Sunday 30 October 2011

Innovation nation: What exactly works?

At Your Service by Dato' Madinah Mohamad,  
Secretary General of Ministry of Science, Technology and Innovation, Malaysia

Saturday 29 October 2011

Hacker Wannabe

Although, I’m CEH certified, by no means I’m an agent of EC-Council and promoting this course.

Modules: Introduction to Ethical Hacking, Footprinting and Reconnaissance, Scanning Networks, Enumeration, System Hacking, Trojans and Backdoors, Viruses and Worms, Sniffers, Social Engineering, Denial of Service, Session Hijacking, Hacking Webservers, Hacking Web Applications, SQL Injection, Hacking Wireless Networks
Evading IDS, Firewalls, Honeypots, Buffer Overflow
Cryptography and Penetration Testing.

What I want to say here if your are new to cyber security, this could be a good start for you. Then you need to develop yourself onwards to become a cyber security expert. If there is a will, there are many ways and you can do it.

Friday 28 October 2011

Die Hard 4 and Hacked Football Association Malaysia Website


When I was invited as a speaker and panelist at a conference organized by Attorney General’s Chambers of Malaysia in 2010, I did repeatedly mention about the movie Die Hard 4 to the audience. It was not about Bruce Willis (even though I admire him as one of the great actor of Hollywood) but on the “inevitable”…What’s coming forth?
This movie perfectly illustrates the catastrophe. It gives you an idea about Cyber Warfare or Cyber Terrorism devastation.

We live in this borderless world and our cyberspace gateways are purely managed by electronic machines…routers, firewalls, switches and etc. Machine is still a machine, where it will obediently operates as per instructions. It will be no more, no less. Some machines will have some sort of intelligence but susceptible to false positive.

I’m not going to argue on the issue between the football fans and FAM but merely to share on the cyber security incident generally.

What I want to share here is the system that we own is our responsibility. It is just like our house that we need to secure by putting grills, alarms, CCTVs, pad locks and etc. When we were given the house keys by the developer, normally the house is without the above mentioned items.

The same goes to any IT system be it wireless router, laptops and etc. When you take it out of the box, by default, the security of the item is minimal. It is our responsibility to improve the security.

This article is a good read. USA’s View on World Cyber Security Issues,” by N.Schneidewind [1]. He wrote on new legislation in regards to security issues is highly thought of. This is factual because the law is not evolving fast enough as the technology. The technology is borderless but not the law. The author touches on a few important things as follows.
-          Little evidence that the world is secure
-          Understanding of technical and policy issues is important
-          Then calling for new legislation would be easier
-          Research and innovation are important
-          Above all, the technical implementation of the National Strategy to Secure Cyber Space
  
The author also mentioned about new thinking on how to solve the cyber security problem and implementation of plans to solve the problem that have been proposed but action has been lacking.

[1] N.F.Schneidewind. “USA’s View on World Cyber Security Issues,” in Cyber Warfare and Cyber Terrorism, L.J.Janczewski and M. Colarik, Hershey, PA: Information Science Reference, 2008, pp. 446-452.

Thursday 27 October 2011

Headache and Wish of a Digital Forensics Analyst


The world of digital forensics is getting evermore challenging. Storage capacity is getting higher, cloud computing, mobile phones and the list goes on. We, the digital forensics professionals strive to investigate and analyze our case item and the process must be forensically sound.

Why not we have forensically sound IT equipment instead. It makes life easier isn’t it? There is a paper by Huebner [1] who shared on this predicament. 

[1] E.Huebner and F.Henskens. “The Role of Operating Systems in Computer Forensics.” Operating Systems Review and ACM SIGOPS, 2010.

Wednesday 26 October 2011

7,404 cyber security incidents handled by CyberSecurity Malaysia this year

KUALA LUMPUR July 15 2011 — A total of 7,404 cyber security cases were handled by CyberSecurity Malaysia’s Cyber999 Security Incident Help Centre during the first half of this year, compared to 2,991 incidents reported in first half of 2010. CyberSecurity Malaysia chief executive officer Datuk Husin Jazri said the number of incidents jumped significantly compared to last year, with an increase of 147 per cent. "The increase of cyber security incidents in Malaysia is closely related to the increase of Internet usage in the country. At present, Malaysia has more than 17 million Internet users and the number is growing due to the support from the robust development of broadband infrastructure. Efforts should be made to increase cyber security awareness among Internet users in Malaysia, and we at CyberSecurity will continue to play our role by conducting awareness programs, offering cyber security services, as well as collaborating with various organisations to ensure that the goal is achieved.” he said.

Husin made these comments here today at a media briefing on the cyber security scenario in Malaysia at Wisma Bernama. He noted that in the first six months of 2011, all cyber security incidents categories have recorded a significant increase, with fraud related incidents leading the list, followed by spam, intrusion attempts and others. "Phishing, that is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication, showed the highest recorded cases in fraud related incidents. As fraud becomes more significant, particularly phishing related incidents, CyberSecurity has taken the initiative by developing a plug-in known as ”DontPhishMe” to provide protection against Internet banking threats, particularly from phishing. It has received commendable and respected views from the industry and the public. The current version, 1.6.0, is now available to the public at large, having passed thorough reviews by Mozilla and Google.” he said.

The Cyber999 Help Centre, a one-stop public service centre mainly for Internet users to lodge reports on cyber security incidents, has recorded 22,208 cyber security related incidents since 2002, he said.

Husin said CyberSecurity and the industry would continue to collaborate with partners such as Microsoft to improve security, privacy and also to increase the public’s awareness. "A combined effort helps to protect the broader online community from the threats propagating today and develop more secure software solutions to prevent criminals from reaping the benefits.” he said.

At the same media briefing, Microsoft Malaysia national technology officer Dr Dzaharudin Mansor said Internet users in the country must know the correct way to secure their computer's data and software. "You need to keep all the software on your system updated, run anti-virus software from trusted vendors, avoid pirated software from sites you are not sure of, and ensure the use of strong passwords.” he said.

— BERNAMA

Tuesday 25 October 2011

Digital Forensics PhD or Permanent Head Damage and 5,126 Failures!

My intention is not to discourage people from pursuing their study at PhD level but sincerely to advise them.

Some may say researcher or scientist experience much failure than success.  Well, this is true. Failure is the next step to success. Go to this link and read about Sir James Dyson, very interesting.


Sometimes you may be very demotivated. As such, take note of the points below before you decide to go for the PhD.

-         You must be PASSIONATE about the research subject…don’t let your supervisor decide for you.
-         You must have funding, equipment and good data sets.
-         You must get knowledgeable supervisor or at least who could understand you well.
-         You yourself must be knowledgeable in the subject area.
-         You must be doing something important and significant.
-         You must plan to start earlier and not only thinking of it in the 3 years.
-         Last but not least, above all, your work must be original and new. In other words, you must INNOVATE.

This is a good book to read.



Monday 24 October 2011

Facebook Cases in Malaysia

Facebook cases in Malaysia are on the rise.  Please refer to the link below (for those who don’t understand Malay language, please google translate it).

Most probably many fall victim at wifi hotspot (Starbucks, hotel and etc).  For those who are unaware…anyone can gain access to your facebook…please refer to the link below.

At CyberSecurity, we provide various guidelines for you to read.  It is for your safety in the Cyberspace.  Please refer to the link below.

2009 Information Security Leadership Award (ISLA) by ISC2

Aswami Fadillah Mohd Ariffin GCFA, CWSP, CEH
Head of Digital Forensics
CyberSecurity Malaysia

Aswami, who is a GIAC Certified Forensics Analyst (GCFA), graduated from University of Liverpool in the United Kingdom, with a Bachelor’s degree in Electronics Engineering. He also holds a Master’s degree in Management from University of Malaya. He began his career at Sime Darby Berhad, one of the well known conglomerates in Malaysia, and was responsible for overseeing Malaysia’s tallest building, the Petronas Twin Towers and Mid Valley City, one of the largest shopping malls in Kuala Lumpur; back-up power supply SCADA system projects.

In 1999, he joined MIMOS Berhad, a government-owned agency for national microelectronics R&D centre. Later, he was entrusted to lead Digital Forensics Department under National ICT Security & Emergency Response Centre (NISER), now known as CyberSecurity Malaysia.

He specializes in Wireless LAN Security and is a Certified Wireless Security Professional (CWSP). Along with GCFA and CWSP, Aswami is a Certified Ethical Hacker (CEH) and has attended various forensics training sessions.


With Y.B. Datuk Seri Panglima Dr. Maximus Johnity Ongkili, MOSTI's minister.

Sunday 23 October 2011

Digital Forensics: The matrimony between technical and legal realms


Digital forensics or cyber security can’t do away with legal requirements.  It is a must in digital forensics whereby everything you do must abide to legal proceeding.  For a techie guy, most probably it is cumbersome to process a technical subject according to a stipulated process.  It can be aggravating to these geeks.

However, you are liable to scrutiny when you appear in the court of law.  If you are not well prepared, you can be grilled by either the prosecution or defense attorney depending on which side you are.  Of course you need to avoid this or totally discard your digital forensics profession altogether.  So you must buck up with a reasonable SOP.

Apart from SOP, a digital forensics analyst must be well versed with their country cyber laws.  In Malaysia we have several acts that fall under cyber laws as follows.

-         Evidence Act 1993, to allow the admission of electronic evidence
-         Computer Crime Act 1997, to criminalize certain forms of conduct targeted at computers
-         Communication and Multimedia Act 1998
-         And many more…

Saturday 22 October 2011

Digital Evidence


 If you need to get info on digital evidence this could well be the place.

http://www.stephenmason.eu/

Kernel Module – Device Driver

Have you ever thought of developing your own device drive? Luckily in Linux there is virtual file system (VFS) trying to read every each storage media attached to it. If the media is proprietary then it is trouble…

You may need to develop your own device driver.
-         character or block device
-         compiling kernel module…gcc
-         insmod
-         lsmod
-         dmesg
-         rmmod and etc

The above is not all…there are still more to be considered!!!

Introduction to Linux device drivers by Raghu Bharadwaj (www.techveda.org).


Friday 21 October 2011

Innovation in Digital Forensics

Before I joined CyberSecurity Malaysia sometime in year 2003, I was working at MIMOS (MYSEM, semiconductor division) - http://www.mimos.my/.  I was amazed with MIMOS achievement and the most intriguing part was its motto “Innovation for Life”.

In Digital Forensics, most probably the number of practitioners is more than the researchers. Or a practitioner may also be a researcher. Doing both tasks might be too heavy to carry. However, a researcher is always associated with innovation.

Talking about innovation, I have great respect for the work done by Jesse Kornblum, Kris Kendall and Nick Mikus on their Foremost program. Also, Golden G. Richard III has improved file carving called Scalpel.

This is what I called innovators and what’s most important they share their expertise.

Thank you guys.

Thursday 20 October 2011

The Advancement of IT: A Digital Forensics Dilemma


The new generations of computer application are getting intricate. This is due to the current demand and trend. YouTube Internet application is the nearest example and connecting to it preferably needs broadband. The broadband connection is required for heavy and complex computer applications. High-end computer, broadband network, and complex application are the current technologies of the IT. These technologies are to meet the modern digital lifestyles. New electronic equipments are aspired and as a result, manufacturers are competing and actively introducing their new products.

Combining computer processors to be high-powered computer or supercomputer is probable for well-funded organization. Otherwise, cloud computing could be an option available but the technology and actual cost of it is uncertain. A lot of discussion is ongoing on cloud computing to address this forth-coming technology vulnerability. The option for cloud computing had a discussion on security and privacy. Minqi Zhou et al. [1] found users concern was not fully sort out and more should be added in terms of five aspects. They are availability, confidentiality, data integrity, control, and audit. The cloud computing solution has created another technical challenge in the digital forensics perspective. The data storage is located in multi places. This setup makes digital evidence acquisition unworkable. It adds up to the intricacy in digital forensics and another need for research. Taken as a whole, how secure is our computer installation remains doubtful. The computer and application deployment are built with security secondary. The concern on its security is little. This mind set has to be changed with computer security as priority for safer usage.

[1] M.Zhou, R.Zhang, W.Xie, W.Qian, and A.Zhou. “Security and Privacy in Cloud Computing: A Survey,” in Sixth International Conference on Semantics, Knowledge and Grids, 2010, pp. 105 -112.

Wednesday 19 October 2011

File Carving


As a digital forensics practitioner, we depend so much on tools for our day to day work.  Be it commercial or open source.  It is good if you could spend some of your time knowing how these tools operate. For a start, look into file carving and specification.  You’ll be amazed.  
There is a good paper on “The Evolution of File Carving” by Anandabrata Pal and Nasir Memon.
In previous years, DFRWS conducted Forensics Challenge based on file carving. http://www.dfrws.org/

Tuesday 18 October 2011

Multimedia Forensics 1

There is a lot of case in Malaysia that needs multimedia forensics expertise.  Professor Hany Farid is one of the few experts.  Below excerpt is taken from http://en.wikipedia.org/wiki/Hany_Farid.

“Latest controversial images verification report over the Opposition Leader of Malaysia
He was reported to be one of the person who prepare a report of video analysis together with Professor Lorenzo Torresani in a sex trial in Malaysia.  It was stated that on 4 June, experts from Dartmouth College, Hanover, New Hampshire in the US verified the authenticity of the video, that there was no tampering or any act of super-imposing and that it originated from a DVR camcorder taken from Datuk Shazryl.”

To get some perspectives of multimedia forensics watch this video – NIST Colloquium Series: Digital Forensics.

CWSP




The training is quite interesting. A lot of networking and hacking stuff.  Some of the tools are available from the Internet for free.  But do not use it against the law. I went through it years ago and obtained the certification.

File Systems

This book by Brian Carrier is a must for all digital forensics analysts.  To those who are new to digital forensics, file systems knowledge is compulsory.  It ranges from the simplest FAT32, NTFS, EXT3, HFS+, ISO9660 and etc.  One day there would also be a case item with proprietary file system.
So, be prepared!

Monday 17 October 2011

System Programming

If you are serious about digital forensics, you need to involve yourself with system programming.  It is simple...start with C programming. There are a lot of things you can do with C. Then move on to C++ and later you could also include some visuals.


I feel that Linux programming can improve your skill tremendously in system programming. C is created for system development and the birth of Linux is possible because of C itself.


So, with C system programming skill, you are able to develop Digital Forensics tool and this book can be a good reference. Some of the topics covered are as follows.
  • Shell programming
  • Working with files
  • Linux environment
  • Terminals
  • Data management
  • MySQL
  • Development tools
  • Debugging
  • Programming KDE Using GTK+

iPhone Forensics

Mobile phone forensics has been a tough case item to analyze in the early days.  It is not the same as hard disk forensics because the file system is unknown.

I've done iPhone file carving and it was successful.  You can jail break or use Zdziarski method - http://www.zdziarski.com/blog/.  But jail breaking iPhone is not forensically sound.

Are you interested in this area?

My UniSA - PhD Forensic Computing

If you need to further your study on Digital Forensics at PhD level...this could well be the best uni for you.

We could explore other digital forensics research areas and work as a team.

There are plenty of topics that may be of your interest.

Digital Forensics Journal Paper

If you are really serious in writing a journal paper, these are the best places for submission.

- IFIP Working Group 11.9 on Digital Forensics
- JDFSL
- DFRWS

It will be tough but worth it. You will be assessed by the best in the world of digital forensics.

2011 secau Security Congress, Perth, Australia

For PhD or master students who need to present your paper this security congress could be the right place for you.

EnCase Portable

I'm using this EnCase Portable.  Really convenient if you need to be quick at the crime scene.  If you are only analyzing email application, this is a good tool.

More info: http://www.guidancesoftware.com/encase-portable.htm

Cybersecurity R&D

Just to share on Cybersecurity R&D.

The R&D contributions in cyber security are overwhelming. There are many researchers in this field addressing every each gap. The United States of America under the Department of Homeland Security had produced documentation on A Roadmap for Cybersecurity Research in year 2009 [1].

The R&D investments recommended in this roadmap is to solve the computer vulnerabilities. The document provided detailed R&D agendas relating to 11 hard problem areas in cyber security. The 11 hard problems are as follows.

·      Scalable trustworthy systems
·      Enterprise-level metrics
·      System evaluation life cycle
·      Combating insider threats
·      Combating malware and botnets
·      Global-scale identity management
·      Survivability of time-critical systems
·      Situational understanding and attack attribution
·      Provenance
·      Privacy-aware security
·      Usable security

One notable subject is digital forensics. No country can afford to leave out digital forensics R&D because of its of importance in the cyber security. The digital forensics skill sets as practitioners and researchers are mandatory. The IT is getting complicated and the ability must be increased at the same level if not one step ahead. The file system technology can be an example on the complexity.

[1] Government of the United states of America, Homeland Security. A Roadmap for Cybersecurity Research, 2009.

Digital Forensics Metamorphosis - Expert Witness

The above title is interesting isn't?

Please let me refer to the StarOnline news on Aminulrasyid Case: Cop Guilty of Causing Death dated 16 September 2011

I’m not going to delve into the case but to share on one of the judge rulings. The judge was quoted “The court respects him for his experience but agrees with the prosecution that he is not an expert witness. His testimony is based on his experience and not expertise”. The expert witness was Mr. Amidon Anan, a former forensics lab chief of the police crime scene investigation unit. He was undisputable during his tenure at PDRM.

What is the lesson learned? The reality and expectation of an expert witness has changed. The legal and forensics realm have evolved too, to meet the demand of today’s community. It is anticipated more to come in the near future. We have excelled in digital forensics as practitioner. Is this enough in time to come? 

Many of the world best digital forensics practitioners are also world best digital forensics researchers such as Michael Cohen, Simson Garfinkel and Brian Carrier. These people are Digital Forensics Gurus who developed tools (PyFlag, Autopsy & etc). 

Are we able to stand tall among them? We need to think! It is time to change!

Cyber Detective/Mata-mata Jenayah Maya

An introduction of myself and the development of this field in Malaysia.




In the future, I will share more on digital forensics R&D.
___________________________________________________________________________________
Cyber detective
By EE-LYN TAN

The rise of technology-related crime has brought computer forensic analysts to the fore.

FANCY becoming a crime scene investigator (CSI) in cyberspace? Thanks to television shows like CSI, people are now more aware of what computer forensic analysts like Aswami Fadillah Mohd Ariffin does for a living.

Although what is depicted is not always accurate, the digital forensics head at Cybersecurity Malaysia says television has done a great job of promoting his profession.

“You can't really enhance a poor image with the click of a mouse like what you see on TV. It's a lot more complicated,” says the 36-year-old with a laugh.


ASWAMI: I love how challenging the job can be.
Aswami graduated with an electronic engineering degree from the University of Liverpool, United Kingdom, in 1996, and has worked on several high profile cases.

Recently, he was called as an expert witness in the murder trial of Mongolian Altantuya Shaariibuu. He helped police extract data from handphones, SIM cards and laptops.

Aswami is currently pursuing a Masters of Management at Universiti Malaya, part-time.

My job involves ...

... the use of science and technology to investigate and establish facts in the court of law.

I work with digital evidence, which includes data recovery and code breaking of CD-ROMS, USB thumb drives and handphones.

It is our job to investigate when there are incidents of intrusion or malicious activity such as important data being deleted in systems as well as hacking and fraud.

For example, when a malicious text message is sent, we will retrieve the data and work with the telecommunications company to trace the origin and submit the information for prosecution.

At the end of the day, we are involved in determining whether an individual has been involved in wrongdoings or is innocent.

Analysts are required to detect cyber crimes.
We are also starting to venture into video and audio forensics, which is rapidly developing.

My morning starts with ...

... browsing e-papers to catch up with the latest in technology as it is very important to be updated.

Throughout the day, I'll also have meetings with lawyers to go through any issues or evidence.

Besides that, I will review reports and vet through case analyses with my team of 10 analysts.

I also manage our budget and keep an eye on expenditure.

To qualify, you need ...

... a degree in electronic engineering, preferably with experience in research and development.

Be warned: If you send a malicious text message, computer forensic analysts will be hot on your trail.
A qualification in computer science or computer engineering is also quite common in this field.

A master’s degree is also valued.

We train and mentor new graduates. This is important so that they can then work independently.

It is common for analysts to share and talk about their cases and give each other feedback.

The best person for the job is...

... someone who has a strong personality, is creative, innovative, positive, passionate and patient.

When doing a case analysis, it can get very tense and there is also a lot to do, so it's important to be patient.

Passion is another element that will help because when you're passionate about what you do, the job isn't boring.

As a computer forensic analyst you want to get results and solve cases, so that keeps you going.

This job involves a combination of technology and law so some legal knowledge would help.

But you can also learn the legal aspect on the job so you don’t need prior knowledge.

Prospects for the future ...

... are very bright. I recently attended an international conference and discovered that Malaysia is not very far behind the rest of the world in terms of computer forensics although we are still relatively new in the field.

In the past, we used to have to consult analysts from abroad because we didn't have this expertise in Malaysia.

The demand for analysts is going to grow as the number of “cyber crimes” or computer-related crimes are on the rise.

I love my job because ...

... of its uniqueness. No two cases are alike.

I love the challenge and feeling of knowing that I am learning something new every day.

Besides law and technology, deduction also plays a role – you figure out certain things about people from just their behaviour, which can be very interesting.

What I dislike the most ...

... is when I'm unable to solve a case.

For example, sometimes we are provided with CCTV footage that is of very low quality and there is no way to enhance the footage, which makes life very difficult.

A millionaire by 30?

I don't see why not. We've got millionaire lawyers so why can't there be millionaire computer forensic analysts? (laughs!)

Fresh graduates can expect to earn between RM2,000 and RM2,500 a month.

With education, effort and experience, it's possible to become a senior analyst in two to three years and earn about RM7,000.

But this depends on the individual.

____________________________________________________________________________________

RENCANA UTAMA

Si mata-mata jenayah maya
Kes Altantuya, Lingam pencetus dimensi baru forensik digital negara

SIAPA yang tidak tahu kes melibatkan video klip peguam Datuk V.K. Lingam dan kamera litar tertutup (CCTV) Altantuya Shaaribuu yang hangat diperkatakan kini. Namun tidak ramai yang tahu insan yang kadangkala mengambil masa berminggu-minggu untuk merungkai kesahihan bukti kes berprofil tinggi itu.

Di sebalik pengaruh siri penyiasatan televisyen popular CSI yang menampilkan pelakon seperti Gary Sinise, Melina Kanakaradey Bonaseva dan Anna Belknap, negara kita tidak ketinggalan memiliki penyiasat forensik digital ‘alam maya’.

Wartawan AMREE AHMAD dan MEGAT LUTFI MEGAT RAHIM menyelami ‘dunia’ penyiasat forensik digital bersama Ketua Forensik Digital CyberSecurity, Aswami Fadillah Mohd. Ariffin, 38, di pejabatnya di Seri Kembangan, Selangor baru-baru ini.


ASWAMI FADILLAH MOHD ARIFFIN

KOSMO! Ahad: Anda tidak gentar menjadi saksi pada perbicaraan yang mendapat liputan meluas seluruh negara kini?

ASWAMI FADILLAH: Sebenarnya pihak forensik digital, CyberSecurity bekerjasama dengan semua pihak terutamanya pihak polis dan Badan Pencegah Rasuah (BPR) bagi setiap kes yang memerlukan bantuan kami.

Setakat ini, pihak pengurusan hanya memberi autoriti kepada saya dan seorang lagi pakar forensik digital untuk menjadi saksi pada perbicaraan mahkamah daripada 20 orang kakitangan yang terdapat dalam bahagian kami.

Merujuk kepada soalan anda, saya harus bersedia 100 peratus. Jika tidak lidah akan kelu berbicara saat orang menumpukan perhatian pada saya.

Bagaimana memastikan bahan bukti dalam keadaan baik?

Sebenarnya imej digital yang disimpan dalam kad memori tidak akan rosak sekiranya dipindahkan ke mana-mana termasuk komputer peribadi memandangkan bukti itu dalam bentuk elektronik. Ia akan kekal kerana pemindahan itu dibuat secara keseluruhan dalam bentuk yang tepat.

Isu ketulenan dan keaslian fail serta imej yang disalin dan dipindah tidak timbul kerana semuanya adalah tulen sekalipun ditukar kepada format berbeza.

Kami juga mendapat pengiktirafan daripada Piawaian Teknologi Kebangsaan iaitu sebuah pertubuhan yang membuat piawaian dan mengesahkan semua peralatan forensik.

Macam mana pula alatan yang digunakan?

Saya tidak memilih alatan sebenarnya. Saya akan menggunakan setiap alatan yang dapat memudahkan siasatan yang dijalankan. Apa yang penting, penganalisis itu sendiri harus berfikiran analitikal dan yakin untuk merungkai kesulitan yang dihadapi.

Disebabkan itu ada yang tidak bercuti sehingga dua minggu dan bekerja sehingga lewat malam bagi memastikan kami bersedia dengan siasatan yang teliti dan rapi.

Berapa lama tempoh yang diberi untuk mengendalikan satu-satu kes?

Sebetulnya tiada tempoh masa yang diberikan tetapi saya dan rakan bersedia setiap masa apabila mendapat arahan.

Berapa peruntukan yang dikeluarkan pihak kerajaan bagi menangani ancaman dunia siber kini?

Tiada fakta yang tepat sebenarnya. Jika 2002, bekas Menteri Tenaga, Komunikasi dan Multimedia, Datuk Amar Leo Moggie menyatakan Malaysia mengalami kerugian RM22 juta kerana terpaksa menyelesaikan pelbagai masalah akibat ancaman dan serangan berkaitan ICT, saya yakin angka itu bertambah dari semasa ke semasa.

Setakat ini, seluruh dunia membelanjakan AS$9 bilion bagi menyediakan peralatan untuk menangani ancaman berkaitan ICT dan saya yakin kerugian yang dialami melebihi angka tersebut.

Bagaimana pula kadar kenaikan jenayah siber setiap tahun?

Jenayah meningkat setiap tahun pada perkiraan 40 hingga 50 peratus. Ini berdasarkan teknologi yang semakin berkembang serta kadar jenayah berjalan seiring dengannya. Selain itu, penjenayah semakin licik dengan teknologi. Kita harus sama memantapkan diri dengan ilmu teknologi setiap masa.

Apa pendekatan digunakan penjenayah siber kini?

Penjenayah sekarang bijak. Mereka tidak akan berbincang melalui telefon dan berjumpa semata-mata. Mereka turut menggunakan kod tertentu yang sukar difahami dan kita memerlukan masa untuk mengesan dan mengambil tindakan.

Bagaimana harapan saudara mengenai masa depan dunia forensik digital?

Selaras dengan peningkatan kes-kes yang melibatkan ICT, saya berharap kerajaan dapat menubuhkan Mahkamah Digital seperti di Amerika Syarikat untuk memastikan segala prosiding dapat dilakukan dengan segera dan lebih cekap.

Sunday 16 October 2011

Digital Forensics and Cyber Security Evangelist Forum

Hi folks!

I’ve created this digital forensics, cyber security and info tech blog for us to share our knowledge and experience. It is hoped that this blog would be a good resource and beneficial to those seeking information in this important field. You are also encouraged to provide valuable inputs.

AA