Current laws inadequate to deal with cross-border cybercrimes, says expert

Kenneth Tee
CyberSecurity Malaysia senior vice-president of Strategic Research Division, Sazali Sukard gives a presentation at the International Association of Counterterrorism and Security Professionals’ Asean Counter Terrorism Symposium in Kuala Lumpur August 27, 2018. — Picture by Azinuddin Ghazali

KUALA LUMPUR, Aug 27 — Existing Malaysian law is inadequate when it comes to dealing with cross-border cybercrimes amid surging global threats, a cybersecurity expert said today.

CyberSecurity Malaysia senior vice-president of Strategic Research Division, Sazali Sukardi, said local laws are only applicable within the boundaries of Malaysia — which makes them impossible to be utilised against external threats.

“There collaboration between investigative parties is necessary in addressing matters concerning cross-border cybercrimes,” he said at the International Association of Counterterrorism and Security Professionals’ Asean Counter Terrorism Symposium here.

Sazali pointed out the limitation imposed by Malaysian law was a common issue faced among local enforcement agencies during investigations into cross-border cybercrimes committed against Malaysians by foreigners overseas.

“For example, a cybercriminal residing elsewhere commits financial fraud on a Malaysian victim through the internet.

“Yet, due to the legal limitations, the victim is unable to seek proper justice because investigators cannot detain the criminal residing outside of Malaysia except with the help of authorities in the home country where the crime was allegedly committed,” he said, adding that the criminal could have disappeared by then.

He said a study coordinated by the National Cybersecurity Agency under the purview of the National Security Council was conducted by the Attorney General Chambers in recent years to determine the feasibility of becoming a signatory of the Budapest Convention.

Also known as the Convention of Cybercrime, it was the first international treaty seeking to address internet and computer crime by harmonising national laws, improving investigative techniques and increasing cooperation among its signatories.

The Convention was first signed in November 2001 and has a total of 56 signatories worldwide.

However, the matter was still under consideration as Sazali believed Malaysia is still “not ready” to be a signatory, as several aspects still needed to be improved on.

“We have to be prepared when we sign the treaty as signatories are expected to contribute to one another mutually.

“What is the point if we sign the treaty yet our infrastructure, manpower or expertise is insufficient?” he asked, urging Malaysia to match the “expectations” of the treaty.

He pointed out the areas that were still lacking when it came to cross-border investigation included insufficient technical expertise, manpower shortages and infrastructure availability.

“In the meantime, the Convention would serve as a benchmark for Malaysia as it moves forward to prepare itself in addressing cross-border cybercrime,” he said.

Related Articles Ministry: Cybersecurity breaches caused RM33.43m losses in 2017 Malaysia among cybersecurity strategy leaders in Asean We knew about data theft since February, dental group now says