Identity theft

    

          Identity theft had caused many problems to everyone. Internet users have to be cautious of hackers and fraudsters when they are online. These people are very intelligent in damaging an individual's identity and their reputation.
          Personal data are stolen every single day for various reasons. In a survey conducted by a credit reporting agency reported that one in 10 Malaysians fell victim to identity theft.
          In another case, an elderly man lost his identity card 22 years ago faces a citizenship issue. This is due to another person using it to apply for Canadian citizenship. Fortunately he was able to vote using his ATM cards and also receive 1 Malaysia People's Aid (BR1M).
         There are many ways and methods these criminals use to gather the personal information of the targeted person. Just a single touch of the button, they are able to know the entire information that they require to proceed further. At times these identity theft are not monetary as it could be due to vengeance or jealousy. Hence, these hackers try to destroy the dignity of an individual.
          Many organizations are always reminding their customers to be aware of identity theft. For an instance in the Maybank website it states the precautionary methods to prevent from this unlawful act to take place. It is reasonably necessary for all to be aware of what are the circumstances they may face when they are facing this issue.


http://www.themalaysiantimes.com.my/elderly-man-facing-citizenship-problems-due-to-identity-theft/

https://themalaysianreserve.com/2018/04/11/one-in-10-msians-fall-victim-to-identity-theft/

https://www.thestar.com.my/tech/tech-news/2018/06/23/identity-theft-poses-a-threat-to-every-internet-user/

https://www.maybank2u.com.my/mbb_info/m2u/public/personalDetail04.do?channelId=CRD-Cards&cntTypeId=0&cntKey=CRD08.12&programId=CRD08-Utilities&chCatId=/mbb/Personal/CRD-Cards

Al Qaeda and the internet

            Everyone in this world know about the famous terrorist organization, Al Qaeda. Their radical Islamic ideology and heinous activities made them well known in a negative manner. They have been learning on how to operate the internet of things in order to be on par with other jihadist or terrorist. These terrorists use the internet to attract like-minded people towards their vision and mission.
           Cyberterrorism is not only damaging a particular person, group or country. It actually creates a serious blow to the entire world and may disrupt many aspects of the politics, economics, social and technology for the long run. Al Qaeda had been able to recruit many people from different backgrounds into their organizations to ensure their global initiative or mission can be deployed successfully.
            They use the YouTube, video camera and smartphones to spread their propaganda as well as providing virtual military training. Youngsters are more prone to these kind of medium and maybe trapped or lured to believe that they are the truth and should obey to their preaching. These people are not aware that it could ruin their lives and cause tremendous effect to many lives.
             Al Qaeda has many ways to communicate their ideology and internet is one of the medium they use. Due to the rapid technology advancement, many people are technology savvy and are able to deliver and create cyberterrorism within split seconds. Therefore, each internet user should always beware with what we are viewing and not simply click any links which can be suspicious.


http://smallwarsjournal.com/jrnl/art/role-al-qaeda-plays-cyberterrorism

LEARNING FROM EBAY’S FAILURE IN CHINA

Internationalisation is a level that most companies hope to achieve amidst its plans of expansion. Being a global player in ones area of expertise is regarded as the prime point when it comes to buying and selling. Sometimes this expansion doesn’t work too well for some companies no matter how successful they are in their home countries. In this post, I’ll be sharing a few mistakes made by EBay which led them to fail in China, and how other companies can learn from their experience.

1. Having a partnership with a strong local Chinese brand. This can be established as a mode of entry since little to no hands on knowledge has been achieved. By collaborating with an already existing brand, this gives the company a boost as compared to other brands who did not.

2. Using a catchy and meaning Chinese name. There have been a lot of instances where translations made from English to Mandarin ended up being complete fails. Taobao, the competitor of Ebay in the early 2000's mean digging for treasure and this name resonated a lot with the Chinese as such played a major role in the brand recollection of the company.

3. Hiring local leadership and establishing a separate service based in China. Setting up a company in China is no small feat and having a local team that oversees activities is an essential step in being successful. The language and cultural barriers are easier bridged that when there is only one base in America as in the case of Ebay.

https://www.marketingtochina.com/ebay-failed-china/

https://medium.com/@alexlee611/a-case-study-on-international-expansion-how-ebay-failed-in-china-d762d94b9f4b

Identity theft could destroy your life

             
               Identity theft is not a new thing these days. Looking at the bar chart above, we know that the cases of identity theft are increasing year by year although there were a slight drop from 2016 to 2017. But this does not mean that hackers and criminals are not disrupting the lives of others. Last year itself, there were more Social Security numbers being exposed compared to the credit card numbers.
                Due to the rapid growth of e-commerce, many companies are storing their customers' personal information which may be hacked by certain parties. This can allow customers exposed to privacy violations which they might not be aware of. Eventually this is when the data breach takes place and many cases of identity theft and cyber crime pops out.
                The more sophisticated the technology, more and more people are taking their chances of destroying other people's life. They are able to use these victims cash for their own benefits such as personal gain or to fund a criminal activity. There are many cases like this that we may have read.
                The tendency to create more crimes through identity thefts are also easier basically due to the vast knowledge and technology savvy users. People are using the internet not for positive things anymore. They are more inclined to do the bad things to harm people who they might not even have relationships or contact with. All these people are strangers to each other but yet this identity theft is becoming popular.
     
https://www.iii.org/fact-statistic/facts-statistics-identity-theft-and-cybercrime

TRENDS IN CHINA'S E-COMMERCE LANDSCAPE

When it comes to world's E-Commerce top players, China comes to the minds of most people - if not everyone. The reasons for China rising to the top differ, from foresight, hard work, comic positioning, trends, etc. In this blog post, five major trade that project China higher and higher are discussed.

To begin the list of trends China is currently on, we have E-commerce shopping festivals. These are highly popular and have now been regarded as a global phenomenon- specifically the 11/11 sale which as the same implies, happens yearly on the 11th of November. According to Nielson China, which is a global measurement and data analytics company, 79% of consumers who responded to their survey said they planned to participate in this years 11/11 sale.

The next trend is consumption upgrade. This simply means a rise in the preference and taste of middle to upper class consumers. They now look for quality in goods and some of these standards of goods are not available domestically. Sometimes even the designs of the packaging are what attract these customers as well as their safety and environmental designs.

Thirdly, we have new retail. This is where there is a merger between offline (brick and mortar) and online. So instead of there being competition, there is collaboration. New retail was a term brought about my Jack Ma back in 2016 and had since become a common term used within the e-commerce landscape.

Lastly, there is digital payment. Having had a hands on experience from visiting China, I witnessed the real deal of a cashless society. From the street vendors to the plush high-end stalls, payments are made through the touch of a screen. Transactions are done from the mobile phone, even when using vending machines. Alipay and Wechat are the two driving forces behind this cashless society with others also on the rise.

https://www.weforum.org/agenda/2018/01/china-ecommerce-what-we-can-learn/

E-government towards a better society

                          


               What is e-government? E-government is the use of information and communication technologies (ICT) to improve the activities of public sector organizations. Many countries are trying to implement or catch up with the latest trend to cater to their peoples' needs and wants. Simply put, there are times when a message needs to be delivered fast to the citizen, by using the e-government this would be easier.
              Referring to Malaysia, there are many initiatives already being implemented to ensure that the jobs are being done effectively by the public sectors employees. This makes the life of the citizens easier. For an example, the e-service provision whereby citizens can make their payment via mobile payments 24/7. Every 'rakyat' wants these changes to be done by all departments to eliminate redundancy and the hassle to wait at the kiosks or the payment counters. The new digital Malaysia promises all these for their citizens.
              There are many benefits to for e-government to commence. Firstly, it will improve the overall governance of the country. It allows the public services to design an effective model to execute the policies. Secondly, the public sector's goals can be achieved without hassle and delay. In align to this, the services catered to the citizens will be more improvised and more faster responses can be given to them.
              In conclusion, it is necessary for all countries in this world to implement the e-government. Due to the technology, there are many apps being used by all and this makes their work faster and simple. The deliverance of the results through e-government is impeccable.

https://www.enterpriseitnews.com.my/a-new-digital-malaysia/
     

Phishing: A new type of cyber crime

Phishing: A new type of cyber crime

There’s a new type of Internet piracy called “phishing.” It’s pronounced “fishing,” and that’s exactly what these thieves are doing: “fishing” for people’s personal financial information.

Phishing is a cyber-crime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

Phishing is when a scammer uses fraudulent emails or texts, or copycat websites to get people to share valuable personal information – such as account numbers, Social Security numbers, or people’s login IDs and passwords. Scammers use anyone’s   information to steal their money or identity or both.

Types of phishing

That said, there are a variety of techniques that fall under the umbrella of phishing. Generally, a phishing campaign tries to get the victim to do one of two things:

-       Hand over sensitive information. These messages aim to trick the user into revealing important data — often a username and password that the attacker can use to breach a system or account. The classic version of this scam involves sending out an email tailored to look like a message from a major bank; by spamming out the message to millions of people, the attackers ensure that at least some of the recipients will be customers of that bank. The victim clicks on a link in the message and is taken to a malicious site designed to resemble the bank's webpage, and then hopefully enters their username and password. The attacker can now access the victim's account.

-       Download malware. Like a lot of spam, these types of phishing emails aim to get the victim to infect their own computer with malware. Often the messages are "soft targeted" — they might be sent to an HR staffer with an attachment that purports to be a job seeker's resume, for instance. These attachments are often .zip files, or Microsoft Office documents with malicious embedded code. The most common form of malicious code is ransomware — last year it was estimated that 93 percent of phishing emails contained ransomware attachments.

how phishing works?

In a typical case, users will receive an e-mail that appears to come from a reputable company that you recognize and do business with, such as users’ financial institution. In some cases, the e-mail may appear to come from a government agency, including one of the federal financial institution regulatory agencies.

The e-mail will probably warn users of a serious problem that requires their immediate attention. It may use the phrases, such as “Immediate attention required,” or “Please contact us immediately about your account.” The e-mail will then encourage users to click on a button to go to the institution’s Web site.

In either case, users may be asked to update their account information or to provide information for verification purposes: i.e., Social Security number, account number, password, and place of birth.

How to protect from phishing

 I.          Never provide personal information in response to an unsolicited request, whether it is over the phone or over the Internet.

II.          If it’s seems the contact may be legitimate, have contact the financial institution immediately. Users can find phone numbers and Web sites on the monthly statements they receive from the financial institution

III.          Never should not provide password over the phone or in response to an unsolicited Internet request. A financial institution would never ask users to verify their account information online.

IV.          Review account statements regularly to ensure all charges are correct.

Source: https://www.zdnet.com/article/what-is-phishing-how-to-protect-yourself-from-scam-emails-and-more/

france.com vs Government of France

       Domain name has been a sensational issue since the existence of the world wide web. Let us look at the case of france.com. Initially france.com was a tourist agency, however it was seized by France (country) in the year 2015. The owner of the website, Jean Noel-Frydman was shocked because he was not notified by the Government of France.
       The reason given by them for the take over was that the name France belonged to their government. Hence, any domain with the name France in it belongs to them. Most of the times, domain names are first come first served basis. Legally the Government of France should have negotiated with the owner to pursue to buy the domain name or the website rather than asserting legal ownership to it.
        Dissatisfied with the French court's ruling, Frydman is suing the Government of France to get back his domain name. He had mentioned that the party who took over his website is cyber squatting and it is unfair to him. This is injustice to him as he has been promoting the France tourism for the past 25 years.
        Referring to the case above, domain name issues is not new in this era. It had been evolving and the dilemma is unbearable. Therefore, obtaining another person's domain name is unethical and it should not be practiced as it may impact many parties. If someone is interested with the domain name, then they should atleast inform the owner of the domain name to avoid hassle and other problems.




http://www.wlrn.org/post/france-seized-francecom-miami-man-suing-get-it-back

E-Commerce: Digital Certificates

The business world is fast becoming mainly digital with the influx of a great number of E-commerce websites or companies. These companies deal with buying or selling of products on online services or over the Internet. For instance, Ebay, Alibaba, Lazada and plenty more.

However, customers need to be protected while using these sites since they expose their personal information such as physical addresses and bank account information when making online purchases. 

To confirm the security of E-Commerce sites, electronic contracts and digital certificates in the cyberspace are used as offence preventive steps.

Lazada Malaysia Digital certificate

Digital Certificates are required as a form of authentication especially form a trusted and known authority such as VeriSign. An authority provides a proof of identity and checks validity before issuing the digital certificate. Only certificates from well-trusted authorities are automatically recognized and trusted by major web browsers and email client software.

Strong authentication is therefore very important in the E-commerce marketplace to ensure security of consumers and all users of these websites.

Encryption: An ultimate process of online data privacy

Privacy is necessary for human society to function. The problem is not that the information exists but that it reaches the wrong people. Information on the internet could bring great benefits to society, and to individuals, when huge data-sets can be refined to yield information otherwise unavailable. But once the information is gathered, a precautionary principle has to apply.  

Information security is provided on computers and over the Internet by a variety of methods. A simple but straightforward security method is to only keep sensitive information on removable storage media like portable flash memory drives or external hard drives. But the most popular forms of security all rely on encryption, the process of encoding information in such a way that only the person or computer with the key can decode it.

What is Encryption?

Encryption secures online information, protects the data from countless daily attacks and is a vital component of our national defences. Encryption is a fundamental aspect of Information Security practice in order to protect sensitive data through protocols such as PKI, SSH, SSL and other digital signatures and certificates. 

Encryption process:

Encryption is the process of translating plain text data ‘plaintext’ into something that appears to be random and meaningless ‘ciphertext’. Decryption is the process of converting ciphertext back to plaintext.

To encrypt more than a small amount of data, symmetric encryption is used. A symmetric key is used during both the encryption and decryption processes. To decrypt a particular piece of ciphertext, the key that was used to encrypt the data must be used.

Source:  https://www.upwork.com/hiring/development/introduction-to-encryption-data-security/

Internet Censorship

Internet censorship involves putting restrictions on what can be viewed and accessed over the internet. This is usually enforced by regulators that can include the government and other parties. Internet censorship has been used to block access to websites that may be considered harmful to the users, the country or the economy as a whole.

A sample of a censored website in Malaysia

The Malaysian Communications and Multimedia Act of 1998 contains a clause that guards against Internet censorship. The section which involves the improper use of network services to make “obscene, indecent, false, menacing or offensive” comments has frequently been used against individuals posting online.

To an extent, such censorship as allowed by the law and supported by the "Anti-Fake News Bill" that was recently signed may remove an element of freedom of speech and expression in the digital space among the common people though protecting the government interests at the same time.

Source: https://medium.com/@internetmonitor/the-sinar-project-shines-light-on-malaysian-internet-censorship-9c0b1fe06c16

Trends in Cyber Terrorism

1. Crime-as-a-Service

The growing trend in recent years is that more and more experts in the cyberspace are using their intelligence and skills to perform criminal acts for other people for a high fee. This is definitely a worrying trend.

2. Ransomware

This can generally be described as a malware that can threaten harm and denies one access to their own data in a computer. One is then pressured to pay an amount of money of ransom to be able to access their data.  

Below is a link to a discussion by Robert Gibbons, CTO at Datto, joined by host Steve Ragan to talk about how ransomware affects companies.

↘↘Video Discussion↙↙

According to the discussion in the video, 25% of the time individuals and companies are unable to get back all or most of their data. 
This definitely shows that there should be more provisions in the law for people and companies affected by ransomware attacks.

3. Virtual currencies

These digital currencies such as Bitcoin, Litecoin and many others are definitely a recent development in the financial currency field. However, the limited knowledge on the how this currency was developed as well as how it is controlled poses a few issues in cyberlaw especially since it has been noted to be the currency of choice for the payment for criminal products and services in the digital underground economy and the Darknet. 

4.  Social engineering

This trend includes acts such as phishing that could be used to attack highly valued target individuals. For instance actions such as CEO fraud which is a more refined option of phishing, has become a key threat to a number of companies.

With these trends and more growing in society, there needs to be a re-evaluation of the cyber laws which for instance in Malaysia needs to be updated to cater for such situations.

Steganography and Terrorist Communications

https://www.onlinejournal.in/IJIRV3I11/037.pdf




     






     What is steganography? Steganography is the practice of concealing a file, image or video within another file, message, image or video. In layman term, steganography is the science of hiding information. Currently, it has been a cyber threat to most of us.
     
     Basically, what happens in stenography is when a secret message is sent to other party, normal person would not be able to know what is the real message. Any individual can hide information in any kind of file.  

     Steganography tools enables a user to embed hidden data inside a carrier file, such as an image or video, and later extract the data. Nowadays, steganography tools are being widely used in the cyberterrorism. Steganography is supporting global terrorism.

     In recent events happening around us, many terrorist groups are sharing their information through embedding it into image files without being able to be traced by anyone apart from their sources. They are sharing these images over the email.

    Therefore, new laws pertaining the prevention of these unhealthy activity should be setup immediately in order to keep the country and the world a safe place to live in.