The 21st century is currently witnessing a technological renaissance unlike anything it has ever experienced before. The proliferation of new technologies like 5G network, Internet of Things (IoT), big data, blockchain and virtual and augmented reality are just some of the emerging game changers that will undoubtedly change our world in more ways than we can imagine. In terms of digital innovation and technological foresight, Asia has proven itself to be at the top of its class. Despite its rapidly growing digital economy, the many advantages that could be reaped by the region may potentially be overshadowed by the rising concerns of cybersecurity threats. In other words, the greater the success of the region’s digital economy, the greater the exposure to increasingly harmful cybersecurity breaches.
According to a report by the CNBC, the digital economy of Southeast Asia is predicted to hit US$ 200 billion by 2025. In fact, ASEAN members are more likely to add US$ 1 trillion to its GDP in the next decade or so. However, Southeast Asian nations are more at risk of facing challenges relating to cybercrimes and attacks. This issue could be attributed to a few reasons; firstly, the region, which is made up of emerging economies with differing socio-political landscapes, lack regulations and rules pertaining to data messages or electronic signatures; secondly, no specific legislation exists relating to the protection of consumers, intellectual property, networks or personal data; and finally, there are inadequate or almost no laws that can prosecute cybercrimes in an appropriate manner.
The high rate of internet penetration in the region in the last few years have made it easier for cyberattacks to occur, resulting in system failure and severe data breaches. The internet penetration rate in the Asia Pacific region jumped from 26% in 2010 to almost 50% in 2014. Some of the major cybercriminal activities that are prevalent in this region are software piracy, malware threats, social engineering and financial fraud, among others. Due to its unsecure and relatively weak infrastructure, ASEAN countries- specifically Vietnam, Philippines, Indonesia and Singapore – have become a hubs for the initiation of these attacks. One example of such an incident was the hijacking of two of Vietnam’s largest airports in 2016 by a Chinese hacking group known as 1937CN. The group managed to infiltrate the flight information screens and sound systems resulting in the broadcasting of anti-Vietnamese and Philippines slogans.
In Indonesia, cyberattacks are a daily occurrence with more than 50,000 cases and, after Vietnam, the country has a higher chance of being the target of cybersecurity breaches. Between the years 2010 and 2013, Indonesia experienced a staggering 3.9 million cases of cyberattacks and overtook China in terms of severity by the end of 2013.
More recently in 2018, Indonesia suffered 12.9 million cyberattacks, with many industry experts forecasting the inevitable increase of such crimes as the region undergoes digital transformation as part of the fourth industrial revolution. Based on Aon Asia’s 2019 Cyber Security Risk report, “the greatest challenge organizations will face is simply keeping up with and staying informed about the evolving cyber risk landscape.” This means that companies should do their best in deploying both preventative and remedial security measures as the likelihood of cybersecurity breaches in this day and age are inevitable, and as such, precautions need to be taken.
The regional director for commercial risk solutions at Aon Asia, Andrew Mahony said, “We’re looking at companies that collect large amounts of personal customer data and risk suffering significant losses if their systems go offline…Indonesia will see waves of vulnerabilities and exploits directed at smartphones instead of traditional desktop computers.”
In June of 2018, Singapore was dealt with what is now known as “the most serious breach of personal data” in the country’s history. The 2018 SingHealth data breach incident resulted in the illegal procurement of non-medical personal information from 1.5 million patients, while records of outpatient dispensed medicines were stolen from 160,000 patients. Several politicians, including Prime Minister Lee Hsien Loong, were also affected as their personal data was equally targeted.
In the era of 5G, it is imperative to protect data security as global interconnectedness becomes more and more of a reality. For ASEAN nations especially, there is an urgent need to develop a robust and impenetrable cybersecurity policy that would be responsible for improving cyber norms within their states. Additionally, collaborative efforts between cybersecurity policy academics and civil society are also needed to support governments working to build these cybersecurity networks.