Author: Adam Leong Kok Wey, National Defence University of Malaysia
In the face of increasing cyber threats and attacks in some Southeast Asian states, ASEAN formally initiated a cyber security working group in 2016. The formation of this working group was an important step towards regional cooperation in tackling cyber threats. Yet cyber attacks, especially cyber crimes and cyber espionage, continue at an increasing rate. Terrorists’ increasing use of cyber technology to conduct intelligence operations, information warfare and sabotage poses one of the greatest contemporary security risks to ASEAN members.
Such risks need to be addressed urgently. As a subsequent step, the working group could set up a ASEAN Cyber Defence Centre (ACDC). Such a centre would play a pivotal role in managing cyber threats in the region, as a one-stop centre for ASEAN cyber defence activities — whether in the form of training, intelligence sharing, emergency response or joint cyber defence and offence operations. The centre’s main objective is to deter and repel cyber threats from terrorist organisations, and its secondary objective is to act as a collaborative confidence-building platform for ASEAN.
The proposed centre could draw upon ASEAN’s experience in cooperative natural emergency response. In the wake of Cyclone Nargis, which hit Myanmar in 2008 and killed at least 130,000 people, ASEAN set up an Emergency Rapid Assessment Team (ASEAN-ERAT). The grouping serves to harmonise disaster relief operations by reducing confusion and delays, and optimising assets and manpower deployment. ASEAN-ERAT is now managed by the ASEAN Coordinating Centre for Humanitarian Assistance on Disaster Management (AHA Centre), a comprehensive regional centre to manage and respond to natural disasters. The AHA Centre is a succinct example of how ASEAN can collaborate and share its resources, and set up a structured, centralised command and control centre.
The respective cyber defence commands of all ASEAN states will be members of the proposed ACDC, making it a purely military-run outfit. Cyber defensive measures will involve collecting intelligence on terrorist activities; warning of potential cyber hacks and sabotage; updating and developing firewalls, anti-viruses, anti-malware, anti-ransomware and other countermeasures against cyber threats; responding to information and propaganda by terrorist organisations; and sharing expertise and intelligence among ASEAN members.
Cyber offensive action will involve taking down websites of terrorist organisations, blocking attempts by terrorists to infiltrate networks, repelling cyber sabotage by terrorists, and conducting cyber attacks against terrorists’ own cyber networks, platforms and systems. The ACDC will also provide intelligence to respective defence organisations to conduct attacks on physical infrastructure, and capture or kill terrorists.
The ACDC’s combined operations approach will entail sharing resources and joint training of cyber defence personnel. As individual ASEAN members have differing levels of cyber competencies and infrastructure, the more advanced cyber nations in ASEAN can assist to develop the capabilities of the weaker members. This effort will lead ASEAN militaries and defence agencies to unprecedented levels of cooperation and defence diplomacy.
The ACDC will also develop an ASEAN Cyber Defence Information Network to provide an up-to-date database of all cyber attacks and threats reported in the region. This database will be used for analysis and cyber alerts, and freely shared between member states.
To overcome potential obstacles presented by the inconsistencies in — or lack of — ASEAN members’ domestic cyber laws, the ACDC can serve as a forum to jointly deliberate and formulate a consensual and unified cyber defence approach. Perhaps the ACDC may even be able to produce a non-binding legal framework on dealing with cyber threats, akin to the Tallinn Manual produced by NATO’s Cooperative Cyber Defence Centre of Excellence.
The working group also intends that the ACDC conduct regular executive courses and joint civil–military training on cyber defence. These joint cyber defence exercises would differ from physical military exercises that entail the movement of troops and hardware, and immense logistical support. Cyber defence exercises can be conducted in the virtual world, whereby ASEAN militaries conduct simultaneous cyber defence or offence training exercises via the internet.
Although terrorist cyber threats provide clear and immediate dangers to ASEAN member states, they also present the regional bloc with opportunities to build a more resilient and cooperative ASEAN. The proposed ACDC will, in a stroke, provide ASEAN defence organisations with a platform to collaborate, cooperate and build stronger defence ties in responding to common terrorist threats. The cyber defence centre augurs well for the future of ASEAN defence cooperation and, if implemented successfully, will provide a platform for a more unified and cyber connected ASEAN.
Adam Leong Kok Wey is Associate Professor in Strategic Studies and Deputy Director of Research in the Centre for Defence and International Security Studies, the National Defence University of Malaysia.