Photo: OPgrapher via Adobe Stock
Southeast Asia is a highly digitalized region in a geostrategic location. It boasted an 80% internet penetration rate in 2022, and its digital economy was projected to hit $100 billion in 2023. Along with its rapid digitalization and rising geopolitical tensions in the region, cybercrime in Southeast Asia has become a pressing threat. Between 2021 and 2022, cybercrime in Southeast Asia increased by 82%. The countries that were the most frequent targets of cybercrime in Southeast Asia in 2023—Singapore, Indonesia, Thailand, and Vietnam—also had the highest digitalization rates, making them more attractive targets for cybercriminals. Chinese state-linked hackers are especially active in the region. Wired reported that China-linked cyberattacks on Southeast Asian countries increased by 20% between the end of 2022, compared to the same time in 2021. Chinese government-linked hackers also penetrated government servers to spy on several Southeast Asian nations—Thailand, Malaysia, Vietnam, Indonesia, Myanmar, and Cambodia— and stole sensitive email information from them between 2019 and 2022.
To better mitigate increasing cyber risks, the Association for Southeast Asian Nations (ASEAN) is improving the region’s cybersecurity capabilities, cyber capacity-building, and cybercrime information-sharing efforts through a series of cyber initiatives. ASEAN includes ten member states and has a combined gross domestic product (GDP) of $3.2 trillion. ASEAN’s chair rotates each year, with Laos holding the position in 2024, along with specialized offices in each of the ten member states. ASEAN’s member states vary in their cyber capacity: some countries, like Singapore and Malaysia, have national cybersecurity structures and strong tech ecosystems. Other member states such as Myanmar, Cambodia and Laos have minimal resources and poor tech infrastructure that "limits” their level of cyber readiness. Digital integration also varies between Southeast Asian countries, with Singapore having the highest levels (average score 80.70) while Myanmar has the lowest (average score 30.11), according to the ASEAN Digital Integration Index.[1] The following sections examine ASEAN’s cybersecurity strategy, cybercrime information-sharing efforts, and capacity-building initiatives.
ASEAN’s Cybersecurity Strategy
ASEAN has a Cybersecurity Cooperation Strategy (CCS) for 2021-2025 that focuses on advancing cyber readiness, strengthening and harmonizing regional cyber policies, enhancing trust in cyberspace, and regional capacity building. ASEAN’s initial CCS, formed in 2017, laid out an initial road map for regional cooperation on cyber initiatives. The current Strategy expands this roadmap to build on ASEAN’s existing cyber achievements, update its objectives, and establish a rules-based multilateral cyberspace order. One way the strategy proposes to achieve its goals is through establishing an ASEAN Regional Computer Emergency Response Team (CERT). The CERT has yet to be created, but the Cybersecurity Agency of Singapore has been working closely with other ASEAN member states to begin this process in 2024. According to the CCS, the ASEAN CERT will “facilitate coordination and information sharing between national level AMS CERTs, develop and maintain an ASEAN Point-of-Contact (POC) network of cybersecurity experts and organizations, host ASEAN cybersecurity conferences, trainings, and drills for AMS national CERTs, facilitate and conduct regional cybersecurity exercises, partner with other international and regional organizations in support of ASEAN cybersecurity interests and objectives, develop partnerships with industry and academia, support AMS National CERT capacity building and best practices, and, conduct and support cybersecurity awareness campaigns.”
The CCS also established an ASEAN Cybersecurity Coordinating Committee (Cyber-CC) in 2020 to “to strengthen cross-sectoral coordination on cybersecurity, while preserving the exclusive work domains of the sectoral bodies.” The Cyber-CC is one of ASEAN’s primary tools to bolster regional coordination with AMS, Dialogue Partners, and other nations. It focuses on capacity building initiatives and includes members from other ASEAN sectoral bodies that oversee regional cybersecurity issues.
Cybercrime and INTERPOL
Beyond the CCS, ASEAN also includes organizations that promote information-sharing on cybercrime threats and better integrated operations for the region in collaboration with INTERPOL. The ASEAN Cybercrime Operations Desk (“the ASEAN Desk”) is one such organization. The ASEAN Desk uses intelligence development, investigative support and operational coordination to support all ten AMS in countering cybercrime. It also distributes Cyber Activity Reports to keep AMS updated on the latest regional cyber risks and connects law enforcement with private sector and other partners to support their investigations. It was first established as the ASEAN Cyber Capabilities Desk by INTERPOL in 2018 but was renamed in 2020 to more accurately represent its operational role within ASEAN. The ASEAN Desk has coordinated successful region-wide cyber operations to combat cybercrime, including an investigation into malware affecting e-commerce websites which led to the arrest of three individuals running the operation in Indonesia, and a collaboration with AMS national CERTs to target router “cryptojacking” in the region.
INTERPOL hosts other regional initiatives that complement the ASEAN Desk’s work. The ASEAN Cybercrime Knowledge Exchange Workspace (“the Workspace”), for example, is an INTERPOL program that complements the ASEAN Desk’s goals. The Workspace is a secure arena for law enforcement officials to share non-police data including best practices and open information on regional cyber threats. It is also responsible for distributing Cyber Activity Reports to AMS on the latest cyber threats. Another INTERPOL cyber program in Southeast Asia is the ASEAN Cyber Capabilities & Capacity Development Project (C3DP). C3DR's objective is to improve the capability and capacity of ASEAN law enforcement agencies to work together to combat cybercrime. It has a $2 million budget, is funded by the Department of State, and is currently in its third phase. C3DP conducts projects on cybercrime, such as specialized training on malware and producing guidelines for seizing virtual assets, to strengthen member states’ ability to combat cybercrime.
Cyber Capacity-Building and Training
ASEAN also spearheads cybersecurity capacity-building and training initiatives for member states, many of which are funded, established, and/or hosted by Singapore or Malaysia. The ASEAN Cyber Capacity Programme (ACCP) is one such program. ACCP aims to build technical, policy, and strategy-building cyber capacity among member states through cyber programs designed for senior ASEAN officials, INTERPOL officers in the region, ASEAN Dialogue Partners (including China and the United States), and academics. It was established in 2016 by Singapore. It hosts Singapore International Cyber Week as a platform for regional cybersecurity dialogue, as well as the annual Cybersecurity Workshop with the United States, industry partners, and other countries. ACCP also has an extension called the ASEAN-Singapore Cybersecurity Centre of Excellence (ASCCE). ASCCE is tasked with conducting research and training in cyber law and policies, providing CERT-related technical training, and conducting virtual cyber defense training exercises to deepen the region’s cybersecurity capabilities. It has been operational since 2020 and has so far hosted hundreds of senior officials from ASEAN and other partners for training programs in Singapore.
Another ASEAN capacity-building program is the ASEAN Defense Ministers’ Meeting Cybersecurity and Information Centre of Excellence (ACICE). ACICE prioritizes confidence-building, information-sharing, and capacity-building efforts between ASEAN defense establishments on cyberattacks, disinformation and misinformation. It has a Singaporean Executive Director, but its Advisory Board includes individuals from all member states. ACICE includes Cybersecurity, Information, and Research centers; the first two facilitate discussions with cyber and information security experts and produce reports, and the third conducts long-term research with academic and think tank experts on the defense impact of digital and information technologies. Since its establishment in 2021, ACICE has published monthly reports on regional cybersecurity threats and trends to promote early warning, timely response and mitigation of cyberattacks. It also launched a Malware Information Sharing Platform (MISP) in February 2023 to allow AMS to share timely cybersecurity threat information.
ASEAN also has the defense-focused ASEAN Cyber Defense Network (ACDN). ACDN’s mission is to link the cyber defense centers of all member states, assist in the development of new centers, and identify gaps in information sharing. ACDN will conduct joint exercises, physical visits, and close partnerships to achieve this mission. It also complements ACICE’s regional objectives, namely by distributing ACICE information with ASEAN member states. The ASEAN Defense Minister’s Meeting established ACDN in 2021, prompted by Malaysia, and the first in-person meeting was in Kuala Lumpur in 2023.
Malaysia also hosts the ASEAN Cybersecurity Resilience and Information Sharing Platform (CRISP). CRISP promotes cyber threat information-sharing between ASEAN central banks and support development of collective actions to mitigate these threats with member states that engage with CRISP. The Central Bank of Malaysia led member states in establishing and operationalizing CRISP by 2021. In a meeting of the 10th ASEAN Finance Ministers’ and Central Bank Governors’ Meeting in 2023, ministers praised CRISP’s work on enhancing capacity building through incident handling simulations, cyber threat exercises, information sharing in threats and initiatives, and discussions of cyber toolkits for mitigating cyber risks.
ASEAN has also received support from close allies as it develops its cybersecurity initiatives, such as Japan through the ASEAN–Japan Cybersecurity Capacity Building Centre (AJCCBC). The AJCCBC is the physical location providing cybersecurity training for ASEAN member states. AJCCBC aims to increase ASEAN’s cyber workforce to 700+ individuals over four years by providing trainings and other activities. It is funded by the Japan-ASEAN Integration Fund (JAIF), a fund established in 2006 to promote and support cooperation between ASEAN and Japan, among other objectives. It was established in 2017 and is located in Thailand.
Cybersecurity will continue to be an emerging and important arena of cooperation and dialogue for ASEAN member states. These initiatives can guide member states as they bolster regional cyber threat information and cybercrime intelligence sharing and enhance cyber capacity-building efforts.
[1] Digital integration in the ASEAN Digital Integration Index is measured by 6 categories: Digital Trade and Logistics, Data Protection and Cybersecurity, Digital Payments and Identities, Innovation and Entrepreneurship, and Institutional and Infrastructure Readiness. The author added the total scores across all 6 categories and divided the total by 6 to find the average.
