ASEAN, EU should work more closely tackling maritime cybercrime

The regional bloc in Bangkok launched the ASEAN Outlook on the Indo-Pacific ( AOIP ) in 2019, which focuses on four areas of collaboration spanning maritime, connectivity, Sustainable Development Goals, economic, and other potential sectors of cooperation. & nbsp,

The Association of Southeast Asian Nations emphasizes maritime cooperation even more in the first edition of the ASEAN Maritime Outlook( AMO ), which was published in early August. & nbsp,

AMO, probably ASEAN’s second step in making its Indo-Pacific moves more significant, is a well-written policy document covering marine issues in accordance with the institutional architectures of the regional bloc. It acts as the policy directive for the leaders, policymakers, regional bodies, and dialogue partners in assessing the current and upcoming challenges managed by various sector-based bodies.

With AMO, ASEAN demonstrates its dedication to furthering marine cooperation and looking into ways to provide its member states with technical and financial support to improve their capabilities. The safety setup of one of ASEAN’s corporate partners, the European Union, seems to fit together with its needs like a puzzle.

The EU emphasizes six enhanced objectives in the most recent revision of its Maritime Security Strategy ( EUMSS ). One of them is to educate and train civilians in particular education programs in order to increase cross and computer security credentials, particularly among its non-EU partners.

After all, thanks to the success of its” Operation Atalanta,” which was launched in 2008 to combat pirates in the Gulf of Aden alongside the North Atlantic Treaty Organization and other East Asian nations through mutual activities, diplomacy, and capacity-building, the EU has a quite exceptional reputation for maintaining and enhancing maritime security throughout the Asian continent.

Secondly, if the two most significant regional organizations were to become more institutionalized in their cyber-maritime assistance, it would not be the first time that both organizations had engaged in cybersecurity-related partnership.

The 2019 EU-ASEAN Statement on Cybersecurity Cooperation, which the EU and ASEAN jointly launched, represents the long-term responsibility of both parties to support security growth, change best practices, and advance digital literacy and norms across numerous channels and activities.

However, the EU and ASEAN may step up their efforts to combat cyber-maritime participation because offences escalate and thrive in high-level disputes, particularly in the face of continued global tensions like the Russian invasion of Ukraine, China and the US conflict, and post-pandemic global economic recovery woes.

For instance, as Russia started turning to its Asian neighbors for assistance, there is always a danger of regional and substitute spillover of the war in the northeastern sphere.

No defensive Southeast Asia

Southeast Asia is still the” next front” on maritime cyber-catastrophes, despite how fancy it may seem to a person.

In this regard, the NotPetya affair is relevant. On June 27, 2017, Ukraine launched NotPetya, the deadliest state-sponsored malware the world has ever seen. This had a significant global impact on other foreign and international businesses operating there.

The Danish-based Maersk Line, the largest shipping company in the world, suffered a loss of about US$ 300 million at the time. The system closing rendered almost half of its 76 world terminals, which are spread across nations from the Americas to Central Asia, inoperable, preventing them from receiving the required electronic data interchange records from approaching boats.

Also, due to the damaged infrastructure, vehicles headed for the waterways were unable to provide.

The domino effect started when an aristocracy hacking group connected to the Kremlin called Softworm inserted an illegal wormhole in the servers of a Russian software company that sold products like MeDoc, which are frequently used by companies and accounting firms operating within the state.

The malware took less than a minute to break down the system of significant Ukrainian industries, including banks and hospitals, on the day of the attack. Therefore, it didn’t take long for it to spread to large corporations that had MeDoc program installed on their computers, including Maersk’s business in the port town of Odessa in Ukraine.

The total amount of harm done to other victims, including Merck, FedEx, Mondelez, Reckitt Benckiser, and Saint-Gobain, according to the White House calculate, was a staggering$ 10 billion.

Such was the magnitude of the Russian-originating malware’s dangerous power; rather than seeking financial gain like ransomware does, it was designed to issue political warnings to nations that supported Ukraine in its initial invasion of Ukraine.

Worse yet, there is always a possibility that equally dangerous cyber-weapons will return at any time or location in the future for an unknown number of reasons, disrupting networks in land, sea, and air spaces and ultimately causing negative losses of assets, properties, as well as, of course, globally interconnected economies via the complex supply chain networks.

Preventative measures are required.

There haven’t yet been any immediate and strong crime threats of this magnitude in Southeast Asia. The only moment it even came close to one was in 2017, when Maersk cargo ships blocked delivery roads and ports due to its end operation’s immobilized sites.

Without proper preventive measures and policies, the South Eastern coastal region— which is home to some of the busiest marine straits in the world — could be extremely vulnerable to coastal cybercrime activities. This could very well expose it to irreparable negative effects. & nbsp,

Since these marine passageways have been the focus of attention in the Southeast Asian local coastal insecurities, maritime crimes like theft, fraud, terrorism, illegal immigration, and trafficking are nothing new. & nbsp,

However, these worries are not as serious as those posed by cyber-borne threats, which have no physical limits and have the potential to have severe effects on global economic activity, especially in light of the increasing level of digitization in nautical infrastructures and sectors.

Although the ASEAN Cybersecurity Cooperation Strategy ( 2021 – 2025 ) places a strong emphasis on strategic planning for increased capacity-building, coordination, and cooperation among member states to develop secure cyberspace in the region, the regional bloc actually consists of different levels of cybercapabilities and experiences in each nation, as well as lacked infrastructure, cyberexpertise, etc.

Despite how alarming it may sound, ASEAN’s capacity deficiencies in dealing with marine cyber-threats are clear, leaving its members resilient in the face of a world that is becoming more and more digitized and robotized, and which is already moving toward artificial intelligence and hybrid warfare techniques. & nbsp,

If ASEAN’s policies are not supported by sufficient pre-emptive measures and vigilant local consensus against the known and unknown threats, it may become a sitting duck in maritime matters generally and maritime-cyber matters in particular.

The EU Budapest Convention on Cybercrime, which enables practitioners in the witness states to discuss knowledge and forge valuable connections for participation in different fields as well as during emergencies, does not have a local security framework like ASEAN does.

The experience and high standards, such as those for data protection, are even worth working with. The EU may contribute to sharing experiences with regional frameworks to combat cybersecurity threats.

Simply the Philippines has ratified the ASEAN Convention as of right now out of the group’s 10 people. If ASEAN wants to collaborate with the EU on coastal computer security, it should do nicely to guarantee its commitment to the cause going forward.