Cyber-criminology defense in pervasive environment: A study of cybercrimes in Malaysia

Received Jan 29, 2020 Revised Nov 6, 2020 Accepted Apr 30, 2021 The growth of technologies; infrastructures and platforms with less or no security protection in emerging big data and internet of things (IoT) trends increase the likelihood of cybercrime attacks. With the rise of coronavirus disease-2019 (Covid-19) pandemic towards mankind, more cybercrimes are designed to penetrate one’s cognitive mind in revealing sensitive details. In this paper; an exploration of cybercrime threats in Southeast Asia country; Malaysia from year 2008 up to 2020 and its hike trends and impacts will be discussed. An investigation revolving the study of cyber-criminology and the reasoning behind the growth in terms of technological advancement will be presented. The findings suggest that the consequences and impacts of the cyberspace attacks are beyond the loss of money and reputations. It now becomes the failure of the global systemic altogether. As a mechanism to handle this would be to focus on protecting mission critical applications in pervasive environment. In this paper, a comprehensive authentication and authorization framework in safeguarding applications and users in the pervasive environment will be presented.


INTRODUCTION
The advancement of big data and internet of things (IoT) technology trends in the gathering; processing and generating intelligence services have impacted our life towards betterment. The high-volume data gathered means more valuable information generated in terms of analytics, which could act as predictive and prescriptive in various domains such as health care; e-commerce; transportation and others. The increased cybercrime due to Covid-19 in 2020 worldwide are at its perilous magnitude causing losses in terms of money and trust towards technology [1] mentioned above. The study of cyber-criminology integrates both the domain of criminology sociology and psychology but towards crimes leveraging the cyberspaces specifically. The definition of cybercrime revolves around the offence or crime committed in cyberspace through tools such as a computer; smartphones using a network system intending to breach confidentiality, integrity, and availability [2] of any assets. There are many purposes of cybercrime act which include financial gain, entertainment, and activist for political or religious purpose and for revenge [3]. The impact of any security attacks may lead to losses in monetary, reputation and even nation sovereignty [4].
One main catalyst of crime in cyberspace is due to its nature and characteristic which conform to dynamic spatial temporal coupled with identity flexibility, anonymity and lack of deterrence [5]. The nonexistence or blurs the line between space and time in cybercrime and traditional based crime leads to 1659 online offenders getting away from being tracked. The usage of technology such as a smartphone is booming in ASIA Pacific [6]. China, South Korea, and Malaysia recorded more than 50% of it are the country's populations as mobile device users [6]. Accordingly, Petrenco (2019) [7] claimed cyber-attacks as the 6th most impactful global risk. Another study shows that overall internet scam victim faces a loss of more than USD 400 million globally [8].
The challenges with tackling cybercrime worldwide lie in the failure to dully understand the systemic relationship within cybercrime stakeholder's relationship and the sociology impact of criminology towards cybercrime. With lesser study of cyber-criminology which integrates criminology field to cybercrime; most of guardianship system are not designed properly. Systemic failures in understanding human behavior, environment effect studied in criminology theories and the mapping between this sociology theories with cybercrime are still in its infancy. For instances, according to routine activity theory [9], [10]; comprehensively presented the criminology actors which is attacker, victim and guardianship in any criminology equation. The theory might be relevant as well to cybercrime context. Even the crimes are conducted using technology and Internet infrastructure, an attacker and victim are viable. The guardianship here is transformed from policing to system related preventions and detections system. There are many other criminology theories such which could clearly be mapped to cybercrime which are still not fully understood [11], [12]. Thus, in this paper, an exploration of criminology theories and cybercrime is presented. The main objective of this paper is to focus on Malaysia for further discussion on the kind of cybercrime attacks occurrences in Asian Pacific. An analysis obtained via MYCERT from 2008 to 2020 will be analyzed and the reasoning behind the time series trends will be presented. An approach to mitigate the attacks by employing the first line of defenses utilizing Identification and authorization framework is presented. The outline of the paper is as the following. Section 2 presents an overview of Cybercrime and the efforts conducted in the Asia Pacific to tackle this crime. Section 3 presents the analysis done based on the secondary data observed from Malaysian computer emergency response team (MYCERT) for a span of 12 years (2008-2020). The justifications and in-depth analysis are presented as well. Finally, a section on significant analysis, authentication framework and conclusion is stated as well.

CYBER-CRIMNIOLOGY ANALYSIS
The mapping between the field of criminology and cybercrime known as cyber-criminology is not easily quantified and understood. The difficulties of clearly distinguishing traditional crime and cybercrime are closely related to how crime occurs and the factors that cause the crime [13]. Table 1 demonstrates some well-known cyber-criminology analysis. The link between cybercrime and security attacks is shown by classifying three stakeholders which are the offenders, the victim, and the guardianship.
Many theories mapped demonstrates the offender's perspective. This means; by carefully perceiving offenders' behaviour in physical space; similar behaviour is transformed towards criminal activity in cyberspace. Modelling these traits and quantifying these traits and studying the relationship between physical device usage and behaviour could present a new guideline in thwarting cybercrime. In the next section, a brief discussion on Identity threat and mobile computing threat will be presented.

Cyber-criminology relationship for identity theft threat
According to Javelin and Strategy [9]; in 2017; 15.4 million consumers were the victim of Identity theft in which $16 billion loss was reported worldwide. This makes identity theft a very lucrative illegal business. Normally; Identity theft threat leads to transaction-based crime such as credit card fraud; bank account compromise; PayPal account compromise and social media account impersonation which leads to love scams. Users' personal information such as name; identification ids, address or even account numbers could be used for these purposes. With the advancement and anonymity provided by TOR browser; marketplaces such as dream market and sell identity theft related information in the form of credit card or documents such as passport. Figure 1 shows some products sold in the Dream Market collected via Darknet. There are many method cybercriminals used to obtain credit card details. Among them are as the following: − Stolen/theft card: Any stolen credit card is the easiest form of attack in which financial data obtained is then sold on the Darknet platform for less than USD 50. Some online transactions only require your credit card number, CVV number and expiry date. − Phishing attack: An attack either done through web defacement, emails or through phone calls. The modus operandi here is to receive a call from authority canters such as commercial banks or tax department requesting some verification on bank details. Once obtained; details will then be sold elsewhere. − Application based attack: This is the latest threat known as form jacking. Consumers normally visit an infected online retailer without using a comprehensive security solution, leaving their valuable personal and financial information vulnerable to potentially devastating identity theft. According to Symantec [10]; form jacking has become a lucrative choice cyber crooks, though it's impossible to quantify the amount stolen from every form jacking attack in 2018. − Skimming device: Duplicate devices are placed on ATM in which this device will record all the transactions made. The recorded details are then transferred to a computer in which the details are then sold to others. − Account takeover: This attack takes place when the detail of the credit card is obtained during hand first.
Next, the attacker would call in the banks and change the billing address. Based on the mapping of cyber-criminology; two main theories such as general theory and neutralization theory can be applied to the trait and behaviour of offenders. With lack of deterrence tools to catch the offender and blur law in prosecution; no wonder identity theft becomes a lucrative crime. Next; mobile computing threat is discussed. Offenders Explanation about the nature of the behavior of the persons who bring out their conforming and non-conforming behavior in the physical space and cyberspace.
Factors such as offenders behavior; the social settings they live in and the internet features lead to cybercrime.

Any cybercrime
Situational Crime Prevention [23], [24] Guardianship Crime can be reduced by altering situations rather than an offender disposition.

Exploration of cyber-criminology efforts in ASEAN countries
With the use of cyberspace; there are zero spatial distances. This becomes non-trivial, especially when prosecuting crimes and crimes that occur between different countries and jurisdictions laws. In order to deal with these transnational crimes; The council of Europe in 2001 has introduced a convention on cybercrime known as the budapest convention to allow collaboration among states for transnational cybercrime investigation and prosecution. Not all countries ratified this convention. For instance; The association of Southeast-Asia nations (ASEAN) country consisting of Singapore, Indonesia, Malaysia, Philippines, Thailand, Vietnam, Laos and Myanmar did not ratify this convention. ASEAN, which was established in 1976 [25] to promote peace and cooperation only did recognize. Cybercrime as a transnational crime during the 2004 Joint Communique of the fourth ASEAN ministerial meeting [26]. Thus; the outcome of the meeting leads to strategic planning in term of legalization and jurisdictions between ASEAN countries. In order to enforce a platform of collaborations and sharing of cybercrime events; ASEAN telecommunications and IT ministers (TELMIN) established national computer emergency response teams (CERTs) in 2003 [27]. Other two initiatives which focus is providing awareness to the public; to impose sustainable partnership between private and public sectors and discuss issues relating to cyber terrorism and cybercrime are ASEAN ICT masterplan 2015 (AIM 2015) [28] and ASEAN regional forum (ARF) [29].

A study of cybercrime enforcement and laws in Malaysia
In Malaysia, the computer crimes act 1997 is used to combat cybercrime attacks [29], [30]. However, this law only covers the misuse of computers and does not cover does not cover many areas of computer-related activities. Digital Signature Act 1997 [30], [31] provides measurements to secure online transaction by using digital signature and copyright act 1997 [30], [31] protects against infringement of copyrights. In order to regulate and e-commerce transactions and processing of personal data; act such as the electronic commerce act 2006 [30], [31] and personal data protection bill 2010 [30], [31] are used. Few government institutions are responsible for handling cyber threat issues such as the ministry of science, technology, and innovation (MOSTI) and the Malaysian communications and multimedia commissions (MCMCs) [32]. MOSTI is responsible for designing a framework regarding the national policy of ICT. It aims to design policies to secure the critical national information infrastructure (CNII). CNII is integrated with every asset, whether physical or virtual, system and function, that is important to the nation and its security is essential [33] [34]. In order to deliver technicality security services and protect NCSP policies; Cyber security Malaysia (CSM) was created. CSM is responsible to run services relating to emergency services; quality management; professional development and strategic engagement and research [32]. In addition, MOSTI also supervises the computer emergency incident known as Malaysia computer emergency respond team (MyCERT) [35]. MCMC on the other hand; regulates communication and multimedia activities covering broadcast, internet service provider (ISP), postal and courier, and authority of digital certificate [32]. Next; some insight on cybercrime attacks in Malaysia and its justifications will be shared.

RESEARCH IN-DEPTH ANALYSIS: CYBER CRIME CASES IN MALAYSIA
Based on computer emergency response teams (CERTs), a platform to coordinate computer incident information reporting and sharing; reported cybercrime attacks in Malaysia since 2008 to 2020 has been analyzed. Prior to the cybercrime attacks being discussed; the notion of what consist within the cybercrime categories will be discussed. Table 2 displays the categories of incidents and its subcategories.
Among the categories are; i) privacy breaches; ii) transaction based attack; iii) alteration of data; and iv) disruption of normal operations. Privacy breach involves an attack leading to sensitive information leakage such as intrusion attacks (account compromise; defacement) and spamming (spam relay; email spam). Malicious code category consists of botnet control and command (C&C) and malware threats which could lead to information leakage, alteration and destruction. The impact leads to a loss in data integrity and decreases of trustworthiness. Another category which causes disruption of normal behavior is through denial of service (DOS) which is launched by bots. The effect here is unavailability of services; system or network. Finally; transaction-based crime is the fourth category. Attacks such as fraud and carding impact the economy in term of loss of money and lead to a loss in term of confidentiality, availability and integrity of data and systems.

Distribution of Malaysia cyber crime attacks from 2008 to 2020
The data analysed from 2008 up to 2020 is generated from the source of incidents reported either by home users or business owners. Figure 2 demonstrates the analysis of this data presented based on reported cases yearly. Overall, there were 109034 incidents recorded within this of time. This more than 100 k incidents recorded is at its minimal and determines that there are still many cases which are not reported. Next, the analysis of the cases reported will be discussed. This analysis would include justifying the intense growth of attacks by observing factors such as growth and emerging of technological and cybercrime attacks from 2008 to 2020.

Analysis and justifications of cybercrime attacks from 2008 to 2020
The analysis conducted will be based on several key constructs as the following: intrusion involves cases such as web defacement and account compromise [33]. Both attacks are interrelated to malware threats. There is also a cause-and-effect relationship between these attacks. For instance, phishing emails always lead to victim accessing the defaced website and fraud transaction such as credit cards involve account compromise attacks to occur.
b. An outlier recorded in 2011 attacks. Based on Figure 3, 2011 shows an usual outlier of reported cases. There has been an increase of 88% of cases numbers compared to previous years. Three main attacks dominating the charts are the F&F attacks: Intrusions and spamming attack. The shifting growth of technology is among the factors for justifying this report. Right before 2008; the innovation of supercomputers and nanotechnology in powerful chip design; power-saving batteries and emerging technology of mobile computing have already taken place [36]. However; it's only in the year 2008 to the end of 2009; technologist companies began to improvise their business model with more added functionality service into this innovation. Interesting; as stated in the Telegraph UK [37]; 2008 and 2009 also demonstrates a widespread of apps markets like Google plaster and Apple Store; the development of satellite navigation with the adoption of GPS in mobile phones and new phones such as Microsoft Phones and social messaging's account growth (Facebook and Twitter). By the end of 2010; 3D technology innovation; added location-based check-ins services and the Android based Smartphone were well accepted by the consumer [38]. With Facebook is recording a staggering 500 million users across and adoption of mobile computing everywhere; the outbreak of trends and technologies has also influenced the growth of cybercrime attack. This is proven when in 2011; an increased in hacktivism occur. Hacktivism is an improvised term of hacking in which the motivations of penetrating into a system are beyond personal fun or gain. Hacktivism tends to attack the system to change the social setting; thus, changing political and business agenda and prospecting in which cases of hackers accessing personal user data. One main reason contributes greatly to increases of malicious code; intrusion and even spamming is the fully functional open network such as Android Play store [39]. The issue with the open platform such as Android; application requires no code signing. The vulnerabilities that exist within these services is severe with anyone can upload and download an app regardless of its authenticity. With the advancement in hacking and maturity of smartphones and other mobile based products; 2011 display a hike in term of incidents recorded. Spam; an attack in which involves sending unsolicited advertising, too many recipients be used to deliver Trojan horses, viruses, worms, spyware, and targeted phishing attacks. Thus, spamming act becomes the agent for both fraud such as phishing and intrusion such as account compromise and defacement to take place. The high cases of intrusion such as account compromise and web page defacement are probably due to events such as LinkedIn account compromises that occur in 2012. Cyber-attacks launched into social media platforms and websites used by millions would ensure impact the users in Malaysia.  Table 3 is to display the overall total cases based on categories and the comparison of an incident from 2011 to 2019. The highest numbers of recorded incidents are fraud incidents which display 47328 cases. Second highest would be Intrusion with 25332 cases and third and fourth placing followed by Spam (15044) and Malicious code (10137). Fraud and forgery involve attacks such as phishing, fraud transaction, unauthorized transaction, and Nigerian love scam. Fraud remains to show increment in terms of attacks reported.
Based on the comparison of attack incidents recorded, there seem to be some interesting findings. Overall; there has been a reduced number of cyber harassments; DOS: Intrusion and spamming attack recorded. The reasons could be awareness among Malaysia users, which could have been heightened, especially for attacks such as spamming. Besides, another phenomenon is where the crime is not reported by a victim of cyberbullying and cyberstalking. The numbers of incidents from the categories of content related attacks; malicious codes and intrusion attempt shows a reduction int terms of threat percentage differences between 2011 and 2019. Malicious codes (-27%), intrusion attempt (-63%) are malware-based threats. A new threat classification involving content related shows a high increment from year 2011. This is the latest threat in which content such as pornography; IP infringement and national threat with cases of disinformation (fake news) are nowadays recorded. As Malaysia; a multiracial country; the increased on the national threat is worrying, especially when social media is used to spread disinformation events such as fake news and events. Nevertheless, even though the comparison between 2011 and 2019 shows a slight reduction in fraud; overall records showing the high numbers of fraud cases demonstrate the impact and severity of this attack. e. New attack in 2018 onwards One interesting analysis based on MYCERT reports [35] is several new cases of ransomware attacks reported in 2018. Almost 16 cases were reported either by home users: business owners or government services. Ransomware is a severe malicious attack in, which is designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website. In 2019; ransomware is seen as a malware which, coupled cripple healthcare systems and governments. Ransomware attacks were a part of the 298 cases reported under the category of content related. Another attack under this category is the rise of disinformation cases reported such as fake news. Based on the analysis conducted and technological justification presented; it is clear the existence of the relationship between technology trends such as big data and IoT with growing numbers of cybercrime attacks. Cyber-criminology, a globally threat deserves attention and calls for mitigation strategies. However, the solutions here is not solely for the use of technological guardianship, such as cybersecurity solutions or enforcement of laws; jurisdiction and security bodies; but a larger systemic plan incorporating component such as technology trends developers; legal systems; consumer (individual) and society (diverse background of culture and ideology) to introduce international based policies and regulations. However, as mentioned by [17], [36]; any regulations and policies will only work when any government enforcements on the policies are observed and monitored. Another context is the emerge of attacks which manipulate cognitive ability such as ransomware, phishing and disinformation cases. Human incapability of making poor decision and blindly trusting are the main factors which lead towards the leap of these cases. f. Covid-19 pandemic leading to cybercrime attacks due to cognition hacking.
Covid-19 pandemic has caused catastrophic impacts which affect the welfare of citizens, the economics of a country and most of all the social being of people. With countries locking down their border physically, the consumption of internet has spike worldwide. One innovation adopted by both public and private organizations and government agencies is "working from home" (WFH). The high usage of the internet during WFH also becomes an enabler to the global rise of cybersecurity threats globally. With more than 600% phishing attempt, recorded since February 2020, almost 1000% increase of the malicious websites with contents-themed coronavirus has been recorded [35]. According to the Malaysian Crime Prevention Foundation (MCPF), the total losses recorded regarding cybercrime for 2019 and 2020, were RM305 million and RM247 million, respectively. Based on the comparison of attack incidents recorded, there seem to be some interesting findings. Based on Table 4 analysis, an increased number of cyber harassments (129%); Intrusion attempts (1228%), spamming (12%) and vulnerabilities report (137%) attacks were recorded. Due to the high adaptation of WFH among public and private organisations and high-speed internet connections in urban area, cybercrime attacks could be launch easily. By adaptation of traditional attacks and threats techniques such as spear phishing or ransomware, Covid-19 keywords were embedded within emails contents or URL listings to capitalize on user's fear. Comparison between fraud & forgery cases between 2019 and 2020 show a little fraction of reductions which is around 181 cases (-2.3%). Although the number has reduced, the high numbers of fraud cases such as phishing cases during Covid-19 pandemic is alarming. Failures of organization in preparing a comprehensive business continuity and incident response plans in hand and lack of enforcement mechanisms are among factors of employees being convenient targets of cybercrime attacks. Lack of cybersecurity training and awareness campaigns by top managements prior to pandemic can be reflected on the high numbers of recorded attacks. Overall, even though there seem to be a slight attack recorded in contrast to 2019 (+0.18%), the impact cybersecurity due to Covid-19 in Malaysia would need to be tackled quickly. In 2020, cognitive hacking-based attacks will become more severe. Technology and trends adoption and acceptance by Malaysian contributes strongly towards the hikes as well. Lack of awareness and knowledge in securing technological based devices such as mobile computing devices 1665 and its users are the culprit towards the cybercrime threats hike. Thus next, a model of authentication to ensure basic security hygiene in a pervasive environment will be proposed.

DISCUSSION: SAFEGUARDING CYBERSPACE WITH AUTHENTICATION & AUTHORIZATION
Authentication remains as the first defense in any mission critical applications such as IoT, mobile based applications and even for mission critical application which is apart of the fourth industrial revolution (4IR). Among the mechanisms involves adopting multifactor authentications integrated with strong hashing algorithms besides encrypting other essential information's. In practice and as shown in Figure 3, mission critical applications involve three main stakeholders which are the mobile users, applications and servers. The main essential in any authentication models is to comply with security by design model. Each pervasive application differs based on its functionality and its design and requirements. Similarly, each application and pervasive domain has different types of system vulnerabilities and threats. Next, for any mission critical applications and domain, the need to have authentication protection for identifying human to human, and device-to-human communications is essential. Finally, any metadata within the application should be protected based on its sensitivity. Each sensors data captured should be automatic annotated based on its sensitivity [40]. Sensors such as GPS which stands as a sensor that leads to leakage of one's locations information's has a high sensitivity in contrast to accelerometer sensor [40]. This information is then could be inputted as in designing access control in terms of adding user permission and its level. Another promising path is in the protection of metadata using technologies which are secure and tamper proof such as blockchain technologies [41]. The mechanisms of authentication are divided based on authenticator IDS, channel/communications, protocol and technologies and authentication requirements. Figure 3 display authentication and authorization model for safeguarding mission critical application in a pervasive environment. Next, we will present the four-authentication mechanism which are the authenticator ID, channel/communications, protocol and technologies and other identification requirements.

Authenticator IDs
The identifiers or features that become the input to identify a user has emerged beyond simple textbased passwords. With the latest technologies' advancement, the need to use biometric based identifiers are becoming acceptable and practical. This is because biometrics are unique and cannot be masqueraded. Biometrics identifiers adopted here could originate from hard (fingerprint, face) and soft (keystrokes, voice) identifiers. When a single biometric or unimodal biometric identifier is integrated with other factors such as password, token or proximity sensors technologies (NFC, RFID), the outcome leads to a multi-factor-based system. Nevertheless, the factors mentioned are also capable to be merged with contextual factors (time, location, behavior and user ID) to support applications and systems based on the sentient environment [42]. Applications protected and accessible based on contextual information's are important to permit authorized user access during a certain time and limiting full access within the restricted perimeter.

Channel/communications
Most of the pervasive applications stored and used online are communicated through unprotected HTTP browser. The need to protect the communication between stakeholders such as mobile users accessing applications with the applications server need to be done using channels such as MQTT and SSL/TLSv2. Another promising method of authentication which is adopted in wearable technologies is by employing out of band channels. Here two different frequency bands such as WIFI used by Smartphone communicating with the broadband provider and Bluetooth channel used between smartphone and wearable device. In term of security, this kind of authentication is prone to inherit all the vulnerabilities of WIFI and Bluetooth. But the positive sides is the flexibility of adding security protection device such as a Smartphone to protect wearable devices.

Authentications protocol and technologies
In any mission critical based applications, the need to adopt an adaptive risk model has become major importance. The usage of one-time password (OTP) within system ensures timeliness and most of all thwarts against most of the security attacks such as phishing attack, password attack and even fraud revolving financial systems. Challenge-response is also a key in handling attacks of ecommerce transaction attacks. Another important protocol needs to be tapped into any applications is the direct assertions [43]. As most of the authorization permission is given right after the user authenticate themselves, this could lead to the issue of an unauthorized user still manage to brute force and penetrate a system. With most of the system defined to allow least privilege, this unauthorized and informed guest can at least read any files [44]. The correct way is for all authorization permissions and rights should be accessed for a user before this user is invited to authenticate himself [44]. The usage of direct assertion [43], [45] could be the answer to all the security issues revolving any technology and applications. Finally, with the importance of each device and users no trusting each other, the need for all connected devices and user to be accessed before the authentication process is essential.

Other authentication requirements
Other essential requirements for any applications when it comes to authentication would be to add features of protections in its configuration files. All pervasive applications have a configuration file in which metadata containing details such as mobile standard, types, its version, password of admin, IP address, etc are stored. Normally this configuration files could be accessible by the application users. In an event, if the configuration files are accessed by hackers, the leakage of metadata of the applications and even the devices could take place [46]. As one way of safeguarding configuration files is by using a shadow file mechanism. In this approach, the configuration files contain a pointer to another location which is accessible only by authorized administrators [47]. This second layer of defense in depth can be further integrated with strong password mechanism by using salting random numbers with user password [48]. With salt being used, the chances of password duplication and brute force of password are minimized. Another requirement is in driving access control system towards only allowing least privilege access and in accordance to need to know principles should be applied [49]. A user is only given access based on their needed tasks with the lowest clearance such as to read. This will also ensure that any permission on object or functionalities of an application is presented in a fine-grained manner [50]. Overall, the presented model is capable to secure and safeguards applications from both security and privacy attacks targeting mobile applications transaction online.

CONCLUSION
An analysis of cyber-criminology based on technological factor and temporal effect are presented in this paper. The comparison cyberattacks in Malaysia reported in MyCERT is analysed for span of 12 years since 2008 to 2020. With new type of cybercrime threats emerging such as ransomware, spear phishing and disinformation threats have a theoretical relationship with technology advancement and user's exposure towards this technology. Based on the analysis; findings demonstrate that there is a direct consequent between technology and cybercrime. Second findings show crime appearing on cyberspace has transformed from traditional crime. Based on criminology research; there is a clear transformative between stakeholders; the security attacks and criminology theories. With cyberspace technology, many applications are designed for pervasive environment. Most of mission critical domains such as financial; national security systems; military have its implementation of applications designed for mobility advantage. It is crucial to ensure these 1667 mobile based applications are protected against any security vulnerability derived from the physical technology; weakness and exploitation from the software design and most of all the users who are novice. A framework on authentication and authorization for safeguarding any mission critical applications is presented at the end of this paper. In future, the framework will be extended into a working prototype and further testing on its usability will be done in depth. By referring to the phrase "a chain is only as strong as the weakest link", vulnerabilities and loopholes in technologies and cyberspace platform are here to stay. The fastest yet harder method for solution would be in educating technology users to protect their personal data and systems. This is only achievable when user claim accountability and control in their own technology usage and perceive that security is always an afterthought in any technology developed. In conclusion, cease of being the weakest link of the chain.