ASEAN Cybersecurity: Challenges and Changes In the Pandemic

Two years into the pandemic, ASEAN countries witnessed how digital services made it possible for education, employment, and businesses to continue virtually. Now, SEA countries are implementing a digital-first mindset. An indispensable part of that is a secure cyberspace.

Majority of businesses in the region continue to prioritize investing in cybersecurity. According to the IDC Asia/Pacific Security Sourcing Survey 2022, cybersecurity is a crucial investment area for Southeast Asian businesses, and they prefer sourcing it from third-party providers.

ASEAN boardrooms are discussing strategies to close existing gaps and implement next-generation capabilities, and cybersecurity is on the agenda.

This focus is required since 94% of organizations in the region indicate a rise in cyberattacks over the last year, with at least a 50% increase in disruptive attacks reported by 24% of those organizations.

To realize why businesses prioritize cybersecurity, let’s take a look at the cybersecurity challenges that ASEAN countries face today.

Cybersecurity challenges faced by ASEAN countries

Network security

Unauthorized access, manipulation, destruction, and other security risks affect business networks. Network security breaches, virus infections, and ransomware attacks are a few examples of attacks that can happen.

The same IDC survey revealed that network security was the top security concern for Southeast Asian businesses. Network security becomes a critical requirement as businesses implement more distributed and diverse IT setups.

The COVID-19 pandemic along with society’s growing digitisation has caused a 600% rise in cybercrime in Southeast Asia in 2021. Ransomware has risen and become the most significant malware threat throughout this surge.

A new Advanced Persistent Threat (APT) group called Dark Pink has executed sophisticated cyberattacks against military and government targets in Southeast Asia, emphasizing the rise of threats against major companies in the region.

In December 2022, the group had breached the cyber defenses of six organizations in ASEAN, including those in Cambodia, Indonesia, Malaysia, Philippines, and Vietnam. The first successful attack happened in June 2022– the threat actors were able to break into the network of a Vietnamese religious organization.

Another incident is the AirAsia data breach. Daixin Team– a ransomware and data extortion group that has targeted the healthcare and public health (HPH) sector– allegedly launched a ransomware attack against the AirAsia group and stole personal data of all staff and 5 million unique passengers. The data includes their name, birthdate, nationality, place of birth, and answer to their ‘secret question’.

Cloud security

According to a survey by Palo Alto Networks, 54% of ASEAN organizations cited cloud security as the top security measure post-pandemic. As more ASEAN countries move their operations to the cloud, they’re now more concerned with the risks involved.

One example is the data breach in Malaysia’s National Registration Department. On a data leak market, someone is selling the personal data of 22.5 million Malaysians, which they claimed they stole from JPN’s MyIdentity API. The 160 gigabytes database contains information on every adult Malaysian who was born between 1940 and 2004.

Another incident is the data breach in the Philippines’ Commission on Elections (COMELEC) security systems. A hacker group infiltrated the system, exposing 60 terabytes of confidential voter data.

IoT security

46% of ASEAN organizations cited Internet of Things (IoT) and operational technology (OT) security measures as top cybersecurity concerns.

Because of cheaper devices and supportive government policies, IoT adoption boomed in ASEAN nations. However, as connectivity grows, ASEAN businesses must deal with the security risks associated with IoT adoption.

In Indonesia, 1.3 billion profiles of SIM card registrations were posted for sale by a hacker under the name of Bjorka. The profiles are more than the total population, as it’s common to have more than one phone number in the country.

However, this becomes a threat to Indonesian citizens as hackers can access their data through their mobile numbers.

Private communication logs between the President and the State Intelligence Agency were also exposed by Bjorka before. They also leaked the phone numbers and vaccination records of well-known political figures.

Remote working as a cybersecurity risk

Palo Alto Network’s report also showed how the growing trend of employees asking for remote work has created new cybersecurity issues. With its BPO and freelancer industry, SEA is particularly vulnerable.

Businesses are most worried about the security risks that come with working remotely or in a hybrid environment. Risks remain high for the majority of businesses despite significant advances in cybersecurity like zero trust and endpoint security. A staggering 94% of ASEAN organizations reported an increase in attacks in 2021.

Kaspersky, a cybersecurity company, has raised concerns about cyberattacks in Southeast Asia after blocking over 47 million Remote Desktop Protocol (RDP) attempts in the region during the first half of 2022.

Particularly, remote and hybrid work arrangements had highlighted personal safety. 51% of organizations emphasized the need for protection against unprotected and unmonitored IoT devices connected to the corporate network.

From January to June 2022, Kaspersky reported a total of 47,802,037 Bruteforce.Generic.RDP attacks against remote employees in Southeast Asia, or an average of 265,567 attacks per day.

A Bruteforce.Generic.RDP attack aims to find a valid RDP login or password pair by repeatedly testing all potential passwords until the correct one is found. In the event of a successful attack, the attacker is given remote access to the host computer.

Human-driven scam operations

According to Kaspersky’s ASEAN Cyber Threat Outlook 2022, there’s a high-chance ransomware attacks will decrease as organizations have adopted “strong international cooperation and multiple task forces to trace ransomware gangs.”

In return, the general public is less vulnerable to typical cyberthreats– and attackers employ a different tactic.

Attacks are more non-technological in nature, capitalizing on human weaknesses using all types of scams via SMS, automated phone calls, popular messengers, social networks, and other channels.

Nearly 40,000 people were scammed in Thailand last year with their bank accounts and credit cards displaying strange transactions.

Scammers also used fake bank websites to obtain Malaysians’ banking information. To trick consumers into sending money, leading Vietnamese e-commerce platforms were also impersonated.

Cryptocurrency and NFT industry attacks

By analyzing sophisticated attacks by Lazarus–the infamous cybercrime group run by the North Korean government– and its subgroup, BlueNoroff, Kaspersky experts warned businesses to prepare for an even larger wave of attacks on cryptocurrency.

The NFT (non-fungible token) market, which is expanding, will also be targeted. Southeast Asian nations may be at risk since they are the top owners of NFTs, with the Philippines leading the way with 32% of organizations saying they own such digital assets.

Issue of geopolitical importance

Since the COVID-19 pandemic, the rate of digital revolution has only increased. We now largely transact, work, and connect online. Espionage, data theft, and efforts to interfere with our daily operations have all become more prevalent online.

Cybersecurity is also no longer only a technological problem; rather, it has affected geopolitics. Critical technologies can have an impact on a nation’s national security, economic progress, and societal values.

These technologies range from emerging ones like 5G, cloud computing, artificial intelligence, and quantum computing to more established ones like basic infocomm technologies and communications infrastructure, as well as the associated cyber risks they actually cause.

These challenges disrupted businesses, which pushed ASEAN organizations to employ more robust measures to protect their data and operations.

ASEAN’s Evolving Cybersecurity Strategies

Increased cybersecurity budget

To protect themselves from cyber risks, businesses decided to increase their cybersecurity budget. Palo Alto Network’s survey reported that:

1. 74% indicated that their leadership team was placing more emphasis on cybersecurity

2. 68% of organizations said they will increase their cybersecurity spending in 2022 to:

• Adopt of next-generation security technologies (48%)
• Plug existing cybersecurity gaps (46%) and
• Optimize operations (44%)

3. 46% of boards discuss it quarterly and another 38% every month.

Compared to other businesses, financial services (45%) and fintechs (42%) believe they are most vulnerable to cyber threats. Cybersecurity budgets have increased the most for these industries.

• Financial services (81%)
• Fintechs (75%)
• Telecommunications (71%)
• Government and public sector (60%)
• Retail (53%)

Cybersecurity Cooperation Strategy

A roadmap for regional collaboration to reach the goal of a safe and secure cyberspace was initially provided by the ASEAN Cybersecurity Cooperation Strategy, which was originally published in 2017-2020.

As the digital landscape evolves, the ASEAN Cybersecurity Cooperation Strategy is updated with a new 2021-2025 strategy.

The 2021 – 2025 Strategy seeks to “support the establishment of a rules-based multilateral order for cyberspace, one that is open, secure, stable, accessible, interoperable and peaceful.” It’s composed of five parts:

• Advancing Cyber Readiness Cooperation – This part focuses on bringing together national Computer Emergency Response Teams (CERTs) in all ASEAN Member States (AMS) to exchange information resources and best practices to improve collective responses and build future readiness against such attacks.
• Strengthening Regional Cyber Policy Coordination – In support of a multilateral, rules-based system in cyberspace, ASEAN works to bring value to international discussions on cybersecurity.
• Enhancing Trust in Cyberspace – For ASEAN to achieve its digital goals, technology trust must be established. Businesses need assurance that their operations can be carried out in a safe environment, and people need assurance that public services supporting their ongoing safety are still available.
• Regional Capacity Building – ASEAN acknowledged the need for ongoing training not just on technical and operational issues but also on cybersecurity policy, law, and strategy given the increasingly complex nature of cybersecurity. A variety of stakeholders should participate in politically unbiased training.
• International Cooperation – This aspect is concerned with finding effective and mutually beneficial methods for ASEAN to cooperate with international partners. This might entail actions taken to explore more robust engagement possibilities with Dialogue Partners (DPs) to address any identified cybersecurity development gaps in the region.

Breakthroughs in Cybersecurity

ASEAN’s efforts to establish a safer space online produced outstanding initiatives that helped and will continue to help ASEAN nations to learn more about cyber risks.
Here are the most prominent breakthroughs in cybersecurity that ASEAN has established.

ASEAN Cybersecurity Skilling Programme

As the region becomes more and more reliant on the Internet, cyberattacks pose a serious threat. In response to this alarming trend, the ASEAN Foundation and Microsoft announced the ASEAN Cybersecurity Skilling Programme on February 24, 2022. (ASEANCSP).

The ASEANCSP aims to reduce cyber crimes in ASEAN by increasing cybersecurity knowledge among ASEAN citizens and promoting awareness of cybersecurity’s importance.

In partnership with local implementing partners, the initiative seeks to provide training of trainers (ToT) on cybersecurity to 560 adolescents, educators, NGO and CSO facilitators in Cambodia, Indonesia, Malaysia, the Philippines, Singapore, Thailand, and Viet Nam.

To help build a secure digital environment in ASEAN, these master trainers will then provide cybersecurity training to 30,000 underprivileged youth in the seven nations.

A regional focus group discussion (FGD), with experts on cybersecurity concerns from the public and business sectors, will also be organized.

The information gathered from the FGD will be used to improve how the ToT is implemented and to develop a practical and appropriate localized cybersecurity training course.

To raise the general public’s knowledge of cybersecurity, an online campaign will also be launched.

ASEAN Cyber Shield project

On January 30, 2023, the Korea Internet & Security Agency (KISA) announced the launch of the “ASEAN Cyber Shield” project, an international cooperation initiative between South Korea and the Southeast Asian Nations Association (ASEAN).

The initiative, which is the largest technology and communications sector partnership to date, intends to improve cyber security capabilities among ASEAN member countries with a $9.8 million investment from the Korea-ASEAN cooperation fund over the next three years.

The operation of an online cybersecurity curriculum in the region, research on cyber security certification programmes, ASEAN hacker defense competitions, and cyber security student exchanges are a few of the project’s main goals.

ASEAN-Japan Cybersecurity Capacity Building Centre

For a long time, ASEAN and Japan have stepped up their collaboration on human resource development and information security. ASEAN and Japan formed a cybersecurity capacity building initiative consisting of two steps, both supported through the Japan-ASEAN Integration Fund (JAIF).

The first one was the ASEAN-Japan Cybersecurity Cooperation Hub launched in December 2017, and the second is the ASEAN-Japan Cybersecurity Capacity Building Center.

The ASEAN-Japan Cybersecurity Capacity Building Centre (AJCCBC) was established with the aim to develop a cybersecurity workforce of 700+ over 4 years to enhance the capacity of cybersecurity experts and specialists in the AMS by providing training and other activities to participants from AMS.

The primary goal of AJCCBC is to educate cybersecurity professionals in ASEAN member nations with the skills and information they need to operate effectively in the modern world.

Cybersecurity as top agenda among ASEAN countries

92% of ASEAN organizations believe cybersecurity to be a priority for their business leaders today. Indeed, the pandemic made everyone realize the risks that come with digitalization, so long that it became one of the top concerns world leaders are now actively trying to address.

The effectiveness of these cybersecurity initiatives can only be measured as time passes by, but the dedication of these organizations to discuss important matters openly and the collective sharing of ideas will surely not be in vain.

Cybersecurity is given enough attention and is not anymore an afterthought, and that’s already one step forward towards a safe and secure online environment.