ASEAN Region Highly Vulnerable to Cybercrime

Banks and financial institutions need to take strong measures to counter the growing incidence of cybercrime in the ASEAN region

Last year, Dark Pink, a new advanced persistent threat (APT) group, successfully hacked the computer systems of military bodies, government ministries and agencies, and religious and non-profit organisations in seven countries including Cambodia, Indonesia, Malaysia, Philippines, and Vietnam.
The group used spear-phishing emails — or emails that are ostensibly sent from a known sender to induce targeted individuals to reveal confidential information — and a sophisticated, custom-designed toolset to exfiltrate sensitive corporate, government, audio, and messenger data from infected devices and networks.
Cybersecurity threats in the ASEAN region are growing and spreading to the financial services and banking sectors given the increase in online, mobile, and open banking, and the rising popularity of fintech applications.


Take the case of Indonesia, which witnessed nearly 1 billion cyberattacks in 2022, according to the country’s National Cyber and Encryption Agency (BSSN). Some 2.3 million of the 3 million mails that Bank Indonesia, its central bank, receives monthly are malicious, and last December, it reported a ransomware attack that it triangulated before it could disrupt operations.

Meanwhile, Singapore witnessed a 25% increase in scams and cybercrimes in 2022 over the previous year, according to the Singapore Police Force. The country’s central bank asked its second-largest lender, Oversea-Chinese Banking Corp (OCBC), to maintain additional capital of S$330 million for operational risks in 2022 after it reported S$13.7 million in losses following a phishing scam that affected 790 customers. The bank made goodwill payouts to affected customers.

Malaysia, too, reported several data breaches in 2022 including the theft of personal details of 22 million Malaysians allegedly from the National Registration Department and a sophisticated data intrusion at an online payment provider.

According to IBM Security’s threat intelligence index, Asia was the most targeted region for cyberattacks in 2022, and Singapore-based cybersecurity firm Group-IB too has identified the Asia Pacific region as a “key arena” of APT activity.


Emails, spear-phishing campaigns, and smishing attacks via mobile text messaging are the most common methods used by hackers to gain access to networks.

Phishing has become more sophisticated with hackers using machine learning to create convincing phishing emails that will appeal to specific targets. Hackers are also using new methods to deliver the malware in phishing emails such as through OneNote attachments.

Then, there’s the rise of ransomware-as-a-service and growth in artificial intelligence-driven malware and spam. Business email compromise attacks are also on the rise.


The best way to deal with a risk is understand it. So also with cybercrime. Banks and financial institutions need to stay abreast of advancements in cybercrime to take appropriate steps to secure their IT infrastructure, networks, and applications, including using AI to detect cybercrime.

A multi-layered approach helps maintain cyber-hygiene. This includes multi-factor authentication, anti-malware mechanisms, robust patching, network and system segmentation, incident response procedures, regularly tested business continuity back-up plans, and importantly, education and awareness programmes for employees and customers.

Cybersecurity firm Akamai estimates that around 80% of cyber-attackers target customers of financial firms for monetary gain. A strong awareness campaign can enable them to identify phishing emails.

The points of entry for hackers have also risen as banks are increasingly on the cloud, share data with fintech firms, or rely on third-party service providers. ASEAN banks and financial institutions need to collaborate with their partners and service providers and also across borders to build cyber resilience. They can draw lessons from the upcoming implementation of the Digital Operational Resilience Act (Dora) in the Euro region, which will lay down regulatory requirements for enhancing security in the financial sector, including on cyber-threats and information sharing.

With DORA, the European Union (EU) is looking to standardise risk management requirements and processes for reporting cybersecurity incidents. Under it, all EU-regulated financial institutions are required to monitor and report security events, and tech service providers are subject to oversight by European regulators. It may not be possible to eliminate cybercrime, but financial firms can certainly reduce the risks.


About the Author

Kavita Panda
Chief Operating Officer | Profile

Kavita Panda is our Chief Operating Officer and Country Manager for India. Kavita was Executive Director of The Walt Disney Company India, wherein, she spent a decade and half in various business roles across Content Syndication, Licensing and Merchandising, Solution Sales and Advertising Sales.