SlideShare a Scribd company logo

Cybersecurity in ASEAN and Singapore Columbia - Lecture for Columbia SIPA 2023.pdf

Benjamin Ang
Benjamin Ang

Lecture on cybersecurity in ASEAN and Singapore - Definitions of cybersecurity in ASEAN (vs western definitions) - Cyber threat landscape in ASEAN / types of cyber incidents and cyber crime in ASEAN Why ASEAN is vulnerable - Characteristics of ASEAN in cyberspace non-interference, sovereignty non-attribution of cyber attackers - ASEAN cooperation in cyberspace AMCC (ASEAN Ministers Cyber Conference) ACICE (ADMM Cyber Info Centre of Excellence) INTERPOL

Related slideshows

NIST CSF Overview
NIST CSF OverviewNIST CSF Overview
NIST CSF Overview
 
Introduction to NIST’s Risk Management Framework (RMF)
Introduction to NIST’s Risk Management Framework (RMF)Introduction to NIST’s Risk Management Framework (RMF)
Introduction to NIST’s Risk Management Framework (RMF)
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity framework
 
1 of 28
Download to read offline
CYBERSECURITY AND INTERNATIONAL SECURITY IN ASEAN AND SINGAPORE Benjamin Ang Head, Centre of Excellence for National Security and Future Issues in Technology; Head, Digital Impact Research RSIS | NTU | Singapore
OUTLINE 1. What does ‘cybersecurity’ mean in ASEAN? 2. Types of cyber threats in ASEAN 3. What are the characteristics of ASEAN cyberspace? 4. How do ASEAN member states cooperate in cyberspace?
DEFINITIONS Cybersecurity in the West Confidentiality - Data breach (e.g., OPM) Integrity - Critical infrastructure (e.g., water) Availability - DDOS - Ransomware (e.g., MGM Grand, Colonial pipeline) Priorities in ASEAN Cybercrime and scams Child pornography ‘Fake news’
TYPES OF CYBER THREATS IN ASEAN
SERVICES IN ASEAN AT RISK Source: Palo Alto ASEAN State of Cybersecurity Report 2023
Source: Palo Alto ASEAN State of Cybersecurity Report 2023 IOT, PERSONAL DEVICES, DIGITAL TRANSACTIONS AT RISK
CYBER THREAT LANDSCAPE FOR ASEAN Palo Alto State of Cybersecurity Report ASEAN 2022
Cybersecurity in ASEAN and Singapore Columbia - Lecture for Columbia SIPA 2023.pdf
CYBER INCIDENTS IN ASEAN 2020 - 2023 Data breach in Malaysia personal information of over 13,000,000 allegedly from Maybank, Astro Indonesia data breach over 1,000,000,000 Indonesian SIM card data, sold on Dark Web by Bjorka Singapore data of an alleged 2,600,00 user accounts from online marketplace Carousell, sold on Dark Web
RANSOMWARE CASES IN ASEAN 2020
APTS TARGETING ASEAN FOR ECON/GEOPOL INTELLIGENCE APT Target countries Target entities FunnyDream (C) Malaysia, Philippines, Thailand, Vietnam High-level government organisations; political parties Platinum Indonesia, Malaysia, Vietnam Diplomatic and government entities Cycldek (C) Laos, Philippines, Thailand, Vietnam Government, defence, and energy sectors HoneyMyte Myanmar, Singapore, Vietnam Government organisations Finspy Indonesia, Myanmar, Vietnam Individuals PhantomLance Indonesia, Malaysia, Vietnam Entities Zebrocy (R) Malaysia, Thailand Entities [source: Kaspersky]
CYBERCRIME IN ASEAN INTERPOL ASEAN Cybercrime Operations Desk reported increase in 2019 Botnets Phishing Business email compromise (BEC) Banking malware Ransomware Cryptojacking Vulnerability is due to Quicker digital transactions Greater internet connectivity Growing digital economies Asia becoming digital asset hub Lacking cybersecurity investment Low awareness Source: INTERPOL
CASE STUDY: CYBER THREAT LANDSCAPE FOR SINGAPORE 2022 Phishing • 8500 • Double from 2021 Ransomware • 132 • 4% less than 2021 Infected Infrastructure • 81,500 • 13% less than 2021 Website Defacement • 340 • 19% less than 2021
INFORMATION THREATS IN ASEAN Threat actors  Buzzers (PR companies)  Cyber Troops (government backed)  Cyber criminals (and call centres)  Great powers Examples of information operations  COVID-19 pandemic  Russia / Ukraine war  Israel / Hamas war Drivers  Pro-western sentiment  Anti-western sentiment  Islamist extremists
RECENT DEVELOPMENTS IN ASEAN THAT ACCELERATED CYBER THREATS Changes Pandemic WFH Pandemic forced digital transformation More IOT (Smart everything) US-China Great Power Competition Impact More targets online More data on insecure systems used by vulnerable people More reliance on networks Impact on supply chains Benjamin Ang | Centre of Excellence for National Security | RSIS CYBERSECURITY AND NATIONAL SECURITY
CHARACTERISTICS OF ASEAN IN CYBERSPACE
ASEAN PRINCIPLES & PRIORITIES Mutual respect Non-interference Sovereignty ASEAN states do not pool sovereignty like the European Union  sovereignty and non-intervention are a defence against neo-colonialism Priorities for cooperation  Economic  Political  Security
ASEAN MEMBERS ARE DIFFERENT Different legal systems (common, civil, hybrid) Different political systems (democratic, communist, military) Different languages and cultures Different economic and cyber levels Different alliances (US, Russia, China) Different interpretations of cyber
CASE STUDY: VIETNAM AIRPORT SCREENS HACKED Cyberattack by 1937CN? 1 They denied responsibility Vietnam Government tells cyber community to show restraint after attack 2
CASE STUDY: SINGAPORE’S HEALTHCARE SYSTEM Personal data of 1.5 million patients, including Prime Minister Lee 3 “Deliberate, targeted and well- planned cyber attack … not the work of casual hackers or criminal gangs" 4 “We are not able to reveal more because of operational security reasons”5
SYMANTEC CALLS SINGHEALTH HACKER ‘WHITEFLY’ ‘Whitefly’ launched targeted attacks against multiple organizations 8 CSA comment “As this is an independent investigation report by a commercial entity, we have no comment on its contents.”9
WHY DIDN’T THEY IMPOSE CONSEQUENCES? Difficulty of attribution? Lack of capacity to impose consequences? Diplomatic Informational Military Economic Financial Intelligence Legal Power imbalance or economic dependence?
ASEAN COOPERATION IN CYBERSPACE
AMCC DECISIONS Adopted Norms Support development of cyber norms, referring to 2015 UNGGE 2016 Propose mechanism Singapore would propose a mechanism to enhance ASEAN cyber coordination 2018 Agree to move Agreed to move forward on a formal cybersecurity coordination mechanism 2019 Checklist Singapore + United Nations to draw up a checklist of steps to implement cyber norms 2020 Design by PresentationGo
2020 AMCC AGREES TO ACTION ON NORMS Singapore + United Nations to draw up a Norms Implementation Checklist with ASEAN ASEAN to share its experience and knowledge with the UN SG + Malaysia to start Regional Action Plan (RAP) Matrix
PROGRAMMES IN MOTION IN ASEAN Capacity Building Programmes ASEAN-Singapore Cyber Centre of Excellence (ASCCE) ADMM Cyber Info Centre of Excellence (ACICE) ASEAN-Japan Cybersecurity Capacity Building Centre in Thailand UN-Singapore Cyber Programme (UNSCP) Capacity building with US, NL, UK, AU Confidence Building Measures Joint training between Member States to improve communication ACID Drill (ASEAN CERT Incident Drill)
CYBERCRIME COOPERATION IN ASEAN Interpol Cyber Capabilities & Capacity Development Project Operation Night Fury (2019-2020) - malware targeting e-commerce websites in ASEAN - arrest of three individuals in Indonesia Operation Goldfish Alpha (2019) - region-wide operations against cryptojacking targeting routers - located infected routers, alerted victims and assisted with patching 78% of the identified devices
WHAT ARE YOUR TAKEAWAYS?

More Related Content

Cybersecurity in ASEAN and Singapore Columbia - Lecture for Columbia SIPA 2023.pdf

  • 1. CYBERSECURITY AND INTERNATIONAL SECURITY IN ASEAN AND SINGAPORE Benjamin Ang Head, Centre of Excellence for National Security and Future Issues in Technology; Head, Digital Impact Research RSIS | NTU | Singapore
  • 2. OUTLINE 1. What does ‘cybersecurity’ mean in ASEAN? 2. Types of cyber threats in ASEAN 3. What are the characteristics of ASEAN cyberspace? 4. How do ASEAN member states cooperate in cyberspace?
  • 3. DEFINITIONS Cybersecurity in the West Confidentiality - Data breach (e.g., OPM) Integrity - Critical infrastructure (e.g., water) Availability - DDOS - Ransomware (e.g., MGM Grand, Colonial pipeline) Priorities in ASEAN Cybercrime and scams Child pornography ‘Fake news’
  • 5. SERVICES IN ASEAN AT RISK Source: Palo Alto ASEAN State of Cybersecurity Report 2023
  • 6. Source: Palo Alto ASEAN State of Cybersecurity Report 2023 IOT, PERSONAL DEVICES, DIGITAL TRANSACTIONS AT RISK
  • 7. CYBER THREAT LANDSCAPE FOR ASEAN Palo Alto State of Cybersecurity Report ASEAN 2022
  • 9. CYBER INCIDENTS IN ASEAN 2020 - 2023 Data breach in Malaysia personal information of over 13,000,000 allegedly from Maybank, Astro Indonesia data breach over 1,000,000,000 Indonesian SIM card data, sold on Dark Web by Bjorka Singapore data of an alleged 2,600,00 user accounts from online marketplace Carousell, sold on Dark Web
  • 10. RANSOMWARE CASES IN ASEAN 2020
  • 11. APTS TARGETING ASEAN FOR ECON/GEOPOL INTELLIGENCE APT Target countries Target entities FunnyDream (C) Malaysia, Philippines, Thailand, Vietnam High-level government organisations; political parties Platinum Indonesia, Malaysia, Vietnam Diplomatic and government entities Cycldek (C) Laos, Philippines, Thailand, Vietnam Government, defence, and energy sectors HoneyMyte Myanmar, Singapore, Vietnam Government organisations Finspy Indonesia, Myanmar, Vietnam Individuals PhantomLance Indonesia, Malaysia, Vietnam Entities Zebrocy (R) Malaysia, Thailand Entities [source: Kaspersky]
  • 12. CYBERCRIME IN ASEAN INTERPOL ASEAN Cybercrime Operations Desk reported increase in 2019 Botnets Phishing Business email compromise (BEC) Banking malware Ransomware Cryptojacking Vulnerability is due to Quicker digital transactions Greater internet connectivity Growing digital economies Asia becoming digital asset hub Lacking cybersecurity investment Low awareness Source: INTERPOL
  • 13. CASE STUDY: CYBER THREAT LANDSCAPE FOR SINGAPORE 2022 Phishing • 8500 • Double from 2021 Ransomware • 132 • 4% less than 2021 Infected Infrastructure • 81,500 • 13% less than 2021 Website Defacement • 340 • 19% less than 2021
  • 14. INFORMATION THREATS IN ASEAN Threat actors  Buzzers (PR companies)  Cyber Troops (government backed)  Cyber criminals (and call centres)  Great powers Examples of information operations  COVID-19 pandemic  Russia / Ukraine war  Israel / Hamas war Drivers  Pro-western sentiment  Anti-western sentiment  Islamist extremists
  • 15. RECENT DEVELOPMENTS IN ASEAN THAT ACCELERATED CYBER THREATS Changes Pandemic WFH Pandemic forced digital transformation More IOT (Smart everything) US-China Great Power Competition Impact More targets online More data on insecure systems used by vulnerable people More reliance on networks Impact on supply chains Benjamin Ang | Centre of Excellence for National Security | RSIS CYBERSECURITY AND NATIONAL SECURITY
  • 17. ASEAN PRINCIPLES & PRIORITIES Mutual respect Non-interference Sovereignty ASEAN states do not pool sovereignty like the European Union  sovereignty and non-intervention are a defence against neo-colonialism Priorities for cooperation  Economic  Political  Security
  • 18. ASEAN MEMBERS ARE DIFFERENT Different legal systems (common, civil, hybrid) Different political systems (democratic, communist, military) Different languages and cultures Different economic and cyber levels Different alliances (US, Russia, China) Different interpretations of cyber
  • 19. CASE STUDY: VIETNAM AIRPORT SCREENS HACKED Cyberattack by 1937CN? 1 They denied responsibility Vietnam Government tells cyber community to show restraint after attack 2
  • 20. CASE STUDY: SINGAPORE’S HEALTHCARE SYSTEM Personal data of 1.5 million patients, including Prime Minister Lee 3 “Deliberate, targeted and well- planned cyber attack … not the work of casual hackers or criminal gangs" 4 “We are not able to reveal more because of operational security reasons”5
  • 21. SYMANTEC CALLS SINGHEALTH HACKER ‘WHITEFLY’ ‘Whitefly’ launched targeted attacks against multiple organizations 8 CSA comment “As this is an independent investigation report by a commercial entity, we have no comment on its contents.”9
  • 22. WHY DIDN’T THEY IMPOSE CONSEQUENCES? Difficulty of attribution? Lack of capacity to impose consequences? Diplomatic Informational Military Economic Financial Intelligence Legal Power imbalance or economic dependence?
  • 24. AMCC DECISIONS Adopted Norms Support development of cyber norms, referring to 2015 UNGGE 2016 Propose mechanism Singapore would propose a mechanism to enhance ASEAN cyber coordination 2018 Agree to move Agreed to move forward on a formal cybersecurity coordination mechanism 2019 Checklist Singapore + United Nations to draw up a checklist of steps to implement cyber norms 2020 Design by PresentationGo
  • 25. 2020 AMCC AGREES TO ACTION ON NORMS Singapore + United Nations to draw up a Norms Implementation Checklist with ASEAN ASEAN to share its experience and knowledge with the UN SG + Malaysia to start Regional Action Plan (RAP) Matrix
  • 26. PROGRAMMES IN MOTION IN ASEAN Capacity Building Programmes ASEAN-Singapore Cyber Centre of Excellence (ASCCE) ADMM Cyber Info Centre of Excellence (ACICE) ASEAN-Japan Cybersecurity Capacity Building Centre in Thailand UN-Singapore Cyber Programme (UNSCP) Capacity building with US, NL, UK, AU Confidence Building Measures Joint training between Member States to improve communication ACID Drill (ASEAN CERT Incident Drill)
  • 27. CYBERCRIME COOPERATION IN ASEAN Interpol Cyber Capabilities & Capacity Development Project Operation Night Fury (2019-2020) - malware targeting e-commerce websites in ASEAN - arrest of three individuals in Indonesia Operation Goldfish Alpha (2019) - region-wide operations against cryptojacking targeting routers - located infected routers, alerted victims and assisted with patching 78% of the identified devices