After searching Internet, I found an interesting cyberlaw case and can be use to analysis purpose that is regarding identity theft and hacking case that happened in US and the defendant is an Malaysian.
Below is an brief introduction of the case
Lin Mun Poo, age 32 was arrested on Oct 21 2010 at US, for selling $1000 worth of stolen credit card numbers at Brooklyn diner
- After arrested and inspected his laptop, U.S. Secret Service investigators found more than 400,000 stolen credit and debit card account numbers allegedly obtained by hacking into various computer systems of other financial institutions
- defendant was charged for hacking, fraud and identity theft
- defendant was found hacking into companies' networks and selling the sensitive information he uncovered
- for example: hacked into the FedComp system and accessed data belonging to many victims, including the Firemen's Association of the State of New York Federal Credit Union and the Mercer County New Jersey Teachers' Federal Credit Union.
- defendant admitted to compromised the computer networks of several major international banks and companies, and admitted earning money by finding and exploiting network vulnerabilities or trading and selling the information
- defendant also hacked into a major Department of Defense contractor, which provided systems management for military transport and other highly sensitive military operations
I noticed that one of the charges of that similar with Computer Crimes Act in Malaysia for unauthorized access is below
- Under United States Sentencing Guideline S 2B1.1, which assigns a minimum of loss amount of $500 per unauthorized access device (resulting in a total loss amount of at least $20 million), estimated Guidelines range for Count One alone is 78 or 97 months
Let's assume and analysis if the defendant is arrested and found hacking in Malaysia, in my opinion,
- The defendant will be charged under Computer Crimes Act 1997 that is misuse of computers to commit fraud and identity theft
- Under section 3(1), defendant is found guilty of Unauthorized Access because of his intention that cause computer to secure access to data in financial and national security, military sectors like banks and military transport systems, the access is unauthorized and lastly he had the knowledge to access to the network
- if guilty, he will be fine for amount maximum of RM50000.00 or 5 years imprisonment or both
- Under section 4(1), defendant is found guilty of unauthorized access with intent to commit fraud/dishonesty by earning money through finding and exploiting network vulnerabilities or trading and selling the information contained and selling for example selling credit and debit card account numbers
- if guilty, he will be fine for amount maximum of RM150000.00 or 10 years imprisonment or both
- Under section 5(1), defendant is found guilty of unauthorized modification of contents of any computer. In this case defendant had admitted earning money by finding and exploiting network vulnerabilities or trading and selling the information through modification of database
- if guilty, he will be fine for amount maximum of RM100000.00 or to 7 years imprisonment or both
Please refer below links for more details about Lin Mun Po
Sample of Lin Mun Poo Case
*Note above texts is my comments
No comments:
Post a Comment