Virtual safety
9 April 2009 (The Sunday Post)

THE Internet has come a long way since creeping into our homes and bridging gaps between continents. For most parts, the first netizens shuffle along, learning the ropes of the digital world and dealing with online matters as they come.

But in circa 1996-1997, only a handful of the Malaysian population was acquainted with the sound of a model dialing up while others had yet to realise the significance of the Internet in the years to come. Today, the Internet is very much a part of our lives. It's hard to imagine what we did before it became our source of information, communication and entertainment.

It's so easy to get online now that anyone can do it. And there lies a great opportunity for all manner of exploitation — from fairly minor annoyances like forwarded e-mails to more serious matters like cyber bullying and preying on children.

Malaysia's biggest threat in cyber security is twofold, said Lt Col (rtd) Husin Jazri, CEO of CyberSecurity Malaysia, an agency under the Ministry of Science, Technology and Innovation (MOSTI).

"The first is technical exploitation, involving the misuse of technology within the structure of the Internet. An example is malware and bots, utilised by smart people with bad intentions. The second threat is fairly new and coincides with the inevitable wave of new users online.

"It's the soft aspect of cyberworld, only emerging about two to three years back. It's things like defamation and building up agendas that are not truly progressive," he added.

According to him, things like illegal gambling, get rich quick schemes and intrusion of privacy fall under the soft aspect of the Internet. The misuse of technology can affect individuals or strike, on a larger scale, whole organisations on a local or national level.

Husin also pointed out that the Internet was not to blame, using the simple analogy of a tool. "Technology is like a knife. You can put it to good use, like cutting up food to cook, or hurt people with it," he said.

CyberSecurity Malaysia was set up on January 13, 1997 and known then as the Malaysian Computer Emergency Response Team or MyCERT.

Its main task was to respond to computer security issues among Malaysian internet users. MyCERT became a familiar name in e-mails issued by service providers with regards to the latest virus or scams.

In 1998, MyCERT was part of the National ICT Security and Emergency Response Centre (NISER) which came about when the National IT Council directed that an agency be formed to address ICT security issues in Malaysia.

As part of MIMOS Berhad's rationalisation exercise in 2005, the Cabinet decided that NISER should be separated from MIMOS and hence became a company limited by guarantee and owned by the Malaysian government under the purview of MOSTI.

In April 2006, the National Information Technology Council (NITC) Meeting 1/2006 agreed that the National Cyber Security Policy (NCSP) be adopted to address growing threats in critical areas. NISER began the transformation process to become the Malaysian Cyber Security Centre and was given the additional mandate to help the government implement the NCSP.

NISER was officially renamed CyberSecurity Malaysia and registered with the Companies of Malaysia (CCM) on March 30, 2007.

In a nutshell, they're your one-stop National Cyber Security Reference and Specialist Centre. Don't let big techy words put you off. It's true they deal with practical online security matters and heavyweight issues like digital forensics and data recovery. But they haven't forgotten the majority of users out there are casual surfers who may not have realised that Bill Gates isn't sending them anything for forwarding that e-mail.

For those who may not have finely-honed web savvy, they can still talk to Cyber999 if uncertain about how to proceed.

Cyber999 is an agency under MOSTI, formed to help Internet users in Malaysia. Nothing is too small for them when it comes to safety online, especially when certain individuals are out to take advantage of others.

The matters you can refer to Cyber999 include malware infection, intrusion, intrusion attempts, harassment, spam and malicious websites.

Being on the Internet means that certain matters fall under grey areas not necessarily dealt with by the law. An individual may not be able to do much or even know where to begin if he finds himself at the wrong end of a privacy issue like identity theft. This is where Cyber999 can help. "We can come in as a verifier between individuals and corporations like Google. We do interact with Google, Facebook and other similar sites." Husin said.

While Cyber999 offers advice on dealing with cyber attacks, it's not an enforcement agency. Victims will still have to lodge reports with relevant authorities if they wish to pursue the matter. But where the law is concerned, Husin is clear about where he stands. "It's bad attitude to disregard the laws of the country. If you don't respect the law, how do you ensure harmony? It's basic ethic," he said.

Which brings us back to the analogy of the knife. You have the tools. But what do you use them for? The Internet is undoubtedly one of the most useful tools of this time and age. But there is also a dark side, often used as an excuse by people not interested in embracing technology. For example, bullying may be limited to the school ground a mere few years ago. But with blogs, forums and instant messaging, it has been taken to a new level.

"Cyber bullying is no longer just among classmates," Husin said, adding that even teachers became targets.

The key to countering this is education.

Husin revealed that schools were pro-active in inviting qualified people to give talks on how to deal with the virtual life.

CyberSecurity conducts training and outreach services, focusing on a range of educational initiatives such as introducing school children to basic internet safety guidelines, developing e-security awareness and giving cyber security training and certification for professionals. There's something for everyone.

What Husin and CyberSecurity Malaysia would like to get across to the netsurfing public is that unbiased professional help is available if something untoward happens to them online. "We want to help people and their loved ones feel safe online but they need to communicate with us. If the information is private or personal, we will treat it as such with honour," he assured. Prevention is better than cure and according to him, if you are not sure about something, there is no harm e-mailing Cyber999 for their opinion.

"One line may save lives," he said.

This is especially vital at a time when young people keep running off to meet people they believe to be of their age. But there are other schemes out there ready to replace things people are not falling for anymore.

"Educate, educate, educate," Husin said.

"Visit our website. There are resources for everyone."

The resources cover dealing with email abuse, fraud, malicious software and web security. They also update the site with regular alerts and advisories, as well as the latest malware.

The information on the website is relevant whether you're in Malaysia or Maldives. As such, other countries are even requesting the rights to translate it into their own language.

"It would be a shame if Malaysians aren't making use of it," Husin said.

CyberSecurity was conferred the BrandLaureate SMEs Chapter Award 2008 on January 9, 2009 for brand excellence under the Corborate Branding, ICT Category.

See how CyberSecurity Malaysia can help you stay safe online by visiting them at http://www.cybersecurity.my.