New cybersecurity ‘weapon’
It will boost security by centralising enforcement under one entity
THE deputy prime minister says the government will introduce a new law to protect Malaysians against cybersecurity threats, including recruitment and financial sourcing by terrorist groups, among others.
ANEW cyberlaw to ensure more efficient enforcement and punishment against online crimes will become a reality soon.
It will cover offences such as online recruitment and funding of terrorist activities, online gambling as well as cyber-related crimes.
Deputy Prime Minister Datuk Seri Dr Ahmad Zahid Hamidi said the draft of the Cyber Security Bill had been submitted to Attorney-General Tan Sri Mohamed Apandi Ali on Thursday. It is expected to be tabled at the next parliamentary sitting.
“Because the power in this matter falls under the National Security Council (NSC), the tabling will be done by the Prime Minister’s Department.”
He said the law was among the initiatives being implemented to boost the country’s cybersecurity and to centralise its enforcement under a specific entity.
Zahid said the government was serious about tackling cyber offences with an average of 10,000 cyber-related complaints, some of them crime-related, lodged in Malaysia annually.
“The complaints received that were related to the Malaysian Communications and Multimedia Commission Act (1998), Sedition Act (1948) and Defamation Act (1957) have averaged around 10,000 per year.
“The government is serious when it comes to the question of cybercrime because it is part of the jurisdiction of enforcement agencies, which monitor any recruitment related to terrorism; or funding from domestic or foreign sources that are used for terrorism.
“They (enforcement agencies) also monitor those under the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA) or other offences, such as online gambling.
“This is done to protect the interest of the people,” he said at the Sultan Iskandar Customs, Immigration and Quarantine (CIQ) Complex here yesterday.
The Cyber Security Bill is expected to be tabled soon following a high-level meeting on the proposed National Cyber Security
Agency, chaired by Zahid, in Putrajaya on Thursday.
Zahid said the power to enforce regulations on cybersecurity offences would be centralised under the NSC, including streamlining other agencies into one entity.
“The centralisation of cybersecurity under the NSC will involve the powers of CyberSecurity Malaysia (an agency under the Science, Technology and Innovation Ministry) falling under the NSC.”
He said coordinated and centralised monitoring would help enforcement under the proposed law to boost cybersecurity.
“When these processes come under one roof, monitoring can be done around the clock and action can be taken.”
In Kuala Lumpur, Universiti Kebangsaan Malaysia (UKM) Information Technology Centre deputy director Dr Mohd Rosmadi Mokhtar said any move to
strengthen cybersecurity was welcome.
He said over the years the Parliament had passed several laws to deal with cyber activities.
“At the moment, we have the Communications and Multimedia Act 1998 as the main cyberlaw in Malaysia that covers communications and multimedia, including licensing.
“We also have the Computer Crimes Act 1997 for crimes like hacking, spreading viruses and unauthorised access, and Personal Data Protection Act 2010, which protects personal data against commercial abuse or misuse.
“We have the Digital Signatures Act 1997 for electronic transactions, secure online transactions and identity verification, and the Electronic Commerce Act 2006 covers electronic messages and electronic signatures.
Rosmadi said, however, there had yet to be a single cybersecurity legislation like the proposed law.
UKM Cyber Security Unit head Professor Dr Zarina Shukur said besides common areas like intrusion detection, the new law could also focus on cyber threat intelligence and sentiment analysis.
“The fourth industrial revolution will heavily involve the Internet of Things and Big Data. Hence, this new entity must also have expertise in these areas.
“From the psychosocial aspect, areas like cyber criminology can be also be added.” Additional reporting by Tasnim Lokman and Laili Ismail