An anti-cybercrime operation led by Interpol has revealed nearly 9,000 malware-infected servers and hundreds of compromised websites in Southeast Asia, the body revealed on April 24. The operation offers yet more evidence of the scale of the cyber challenge faced by Southeast Asian states and the urgent need of countermeasures to tackle it.
As I have written before, Southeast Asian states as well as ASEAN as a grouping have been grappling with a growing cyber threat. Indeed, even Singapore, which had already been devoting significant attention and resources to addressing the problem, saw the first-ever publicly disclosed hacking of its defense ministry’s Internet-connected system in February which led to the theft of personal data of hundreds of employees.
In response, countries have been stepping up efforts to deal with the challenge over the past few years through various means, including boosting their capabilities and working more with each other and extraregional partners. Examples abound, whether it is Indonesia’s effort to create a new cyber agency, Singapore’s new ASEAN Cyber Capacity Program (ACCP) announced at the inaugural ASEAN Ministerial Conference on Cybersecurity last October, or the Philippines’ proposal to establish a cyber security working group within the ASEAN Defense Ministers Meeting Plus (ADMM-Plus) that was accepted recently (See: “Singapore Unveils New ASEAN Cyber Initiative”).
The operation by the Interpol Global Complex for Innovation, a cutting-edge research and development facility that opened in Singapore in 2014, provides additional evidence regarding how pervasive cybercrimes are in the region as well as the threats they pose. According to a statement released by Interpol on Monday, it highlighted threats posed by 8,800 active command and control (C2) servers in eight ASEAN countries, which include various malware families including those targeting financial institutions, spreading ransomware, and launching Distributed Denial of Service (DDoS) attacks and distributing spam. It also showed that nearly 270 websites were infected with a malware code, including several government websites that may have contained citizen’s personal data.
The Interpol-led operation brought together investigators from seven ASEAN countries – Indonesia, Malaysia, Myanmar, Philippines, Singapore, Thailand, and Vietnam – to share information on specific cybercrimes in each country, with cyber intelligence also provided by China. And in a demonstration of the importance of public-private sector cooperation in the cyber realm, the operation had inputs from seven private sector companies – Trend Micro, Kaspersky Lab, Cyber Defense Institute, Booz Allen Hamilton, British Telecom, Fortinet and Palo Alto Networks – which took part in pre-operational meetings to help develop actionable information packages.
According to Interpol, the information provided by the private sector and cyber issues highlighted by participating countries enabled specialists from Interpol’s Cyber Fusion Center to product 23 “Cyber Activity Reports” which highlight various threats and types of criminal activity identified as well as recommended actions to be taken by the relevant national authorities.