The internet has made the world smaller in many ways but it has also opened us up to influences that have never before been so varied and so challenging. As fast as security grew, the hacking world grew faster. There are two ways of looking at the issue of cyber security. One is that the companies that provide cloud computing do that and only that so these companies will be extremely well secured with the latest in cutting-edge encryption technology. There are many challenges facing Southeast Asian countries when it comes to improving their cybersecurity, including a lack of governance and skilled personnel. Lack of attribution capability also increases the risk of cyber incidents or cyber-enabled information conflicts within the region. Further, many Southeast Asian countries lack a strategic mindset, policy preparedness, and institutional oversight regarding cybersecurity. There is a low level of cyber resilience in the region, especially when it comes to policy, governance, and cybersecurity. Moreover, there is little or no coordination between the national police for cybercrime, an interior ministry for critical infrastructure, the telecommunications ministry for breaches, and the military for cyber conflicts. An absence of a unifying framework often leads to significant under-investment. It is difficult to collaborate and share intelligence within and between countries due to the absence of a unified regional governance framework. Additionally, businesses have underestimated the value at risk, resulting in inadequate investments in cybersecurity. In the private sector, cyber risk is still perceived as an information technology (IT) issue rather than a business one, so regional businesses do not have a comprehensive approach to cybersecurity. In this regard, four issues must be addressed; The growing interconnectedness across the region and geographical dispersion of the physical supply chain will intensify systemic risk, making the region only as strong as its weakest link, Diverging national priorities and varying paces of digital evolution will continue to foster a sustained pattern of underinvestment, Limited sharing of threat intelligence, often because of mistrust and a lack of transparency, will lead to even more porous cyber defense mechanism, Technological evolution will render threat monitoring and response more complex, particularly given the rise of encryption, multi-cloud operations, the proliferation of the internet of things. These four issues will aggravate the current, unprepared situation in the region. If the region fails to address these issues, the value at risk for Southeast Asian nations will be significant. In addition, cybersecurity concerns have the potential to derail the region’s digital innovation agenda. This is how cyber security is one of the major emerging threats.
The Time Before Crime when the first world’s digital computers were created in 1943, the threat of cyber-attack was almost non-existent. A small limited number of people can access the giant electronic machine. At that time only a few people knew how to work them. Hacking, however, became a phenomenon in the 1950s, when phone phreaking began. This is where hackers manipulated telephone signaling so that they could make free long-distance calls. This involved reverse engineering the tones utilized by phone companies to confuse and trick the routers. Cybersecurity checking began in the 1970s when researcher Bob Thomas created a computer program called Creeper that could move across ARPANET’s network. Ray Tomlinson, the innovator of email, wrote the program Reaper, which chased and deleted Creepers. ARPANET’s main use was for academic and research purposes. Many of the protocols used by computer networks today were developed for ARPANET, and it is considered the forerunner of the modern internet. With the internet becoming available to the public, more people began putting their personal information online. Organized crime entities saw this as a potential source of revenue and started to steal data from people and governments via the web. In the early 2000s crime organizations started to heavily fund professional cyberattacks and governments began to clamp down on the criminality of hacking, giving much more serious sentences to those culpable. But the term next-gen now also refers to cybersecurity solutions that use real-time predictive methods like machine learning (ML), artificial intelligence (AI), and behavioral analysis to increase prevention, efficacy, and speed. In some cases, the term extends to automated threat detection and response capabilities.
Cyber security is basically being protected by internet-connected systems, including hardware, software, and data, from cyber-attacks. In a computing context, security comprises cyber security and physical security both are used by enterprises to safe against unauthorized access to data centers and other computerized systems. Security, which is designed to maintain the confidentiality, integrity, and availability of data, is a subset of cyber security.
Need for Cyber Security
The range of operations of cyber security involves protecting information and systems from major cyber threats. These threats take many forms. As a result, keeping pace with cyber security strategy and operations can be a challenge, particularly in government and enterprise networks where, in their most innovative form, cyber threats often take aim at secret, political, and military assets of a nation, or its people. Some of the common threats are:
- Cyber terrorism: It is the innovative use of information technology by terrorist groups to further their political agenda. It took the form of attacks on networks, computer systems and telecommunication infrastructures.
- Cyber warfare: Itinvolves nation-states using informationtechnology to go through something another nation’s networks tocause damage. In the U.S. Andmany other peoplelive in a society, cyber warfare has been acknowledged as the fifth domain of warfare. Cyber warfare attacks are primarily executed by hackers who are well-trained in use of benefit the quality of details computer networks, and operate under the favourable and support of nation-states. Rather than closing a target’s key networks, a cyber-warfare attack may force to put into a situation into networks to compromise valuable data, degrade communications, impair such infrastructural services as transportation and medical services, or interrupt commerce.
- Cyber espionage: It is the practice of using information technology to obtain secret information without permission from its owners or holders. It is the most often used to gain strategic, economic, and military advantage and is conducted using cracking techniques and malware.
Cyber-Security Scenario in Southeast Asia
The world communities have made significant advancements in information technology, which has been the centerpiece of contemporary times. Southeast Asia is also catching up to the rest of the world, exhibiting substantial development and progress across the industry. By 2025, it is estimated that Southeast Asia’s digital economy, which includes e-commerce and ride-hailing services, would make up a total of $200 billion USD. In particular, ASEAN member states in Southeast Asia have the potential to boost GDP by $1 trillion USD during the following ten years. The COVID-19 pandemic further compelled governments and businesses to accelerate digital transformation. Although this transition has certain advantages the increasing reliance on the Internet has also made the region highly susceptible to cyber-security threats. Among others, the Southeast Asian countries of Vietnam, Thailand, Malaysia, Philippines, Singapore, and Indonesia are the most vulnerable to these types of threats. Cybercriminals have previously targeted a variety of sectors, notably energy, e-commerce, etc. from which they have profited immensely. However, in current times critical infrastructure is becoming one of the chief targets of cyber-attack, given the globalization of infrastructures and the rising number of interconnected and centralized control systems. Even though cyber-attacks on the confidentiality, integrity, and accessibility of data are concerning, the spread of information conflicts allowed by cyberspace across Southeast Asia and the rest of East Asia raises even more questions. The ASEAN countries have so far failed to protect their cyberspace, the situation is worse that attacks have also been launched from ASEAN nations, either because of their well-conducted hub status or because they have such vulnerable infrastructure that can be exploited.
Southeast Asian nations must overcome a number of obstacles to strengthen their cyber security, including a lack of competent leadership and governance. Lack of attribution capabilities increases the possibility of regional information disputes or cyber-enabled incidents spreading out of control. Developing cyber norms of conduct is necessary for Southeast Asian countries to maintain regional stability. The creation of Cyber norms for ASEAN member states in particular. Singapore has committed large resources to this endeavor under its own national cyber security strategy, strengthening capability and assisting standards building in ASEAN. National Cyber security strategies have also been announced by several Southeast Asian countries. However, the area still faces difficulties.
Insight into Cyber Threat Trends in Southeast Asia
Alongside typical forms of scams, abuses, and frauds there are some other emerging and prominent cyber threats facing ASEAN member countries, this section will highlight them in order to help us better understand the regional cyber trends;
Phishing is a type of identity theft in which the scammer or attacker pretends to be a reliable or trustworthy individual or member of an institution to deceive the potential victim to disclose sensitive and confidential information such as bank or credit card information and login credentials etc. Successful phishing attacks might lead to account compromises, unauthorized access to an organization’s computers and networks, and transmission of such malware which could wreak even more damage ranging from financial to intellectual property losses. These types of incidents continue to increase dramatically in Southeast Asia. Around 11 million phishing attempts were detected in the region in 2021. However, the most recent data from Kaspersky (a global-level cyber-security agency) indicates that only the first half of 2022 saw 12 million attempts, with Vietnam, Malaysia, and Indonesia being attacked more frequently.
- E-Commerce Data Interception
To put it simply, e-commerce data interception is an act of stealing online customers’ information such as their names, addresses, credit card numbers, passwords, etc., primarily through injecting different types of malware into the websites of online stores and companies. It is a type of attack against confidentiality, and these techniques not only enable cybercriminals to easily initiate destructive operations against e-commerce platforms but also effectively undermine customer confidence in online purchases and payments. In the past decade, exponential digitalization is observed in Southeast Asia and several giant e-commerce companies such as Shopee, Tokopedia, and Grab etc. are also established (Ganbold 2022). Despite the fact that certain efforts have been made to reinforce the overall safety and infrastructure, these companies and the region as a whole continue to lack in this very category and remain a hotspot for e-commerce data interception and related cyber threats.
- Malware attack
Malware is an umbrella term for programs or codes which are harmful for computer systems or networks. Once a device is infected, the malware can steal, encrypt or delete data, alter or hijack core computer functions, and even spy on computer activity without the user’s knowledge or permission. The most significant type of malware threat in the Southeast Asian region has been Ransomware. It is a sort of malicious software which encrypts particular files or data on your computer and holds them, hostage, until you pay a price to the attacker to recover them (UNODC, 2021). The considerable risks posed by ransomware include the disruption of essential services for example public healthcare, insurance, finance, and other critical infrastructure necessary for the operation of government and private enterprises etc. Over 800,000 ransomware attacks are reported in 2020, the majority of which occurred in Vietnam, Indonesia, and Thailand.
With widespread crypto adoption, cybercrime like crypto-jacking is on the rise. Crypto-jacking basically allows hackers to mine cryptocurrency without having to pay for electricity, hardware, or other mining resources by using other people’s systems without their permission. Cybercriminals break into computers and install specific malware. While the unaware victims use their devices normally, that malware continues to function in the background, mining for cryptocurrencies or stealing from victim’s cryptocurrency wallets. Southeast Asia’s failure to effectively address cyber-security concerns, the region is becoming a favorite spot for cybercriminals involved in crypto-jacking, with countries such as Indonesia and Vietnam experiencing some of the highest numbers of mining attempts globally.
- Crime ware-as-a-Service
“Crime ware-as-a-Service” refers to any application software or set of programs such as application programs which are specifically developed to facilitate prohibited and unlawful activities online. Through these programs cybercriminal tools and services such as phishing kits, Spyware, browser hijackers and key loggers, etc. are made accessible to a wider range of threat actors, to the extent that any common user can turn into a cybercriminal (Samani & Paget 2013). Law enforcement’s focus on cybercrime at a global level has led these ‘as‑a-service’ models for illegal activities to go deeper underground. Such underground platforms are implementing stronger defensive measures and making Southeast Asia their home ground, given its weak cyber security landscape.
Southeast Asia is quite a diverse region, with states having different social, economic, and political systems. A clear understanding of these variances is necessary because they might have serious implications on how these countries intend to improve their deterrence against cyber threats. Most of these concerns can be perceived as directly related to the varying interpretations of the “state-individual relationship”. In countries with nationalist and authoritarian regimes, the state is considered fundamental to protect its people from any form of harm and disruption and determine whether a specific issue constitutes a threat or not. This is the reason why in Vietnam internet users are frequently prohibited from browsing websites with content that the government considers inappropriate. However, in democratic and liberal countries, citizens and organizations have a wider range of authority for self-evaluation of cyber and other concerns, though the state still serves as the primary institution. “Partly reflective of the different political systems across the region, there are also wide disparities in economic and local market capacities. This certainly leads to unequal resource allocation for the development of sound internet connections and the promotion of web-centric skills among the population” (Thomas 2009). All these underlying factors not only influence how these states define “cyber-threats” but also the types of cyber security challenges they will face.
Since most of the countries of this region are somehow aware of the tendencies of cyber security issues, they have identified certain cyber protocols. Nevertheless, the state’s response to the violation of these protocols varies across the region. For example, in Myanmar punishment for any major breach ranges from heavy fines to protracted imprisonment. Whereas, people who access banned online content, whether from a domestic or foreign ISP, are frequently fined or imprisoned in Vietnam. A number of indirect ways are also mapped out by countries through which constraints can be imposed on access to cyberspace without adopting strict or legal procedures. However, on a larger scale, the drafting of cyber-security bills began in several countries in 2017 including; Thailand, Malaysia, Singapore, and Vietnam etc. The region also saw the emergence of clearly defined cyber-security agencies;
- Philippines – Department of Information and Communications Technology
- Singapore – Cyber-Security Agency of Singapore
- Indonesia – Badan Siber dan Sandi Negara, the National Cyber and Encryption Agency
- Malaysia – National Cyber-Security Agency Malaysia
National cyber agencies indeed help in raising public consciousness regarding the prevalent issues and also in the development of the country’s exclusive cyber-security agenda. Hence, it’s evident that efforts are being made in Southeast Asia on a domestic level to cater to the susceptible cyber security scenarios, yet the significant differences among Southeast Asian states are needed to be undermined so that a coherent policy approach to cyber security can be constructed in the region.
Regional initiatives can focus on particular issues that frequently complement other economic and political cooperative efforts since they are undertaken in a setting where there are fewer cultural differences and fewer issues with compatibility in judicial systems. This includes the economic integration e.g., APEC. A region’s disparities in economic and political progress may not be so pronounced as to breed mistrust among neighbors, and even in cases where this does occur, it can be made up for by other factors that promote cohesion. This is in addition to the region’s geographical and historical uniformity and proximity. In ASEAN, there have been two approaches to securing the internet.
- First, the e-ASEAN approach has been used to generally strengthen regional capacity and resources.
- Second, there have been a number of more overt efforts to protect cyberspace from international attempts to undermine national security, particularly those arising from criminal and terrorist organizations’ activities.
In contrast to ASEAN, APEC has adopted a different tack, with cyber concerns mostly falling under the purview of the telecommunications sector. However, more current works have concentrated on finding new ways to tackle transnational terrorism and criminal activity. The present main focus of regional attention is on the necessity for both organizations to combat the cyber security concerns considered to originate from terrorist and criminal groups. However, the importance of cyber development is also recognized, if only to solve the underdevelopment and poverty that are perceived as the main drivers of crime and terrorism. With the goal of creating a wider and more inclusive action plan including
- Economic infrastructure
It was required to promote an ASEAN e-space, as part of an ASEAN positioning and branding strategy, the e-ASEAN Initiative was launched at the Manila Summit in 1999. The main goal of this Initiative was to collectively investigate ways that the less developed Southeast Asian states could close the digital gap with other ASEAN states by giving chances to use information and communication technology to advance their socioeconomic conditions, creating what Singapore Prime Minister Goh called “a single electronic space.” Thus, the objective of this Initiative was to leverage e-strategies to promote greater ASEAN integration.
The e-ASEAN Framework Agreement, which was signed as a result of this initiative in 2000, has since served as a basis for stronger regional cooperation, particularly in the areas of ICT and e-commerce. The ASEAN has increased and broadened its cooperation in this area since 2000. The ASEAN Telecommunications and IT Ministers (ASEAN TELMIN) approved the Singapore Proclamation in September 2003. A number of states have signed bilateral and multilateral mutual recognition agreements as a result of this declaration and the conclusions of the Manila TELMIN meeting in 2002. In the region, a network of ICT training facilities has been built to support small and medium-sized businesses. Several coordinated policy initiatives have also been launched to advance regional regulatory development. As much as ASEAN has worked to strengthen regional cyber ties and capacity, it has also collaborated with China (under ASEAN+1) to build new ICT networks for the development of new technologies and applications, the advancement of human resources, and the creation of secure networks that can fend off attacks from domestic and foreign cyber-criminal organizations. South Korea and Japan have also joined this process through the ASEAN+3 mechanism.
ASEAN has started to address the more “conventional” cyber security challenges of transnational cybercrime and cyberterrorism as a result of these projects serving as a spark for greater regional collaboration on cyber issues. Cybersecurity issues are related to e-development initiatives in various procedures, such the TELMIN meetings. With the aim of having all ten of its member countries operationalize CERTs by 2005, for instance, ASEAN nations have been building National Computer Emergency Response Teams as part of this process. The development of “a virtual platform for ASEAN cybersecurity to construct a general platform to coordinate information exchange, the formulation of standards, and collaboration among enforcement agencies” is another project that the TELMINs are in charge of. The regional dimensions of cybercrime caught the attention of ASEAN’s various policy organizations by the middle of 2001. As a result of its “severe impact on the security, peace, and economy, and advancement of ASEAN as well as on its moral and social fabric, the ASEAN ministers in charge of transnational crime have pledged to increase cooperation against cybercrime. Although ASEAN continued to address post-9/11 cyber security concerns, they had frequently become mixed up with local and international counterterrorism initiatives. An increase in regional efforts to secure cyber security can be attributed in part to 9/11. Furthermore, these sanctions were very light-handed given the relative youth of cyber terrorism as an acknowledged threat to ASEAN. Since 2003, increasing focus has been placed on creating strong and coordinated responses to cyber security threats. The creation of a regional body to tackle cyberterrorism was supported by the participants of the ASEAN Regional Forum in 2004. The ARF Cyber Terrorism Summit, which South Korea sponsored in October 2007 to encourage information sharing among the member nations, was one tangible result of this. In November 2008, an ARF summit on terrorism and the internet was held as a follow-up. Regarding additional specific actions, the ASEAN Police Chiefs launched a training program for officials of regional police forces in 2007.
Challenges and Recommendations
There are several challenges to improving cybersecurity in Southeast Asia.
- Many Southeast Asian nations lack the institutional control, preparedness for cybersecurity policy, and strategic mindset necessary. Security forces (for cybercrime), the Ministry of Interior (for critical infrastructure), the telecommunications department (for breaches), and the military (for cyber wars) may each have some responsibility while coordinating little to nothing. Significant underinvestment is frequently the result of the lack of a unifying framework.
- Since cyber risk is still seen in the private sector as an IT issue rather than an economic one, local businesses do not take a complete strategy for cybersecurity.
- Due to a shortage of capabilities and competence, the region’s cybersecurity business struggles to satisfy demand.
- The systemic danger will increase as Southeast Asian economies become more intertwined.
- Because of suspicion and an absence of transparency, Southeast Asian countries rarely share threat intelligence.
- Threat monitoring and response are becoming more challenging due to the rapid advancement of technology, particularly with the advent of the Internet, cloud computing, and more robust encryption.
Looking at the above-mentioned challenges, a few recommendations can be made. The physical supply chain’s geographical dispersion and the region’s rising interconnection will increase systemic risk, making the region only as strong as its weakest link. Divergent national agendas and different rates of technological advancement will support a long-term pattern of underinvestment. Limited threat intelligence sharing, frequently brought on by mistrust and a lack of openness, will result in even more permeable cyber defenses. Threat monitoring and response will become more difficult as technology advances, especially in light of the expansion of the Internet of Things (IoT), multi-cloud operations, and encryption.
- The policies of ASEAN can be reformed and reinforced for further cooperation
- The states should trust each other and there should be no point of suspicion among them
- Different programs should be initiated to give awareness to the local people of these states, that how severe this issue is. To provide them with a basic knowledge of what cybersecurity is.
- The state counterparts should cooperate with each other. Advanced states like Malaysia, Thailand, Singapore, and China e.g. have formed cybersecurity agencies, these states should share their information regarding technologies with other states. There should be better cooperation among the Southeast Asian states.
Security risks have always been addressed at the regional level. Southeast Asian states and other extra-regional dialogue partners have talked about methods to lessen regional insecurities since the ASEAN Regional Forum was established in 1994. Other regional organizations, including APEC, have also taken action to include regional security matters on their policy agendas in the post-9/11 environment. In this way, both already-existing and recently-implemented regional security mechanisms have benefited cyber security concerns. States are therefore collaborating with regional organizations like APEC and ASEAN to reduce the risks presented by cyber security threats, even as they attempt to fill gaps in their cyber capabilities. To keep cyber criminals out of their distinct digital areas, the governments in the area can adopt a number of preventative actions. In order to fight such invasions, Southeast Asian nations should invest in training and capacity building, with a particular emphasis on high-quality ICT infrastructure and highly qualified labor. In order to safeguard the supply chain from design to delivery and guarantee the security of these transfers, a cyber-secured economic zone that is in line with international cybersecurity standards should be formed. This would protect trade in the region and ensure more excellent stability in the face of growing cybercrime incursions.
- Thomas, N. (2009). Cyber Security in East Asia: Governing Anarchy. Asian Society.
- Chang, L. Y. (2017). Cybercrime and cyber security in ASEAN. In Comparative criminology in Asia(pp. 135-148). Springer, Cham.
- Raska, M., & Ang, B. (2018). Cybersecurity in Southeast Asia. Paris: Asia Centre & DGRIS.
- Ramadhan, I. (2020). Building Cybersecurity Regulation in Southeast Asia: A Challenge for the Association of Southeast Asian Nations (ASEAN). Journal of Social and Political Sciences.
- Thrust on cybersecurity: Combating threats in the SEA region. (December, 2021). Southeast Asia Infrastructure.
- Caballero-Anthony, M., & Cook, A. D. (2013). Non-traditional security in Asia: Issues, challenges and framework for action. Institute of Southeast Asian Studies.
- Samani & Paget. (July, 2013). Exposed: Cybercrime-as-a-Service. Digital News Asia.
- Ganbold, S. (September, 2020). E-Commerce in Southeast Asia. Statista.
- (October, 2021). Ransomware attacks, a growing threat that needs to be countered. United Nations: UNODC Regional Office for Southeast Asia and the Pacific.
- Tran Dai, C., & Gomez, M. A. (2018). Challenges and opportunities for cyber norms in ASEAN. Journal of Cyber.
- Timur, F. G. C. (2017). The Rise of Cyber Diplomacy ASEAN’s Perspective in Cyber Security. KNE Social Sciences.