals are not easy task and is a big challenge as we are dealing with skilled and expert criminals. Besides combating cybercrime, other actions such as prevention, awareness campaign and risk mitigation are equally very vital aspects in fighting against cybercriminals in the dark web.
* Datuk Seri Akhbar Satar is the President Malaysian Association of Certified Fraud Examiners
** The views and opinions expressed in this article are those of the author(s) and do not necessarily reflect the position of Astro AWANI.
Akhbar Satar
Sun May 22 2022
An alleged data leak containing the information of 22.5 million Malaysians born between 1940 and 2004, purportedly stolen from the National Registration Department, has once again put the country's data security measures in the spotlight - File Pic
80 children of former GISB members remain unclaimed - Nancy
Some parents wish to reunite with their kids, but others changed their minds for unknown reasons, says Nancy Shukri.
MACC-FBI-DOJ collaboration recovers US20 mln linked to 1MDB
MACC says Frank White Jr. voluntarily agreed to surrender funds to the DOJ after learning they originated from misappropriated 1MDB money.
Malaysia aims to reclaim top spot as world's leading rubber producer in 10 years - DPM Zahid
The replanting process must utilise high-quality saplings and automated methods for tapping and collection, says Datuk Seri Dr Ahmad Zahid.
Ousted South Korean defence minister testifies Yoon never intended full martial law
Kim Yong-hyun says he wanted a broader military deployment but was overruled by President Yoon Suk-Yeol.
Bloomberg philanthropy to cover US climate dues after Paris withdrawal
Bloomberg Philanthropies will cover US dues to UN Climate Change body, ensuring emissions reporting despite Trump's climate policy pullback.
What Trump has done since returning to the White House
Here are some of the actions that President Donald Trump has taken so far.
Indonesia resumes search for 13 missing after deadly landslide in Central Java
The number of the missing people is most likely more as there was a cafe in the landslide location, a spokesperson said.
Revocation of PwD driving licences only in specific cases - Loke
Anthony Loke says that PwD drivers should not be made scapegoats simply due to isolated incidents involving the group.
Trump steps up immigration crackdown, warns city, state officials against interference
State and local officials who resist or obstruct immigration enforcement could be charged under federal laws against defrauding the US.
ASEAN calls for full implementation of Israel-Hamas ceasefire agreement
ASEAN calls on all parties to maintain conducive conditions to the full implementation of the agreement, strictly adhere to its terms.
Trump designates Yemen's Houthis as a 'foreign terrorist organisation'
The move will impose harsher economic penalties than the Biden administration had applied to the Iran-aligned group.
Thailand holds its first same-sex weddings, targets record registrations
Thailand is the third territory in Asia to legalise same-sex marriages after Taiwan and Nepal.
Teen fatally shoots a female student and himself at Antioch High School in Nashville, police say
According to police, the shooter -confronted- student Josselin Corea Escalante, in the cafeteria and opened fire, killing her.
Targeted toll exemption for festive seasons under review - PM
Datuk Seri Anwar Ibrahim says similar to previous subsidy adjustments, toll exemptions should only be provided to the B40 and M40 groups.
New wildfire near Los Angeles explodes to 9,400 acres, forces evacuations
A new wildfire fueled by strong winds and dry brush, forces mandatory evacuation orders for more than 31,000 people.
Analysis - Trump's bid to label Mexican cartels 'foreign terrorists' poses risks to companies, migrants
Mexico has long opposed the move, arguing the cartels are not motivated by political ends like others on the terror list, but by profit.
PM's WEF dialogues - From Manchester United, regional challenges to balancing global superpower dynamics
On South China Sea, the PM says any resolution must be a collaborative solution, regardless of Western world's views on it
1.4 billion people travelled internationally in 2024 - UNWTO
According to UNWTO, this represents an 11 per cent increase, equivalent to 140 million more travellers than the previous year.
Man killed, two injured in random stabbing near Japan's Nagano Station
An investigative source said the suspect appeared to target victims at random.
China families appeal to free relatives held by scam gangs in Myanmar
The UN says hundreds of thousands of people have been trafficked to scam centres in Southeast Asia since the COVID-19 pandemic.