Skip to main content

Five Essential Facts about ASEAN Cybersecurity

April 19, 2016


Stacia Lee

The Association of Southeast Asian Nations (ASEAN) member countries have emerged among the world’s leading economies. The member states—Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar (Burma), Philippines, Singapore, Thailand, and Vietnam—have made the region a rapidly growing place to do business. However, this success has made the ASEAN countries especially vulnerable to cyber attacks. The International Policy Institute has produced a report of ASEAN’s current cybersecurity profile.

Five essential facts from that report are:

1. ASEAN member countries lost over $240 million to cybersecurity breaches in 2014.

ASEAN’s strong economy and lack of enforceable cybersecurity policy make it an ideal target for cybercriminals.

2. In developing ASEAN member countries such as Vietnam and Cambodia, piracy is a frequent source of a malware attacks, a problem which costs roughly $10.8 million in damages on an annual basis.

In spite of the risk associated with piracy, encounter rates are only increasing in these localities. In more developed nations, e-mail scams and hacking are serious security threats not only for ASEAN residents, but also for communities overseas. Scams operating in Thailand, the Philippines, and Indonesia, have all targeted individuals and banks abroad.

3. ASEAN’s critical infrastructure was the target of a decade-long hacking operation called APT30.

APT30 is believed to have been designed by the Chinese government to obtain information about the bloc’s geopolitical posturing. ASEAN member countries were seemingly unaware of the attack until the American security company FireEye uncovered the operation.

4. ASEAN member countries are diverse in their current cybersecurity capabilities, creating an opportunity for valuable knowledge sharing between states.

Singapore and Malaysia have some of the strongest national cybersecurity agencies in the world, while other member countries are unable to adequately fund CERTs and equip national security forces with adequate cybersecurity training.

5. ASEAN is showing promising signs of cybersecurity cohesion.

It is acting in unison at ASEAN-Japan and ASEAN-China Network Security summits, and its ICT Masterplans illustrate a roadmap for coordinated computer emergency responses, while ASEAN Conventions begin the process of legal uniformity on security issues.

Read the full report here

This publication was made possible in part by a grant from Carnegie Corporation of New York. The statements made and views expressed are solely the responsibility of the author.