Rapid development of information technology (IT) has brought with it many new applications such as e-commerce and global business. The past few years have seen activities in the legislative arena covering issues such as digital signatures, the international recognition of electronic documents and privacy and data protection. Both the developed and developing countries have exhibited keenness to embrace the IT environment. Securing this electronic environment from intrusion, however, continues to be problematic. A particular favorite form of computer crime would be ‘hacking’. As more computer systems move on to on-line processing and improved telecommunications, computer hackers are now a real threat. Legislation criminalizing intrusion and destruction activities directed at computers are needed. Malaysia joined the list of countries with computer-specific legislation with the enactment of its Computer Crime Act 1997 (CCA). This paper focuses on hacking as a criminal act, and compares the Malaysian CCA with legislation from other countries. The current computer crime situation in Malaysia is looked at and exposes the difficulties and obstacles Malaysia faces in enforcing the Act. The paper concludes with recommendations for Malaysia in terms of policy, practices and penalties.


Annamalai, N. “Cyber laws of Malaysia: The Multimedia Super Corridor” (1997), 12(12) Journal of International Banking Law pp 473-481

Bellouin, S. (2001) Computer Security – An End State, Communications of the ACM, Vol. 44, No. 3, pp. 131-132

Carr, J., and Williams, K. (2000), Securing the e-commerce environment: enforcement measures and penalty in the computer misuse legislation of Britain, Malaysia and Singapore, Computer Law and Security Report, 16 (5) 295-310

Chik, Warren (2006), Computer Crime, Cyber Crime and Challenges to Law Making: A Critical Comparative Study of the Adequacies of Computer Crime and Cyber Crime Legislation in the United States, the United Kingdom and Singapore. Paper presented at the VI Computer Law World Conference, Edinburgh, Scotland, UK http://www.law.ed.ac.uk/ahrb/complaw (visited 5th January 2007)

Council of Europe, The Convention on Cyber Crime (ETS No 185), available at http://conventionc.coe.int/treaty/EN/cadreprojects.htm

CSI/FBI Computer Crime and Security Survey, 2005

Durst et. al (1999) Testing and Evaluating Computer Intrusion Detection Systems, Communications of the ACM, Vol. 42, No. 7, pp. 53-61 “Different kind of hijacking is taking place in the skies” at http://abcnews.go.com/sections/us/DailyNews/FakeAirTrafic 000829.html (Visited on 22nd March 2002)

Edappagath, Ajmal (2004), Cyber-Laws and Enforcement by Ajmal Edappagath, Vol. 14, No. 3, December 2004, available at http://www.iimahd.ernet.in/egov/ifip/dec2006/dec2006.htm (Visited on 12th January 2007)

Eschelbeck, G (2000), Active Security – A proactive approach for computer security system, Journal of Network & Computer Application, V. 32 (2), pp. 109-130

Grabasky, P. (2001), The Global and Regional Cyber Crime Problem, The University of Hong Kong Center for Criminology

Granger, S. (1994), “The Hacker Ethic”, Ethics in the Computer Age, ACM Proceedings, pp. 7-9

“Hackers target UK national infrastructure” by Andy McCue, March 26, 2002 at http://www.vnunet.com/News/1130416 (Visited on 12th January 2007)

“Hacking as Political Weapon in Malaysia” USA Today Tech Report, June 12, 2000

Hamzah, Z. (2005), E-Security Law and Strategy: LexisNexis and Malayan Law Journal

Hassan, Wan Faizal Wan, “Malaysia Internet Country Overview”. International Telecommunications Union Workshop on the Internet in South East Asia, Bankok, Thailand 21-23 November 2001

Hiong, Goh Swee (2005), Computer Crime Law in Singapore, pp 83-90 in Zaid Hamzah (eds), E-Security Law and Strategy

http://www.cdt.org/security. The Center for Democracy & Technology website for the recent changes in the U.S. Computer crime laws following the events of September 11th, 2001. (Visited on 22nd March 2002)

http://www..gilc.org/privacy/coe-letter-1000html. The Council of Europe noted the lack of legislation in the areas of authorizing phone tapping and computer crime, but went on to observe that “criminal law is not the central instrument in controlling or steering harmful behaviour” (Visited on 12th January 2007)

http://www.gosci.com/prelea990301.htm, March 5, 1999 (Visited on 12th January 2007)

http://www.hmso.gov.uk/acts1990/Ukpage19900018 en1.htm (Visited on 22nd March 2002)

http://www.kevinnitnick.com. The case of Kevin Mitrick was a highly publicized case. He was arrested in 1995 in Raleigh, N.C., after he was tracked down via computer by Tsotomu Shimomura at the San Diego Super Computer Center. (Visited on 22nd March 2001)

http://www.mdc.com.my/msc.comm/html/cyberights.01.html. The set of laws introduced in Malaysia in 1997, covering computer crimes, copyright, telemedicine and digital signature were referred by the Malaysian Government as “cyberlaws” (Visited on 12th January 2007)

Hull, G. (2000), An Introduction to Issues in Computers, Ethics and Policy, Vanderbilt University (not published)

KPMG (2005), An overview of computer crimes in Malaysia, Isssue 3/March 2005, pp 1-4

“Lord: We need better cyber crime laws” by Tom Espiner, 21st June, 2006 at http://management.silicon.com/government/0,39024677,39159761,00. htm (visited 10th January, 2007)

Loong Caesar (2001), Malaysia’s Legal Framework for Promoting Technology. http://www.asiasociety.org/speeches/caesar.html (visited on 12th January 2007)

Multimedia Development Corporation, Malaysia, Malaysia Cyberlaws. See Malaysian Cyberbills at: http://www.nitc.my (visited at 12th January 2007)

Masden, W. (1998), CIA & NSA Sound Alarm Bells on INFOWAR, Computer Fraud and Security, V. 1998 (8), 1998, pp. 8-9

Malaysia Computer Crime Act 1997

Nair, D. “Cyber law Makers Must Look Into Hackers Minds”, FT Asia Intelligence Wire, April 25, 1997, p B41

National ICT Security and Emergency Response Centre (NISER): Is Cyber Crime Reigning On No Man’s Land, NISER’s Quarterly Bulletin, 2004, Vol. 1, pg. 4

National ICT Security and Emergency Response Centre (NISER): Statistics on Cyber Crime May Not Be Real”, NISER’s Quarterly Bulletin, 2004, Vol. 1, pg. 4

Nurris Ishak (2005), “In Malaysia, it’s a hackers heaven”. New Straits Times, 15th May, 2005

“New crackdown on cyber crime” by Daniel Thomas, 11th May, 2006 at www.itweek.co.uk/computing/news/2155797/cracfkdown-cyber-crime (visited 12th January, 2007)

PP v Tan Fook Sum (1999) 2 SLR 523, the Honourable CJ made certain remarks that it may not be discarded that punishments may be increased, if warranted

Posch, R. (2001) Will the Internet Ever Be Secure? Journal of Universal Computer Science, Vol. 7, No. 5, pp. 447-453

Preliminary Court Report Population and Housing Census 2006, published by the Department of Statistics, Malaysia, 2006

Report “Half of smaller and midsize companies will suffer Internet attack”, CNN Technology News, October 12, 2000

S. 4(1)(a) Malaysian Computer Crimes Act (MCCA), S. 4(1)(b) MCCA

S. 4(1)(a) MCCA

Sani, Rozana, (2003), “Push for more forensic experts”. Computimes, 31st October, 2003

Singapore Computer Misuse Act 1993 (SCMA) (as amended in 2003)

U.K. Computer’s Misuse Act 1990

U.S. Computer Fraud and Abuse Act was created in 1984

U.S. Department of Justice (USA) website: http://www.cybercrime.gov/cccases.html (Visited on 12th January 2007)

UNIRAS website: http://www.uniras.gov.uk (Visited on 22nd March 2002)

Yang, T. Andrew (2001) Computer security and impact on computer science education, Proceedings of the sixth annual CCSC northeastern conference on The Journal of Computing in small colleges, Middlebury, Vermont, pp. 233-246

ZDNetAsia (2001), Malaysian Parliament hackers took it as a challenge. 2nd January, 2001



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.