How to Stop Cyber Vandalism?

One thing is for sure. We must not take cyber vandalism lightly. As seen in the previous posts we can see much danger in it. In this section, we will see how we can face this issue.

First and foremost, we have to detect if there is cyber vandalism occurring. How can we do so? Companies can review their websites, check for mistakes and have email inspection from time to time. It is too always best to have network intrusion detection systems and a backup system and data. Early detection will prevent the rest of the disasters from happening and it will save a whole lot of drama and money.

If cyber vandalism has already occurred it is suggested that this crime is reported to the police or authority. For sometimes we might be the lack of knowledge and may not know our rights. In fact, we have so often been deceived because we do not know the law and our rights. When we have been cyberbullied or catfish we can do something about it instead of keeping it in and let the activity continue. This goes the same for cyber vandalism.

As the saying goes, prevention is better than cure. There are several actions that companies can take including security audit and controls, by buying business insurance and even proposing incident response plan.

Education starts from home but is also learnt in school and all around us. By educating a child is like writing on a blank piece of paper and that child can be shaped into something beautiful. Of course, every being is not perfect but we can try to be our best self. Cyber vandalism can for sure be prevented, reduced and cured by education.

Role models around us including parents, teachers or even celebrities can help prevent such action. Celebrities can use their voice or even write songs to spread the word that cyber vandalism is a negative thing, teachers can organise campaign and events and parents can be a positive leader and someone high in moral.

Last but not least is the role of government. In my opinion, it is best for Cyberlaw to be updated from time to time. It is clear that we live in a fast paced technology driven country and sometimes it’s hard to keep up. Cyber vandalism might, in the future, evolve itself and turn into something more dangerous. It is only by the law that these vandals can be justly punished and to prevent new vandals to be born. Moreover, it is always better to have more than one helping hand, therefore collaboration with other companies and the government is highly recommended.

Regardless, without appropriate control, it is possible that measures taken could be harmful to society in a different way. An example would be the regulation or monitoring of societies use of IT and social systems could invade individual rights and freedoms. It is understandable that you and I and the entire society do not like to be watched. Therefore, questions arise, “How much should be controlled and how much freedom should be given”.

Case

Cyber Vandals Take Down School Sites

In the year 2010, Louisiana schools and a school board websites have been taken down by cyber vandals. It is clear that it is “cyber vandalism” for according to The Advocate, visitors of Livingston Parish School Board website and several Livingston Parish schools received a message:

“HACKED By ch0unix - WE ARE CRAZY TURKS”

It is also reported that sensitive information of employee information and students’ grades and attendance records, had not been compromised. Nonetheless, parents of students were not able to access the site. Further investigation was made and it has been found that it had attacked more than 100 other sites.

In my opinion, the school should take more precautions to detect cyber vandalism from happening for example building the better firewall and have time to time screening. In addition, they should have a backup plan and emergency data storage. It can be seen that the operations of the schools have come to a hold when this incident happen. The schools will then have to reassure parents that this will not do any harm to their children’s education, at the same time build back their image or reputation.

Copyright:ExecutiveBiz

Case

Hackers deface Malaysia Airlines Website

In 2015, the Web site of Malaysia Airlines was defaced by the hacker group who referenced Islamic State and claimed to be from the "Lizard Squad", the best known for its attacks last fall on Sony's PlayStation Network.

The site's home page www.malaysiaairlines.com was briefly replaced with an image of a lizard smoking a pipe and the statement and the text of “Hacked by Lizard Squad - Official Cyber Caliphate."

When visited the website, a professional-sounding rap which apparently released on Christmas Day will play automatically in the background.

It also carried the headline "404 - Plane Not Found", which is an apparent reference to the airlines' puzzling loss of flight MH370 last year with 239 people aboard.

Media reports said that versions of the takeover in some regions include the wording "ISIS will prevail".

Soon after the attack, they would like to point out that “Malaysia Airlines is lying about user data not being compromised.” The hackers said that they planned to release "loot", such as the stolen data that found on the server hosting the Malaysia Airlines website. As part of a teaser, it posted a screenshot that appeared to show Malaysia Airline customer travel itineraries. But, it is unclear why Malaysia Airlines was targeted.

Newsy, T. (Director). (2015). Malaysia Airlines Hack: Lizard Squad, ISIS Involved? [Motion Picture]. Retrieved from https://www.youtube.com/watch?v=tRUF0SZOZug

To against this case, Malaysia provided the Computer Crimes Act, 1997. This act was passed to provide for offences relating to misuse of the computer. Under Section 3, 5 and 6, it addresses unauthorised access, unauthorised modifications and wrongful communication. It also applied to any person even when the offences were committed outside Malaysia. In my opinion, to prevent the occurrence of this incident, Malaysian government can consider to revision and amendments the current cyberlaw by increasing the fine for this type of offences. Besides that, the company also can build up a strong firewall system to protect their company website from hacking and defacing.

Copyright: Stuff

Case

Malaysian hackers hacked and defaced Northern Region Civil Air Patrol of U.S. Air Force Domain

                                              

In 2013, a group of Malaysian hackers from KamiSecTeam has hacked and defaced the Northern Region Civil Air Patrol of U.S. Air Force official website.

The Civil Air Patrol is a non-profit organisation that represents the official auxiliary of the United States Air Force.

However, the hackers haven’t defaced the home page of the Northeast Region Civil Air Patrol. Instead, they have added their defacement page to http://www.ner.cap.gov , where the CAP stated for Civil Air Portal.  

Hackers left an image as a deface page on the hacked website with team’s name “KamiSecTeam” and official logo, but the reason for targeting the site was not mentioned anywhere.

According to by zone-h account, the KamiSecTeam is responsible for hacking over 500 websites from all over the world. However, most of the targets of the hackers appear to be random commercial sites.

In my opinion, U.S. government need to protect their website against hacking attacks by collaboration with other domestic and international companies or overseas governments especially in terms of Information Technology and the Internet to help prevent the occurrence of cyber vandalism. On the other hand, Malaysian government also can provide education to their citizen to prevent the occurrence of cyber vandalism.

Copyright by: Cyber Security Infotech(P) Ltd

Case

Hackers deface Google Pakistan

In November 2012, Google’s Pakistan page was hacked and defaced by Turkish hackers who name “box”. The hackers replaced Google’s logo with a picture of two penguins walking up a bridge at sunset.

Nowadays, Google is the most popular and common search engine for people. This defaced only appeared on the Pakistan subsite for the search engine, www.Google.com.pk. It means that who access to Google from Pakistan will usually redirect to this portal. The hackers also left a message in Turkish on the vandalised Google Page:

“Eboz of a friend always there for me My homies have not shot by me with every breath”

The hackers also added the line “Downed Pakistan” to confirmed that  the webpage had been taken down. While, at the bottom of the page, the hackers added a big question mark followed by the tag line in Turkish:

“Hello, friends who are still alive, not dead!”

So, the site ‘www.Google.com.pk’ was subsequently inaccessible to users.

In my opinion, as Pakistan grows more connected, they must focus on shifting towards securing people who manage to establish an electronic link between themselves and the rest of the world. Besides that, Pakistan also must implement a proper cyber law and it should include the laws which to against poorly coded and insecure websites. For example, United States has provided the Computer Fraud and Abuse Act, which created a criminal offence for conspiring to commit a computer hacking offence under section 1030.

Published in The Express Tribune, November 25th, 2012.

Law in Malaysia

Computer Crimes Act 1997

Section 3 of the Computer Crime Act, 1997 did cover for the offences related to unauthorised access to computer material. The example of unauthorised access is including the  recreational of hacking, system intrusion, and unauthorised access to the computer, computer system or computer network. This section state that:

“a person guilty under this section is liable to a maximum RM 50,000.00 fine or to 5 years imprisonment or to both.”

Section 5 of the Computer Crime Act, 1997 did cover for the offences related to an unauthorised modification of the contents of any computer. For example, a person will guilty under this section when he or she defaces the company website or unauthorised to modify the data. The offences under this section are punishable with a maximum RM 100,000.00 fine or to 7 years imprisonment or to both. However, if the act is done with a further intention of causing injury, it can be punished up to RM 150,000.00 fine or 10 years imprisonment or both.

In my opinion, the fine should be raised as it is the increasing of cyber vandalism cases. So, it is important for the government to consider about revision and amendments the act to reduce the happening of cyber vandalism.

Penal Code

The Penal Code is a law that codifies most criminal offences and procedures in Malaysia.

Section 477 of Penal Code, did cover for the offences related to whoever fraudulent cancellation, destruction, defaces, or intent to cause damage or injury to the public or any person. The offences under this section are punishable by imprisonment for a term which may extend to twenty years, and shall be liable to fine.

What is cyber security??

Cybersecurity (also known as Computer 

Security), which is the protection of information systems 

from theft or damage to the hardware, the software, and to 

the information on them, as well as from disruption or 

misdirection of the services they provide.

Rock, R. (Director). (2014). Cyber Security [Motion Picture]. Retrieved from https://www.youtube.com/watch?v=RV9oN5EGd9Y

Copyright: Cyber Security Infotech(P) Ltd

Who are hackers

Hackers are a person who deliberately gains or attempts to gain unauthorised access to computer systems. In reality, it can be argued that there are different degrees of the threat posed. Hackers may be malicious, whilst others are merely naive and hence, do not appreciate that their activities may be doing any real harm.

In many cases, there have been reported incidents of hackers not only gaining unauthorised access but also altering data or service provision including modification of medical records, breach of military systems and monitoring and alteration of telecommunication services.  

But, the most common hacking which we saw is reflected in wireless routers. For example, a hacker will buy a Linksys router, realizes that the hardware is extraordinarily limited, and then flashes it and installs the new firmware and after a few more tweaks are able to have a cheap router doing the job of a very expensive Cisco router.

What is hacking??

The general problem of computer abuse, encompassing various types of incidents including hacking, viruses, fraud, sabotage and theft across a number of industries or sectors including government, healthcare, banking, retail, and education.

According to Stewart (2006), hacking is the accessing of a computer system without the permission of the owner of that system.

In another word, HACKING is meant to use a computer to gain unauthorised access to data in a system.

Originally, in a legal system, the practice of hack is difficult to prove because many hackers do not cause the actual damage. Normally, they would simply enter the system, leave proof of their cunning and skill and exit.

TheCuriousEngineer (Producer), & Nazir, A. (Director). (2013). What is Hacking? [Motion Picture]. Retrieved from https://www.youtube.com/watch?v=vhRScF7uwMA

Consequences of cyber vandalism

 Loss of Revenue

Cyber vandalism indeed causes a huge impact towards the company’s revenue. There will definitely be costs in identifying risks, building new and safer operating procedures which further leads to outsourcing to a cyber-security consultant in solving this particular matter. Hence, this would certainly create additional cost for the company which might be used in a more efficient manner.

Wasted Time

In order to fully prevent the company from being attacked by cyber vandalism, a particular software or system must be designed to provide a protection for the company. As to ensure the success of preventing these attacks, the system must be tested and monitored strictly from time to time to ensure the effectiveness in fighting against cyber-attacks.

Damaged Reputations

Furthermore, companies which had have encountered cyber-attacks would certainly create a bad point of view towards business partners, customers, as well as their own investors. This is mainly due to the fact that they have lost confidence and credibility in the company’s financial systems. Hence, this would lead to the downfall of the company as investors would be leaving the company whereas business partners are exiting one by one from the business.  

Reduced Productivity

When a firm’s website has been vandalising, they will lose their data and these data is connected to their production. Without data, the firm will be lost and decisions can’t be made without strong support or forecast. Thus, operations of the firm will stop.

Influence of Cyber Terrorism

Cyber-terrorism can have a great influence on the numbers of peoples and can weaken a country's economy and extend its vulnerability to military attacks [20]. Internet-based businesses are greatly affected by the cyber terrorist and can cause downtime for those companies which are managing websites and earning money through advertising and such type of businesses is very good and useful for the country's economy

Psychological Welfare

The person that have been cyber vandalised will be having a hard time facing other people, especially if the content modified is about that person. Regardless of whether it is true or not, most people will believe what they see or read. In the end, the victim might feel rejected or even worse it might lead to suicidal.

What leads intention of individual to cyber vandalism?

 Low Self-Control or Impulsivity

Gottfredson and Hirschi’s (1990) self-control theory says individuals with low self-control will find crime tempting. There are also suggested a relationship between impulsivity and violence which applies to the cyber world leading to cyber vandalism.

 Psychopathic and Machiavellian Traits

A study of online data collected from 418 U.S. residents shown 5.6% reported enjoying trolling behaviour online. Some say that they are motivated by boredom, attention-seeking, and revenge at the same time having pleasure from causing damage. One specific trait of psychopathy is a lack of empathy (Hare, 2003), which is the inability to experience the emotions of another person or to comprehend the emotions of another person.

 Internalizing Traits

Such traits include depression or shyness. When a person is having those traits they may want to grab attention from the outside world. Some may even say it is to fulfill their self-esteem.

 Social Control and Social Learning Theories

A study from Ang (2015) found that  poor emotional bonds with parents and a lack of parental monitoring relates to cyber aggression. However, other studies say that it is the influence of peers. At the same time, exposure to violence in the media is also associated with concurrent reports of serious violent behaviour (Ybarra, et al., 2008).

 Propaganda/ Publicity

Some vandals do such thing to spread their propaganda whereas others for the sake of publicity. By inserting information about anything into any website, it will automatically grab server’s attention. Moreover, it is free.