An ASEAN Cyber Defence Centre? Cyber Defence Cooperation for ASEAN's Future Adam Leong Kok Wey

In the face of increasing cyber threats and attacks on some SEA states, ASEAN via the ADMM Plus (the ten Southeast Asian countries along with the United States, China, Australia, India, Japan, South Korea, New Zealand and Russia) has formally initiated a cyber security working group.  The formation of this working group is an important step towards regional cooperation in tackling cyber threats but cyber attacks continue at an increasing rate namely in cybercrimes and cyber espionage.  Increasing terrorist usage of cyber technology to conduct intelligence operations, information warfare, and sabotage poses one of the greatest risks for ASEAN members today and in the near future.  While cybercrime and recreation hacking can be countered by dedicated police action, dedicated cyber attacks by well-organized terrorist groups may become a new security risk for all ASEAN members.  This article will discuss within the context of countering cyber terrorism and propose ways for ASEAN to collaborate within the defence community to counter cyber terrorists.

Cyber terrorism as defined in this article is the utilization of cyber software and hardware to conduct terrorist activities – gathering intelligence, spreading of propaganda for subversion and sabotage. Cyber terrorists are known to use the cyber space to gather intelligence, not just by hacking into certain government and private databases but also using modern cyber and communications technology to conduct tactical reconnaissance.  For example, google maps can be used for tactical navigation, topographical and imagery intelligence. In the 2008 Mumbai attacks, the terrorists were known to have used maps available from the internet in planning their attacks.

The cyber domain has also been used by terrorists to spread their messages and hate propaganda to recruit new members, supporters and more dangerously, influence ‘lone wolf’ attackers. Terrorists can also use cyber technology to conduct cyber attacks in sabotaging key infrastructure targets such as the electrical power grid, traffic management systems, banking systems, aircraft and maritime navigation systems, and other vulnerable systems.  There are some suspicions today that some naval and merchant ships navigation systems had been hacked and deliberately modified leading to some ship collisions in the seas in the last year.  We shudder to imagine the day when terrorists acquire such skills to sabotage ships in the seas via cyber means. Although the know-how needed to conduct sophisticated cyber attacks by terrorists may be limited now, we can be sure that they will be learning fast and will soon be able to conduct complex and high-tech cyber attacks in the near future.

Such potential cyber threats and risks emanating from terrorists need to be addressed urgently now by the ASEAN Defence Community.  Hence, this author proposes for the setting up of an ASEAN Cyber Defence Centre as a one-stop centre for ASEAN cyber defence activities either by training, intelligence sharing, joint exercises, emergency response and joint cyber defence and offence operations.  This proposed Centre’s main objective is to deter and repel cyber threats by terrorist organizations, and its secondary objective as a collaborative confidence building platform for ASEAN.

The proposed centre can be build based on ASEAN’s experience in cooperation in natural emergency response. ASEAN has successfully build a comprehensive regional centre to manage and response to natural disasters. In the wake of Cyclone Nargis that hit Myanmar in 2008 which killed at least 130,000 people, ASEAN had set up an Emergency Rapid Assessment Team (ASEAN-ERAT) that assesses disasters and recommends the appropriate course of relief actions — such as water and sanitation, food, health, logistics and coordination of relief units. ASEAN-ERAT also serves to harmonise disaster relief operations by reducing confusion and delays and optimising assets and manpower deployment.

ASEAN-ERAT is now managed by the ASEAN Coordinating Centre for Humanitarian Assistance on Disaster Management (AHA Centre). The AHA Centre itself was formed in 2011 and is governed by the ASEAN Committee on Disaster Management. It even has its own strategic vision: ‘One ASEAN, One Response’. This succinct example of how ASEAN can collaborate and share its resources as well as setting up a structured centralised command and control centre proves that a similar ASEAN centralised cyber defence centre can be formed.

The proposed ASEAN Cyber Defence Centre (ACDC) will involve membership by all ASEAN members’ respective cyber defence command, a purely military run outfit to focus primarily on cyber defence issues and not cyber security. The ACDC will conduct both cyber defence and offense operations. 

Cyber defensive measures will involve collecting intelligence on terrorist activities, warning of potential terror cyber hacks and sabotage, updating and development of firewalls, anti-viruses, anti-malware, anti-ransomware, countermeasures against cyber threats on respective defence organizations, responding to information and propaganda by terrorist organizations, and sharing of expertise and intelligence for all ASEAN members.  Cyber offensive action will involve taking down of websites of terrorist organizations, block attempts by terrorists to infiltrate networks, repel cyber sabotage by terrorists and conduct cyber attacks against terrorists’ own cyber networks, platforms and systems.  The ACDC will also provide intelligence to respective defence organizations to conduct attacks on physical infrastructure and capture or kill terrorists located by ACDC’s cyber resources and support.

This combined operations approach will entail joint sharing of resources and training of cyber defence personnel.  As each individual ASEAN member has differing levels of cyber competencies and infrastructure, the more advanced cyber nations in ASEAN can assist to develop the capabilities of the weaker members.  The weaker members while learning and developing their own indigenous cyber defence capabilities and hardware can benefit from the better cyber defence capabilities of other ASEAN members in securing their cyber domains.  This joint cooperation will lead ASEAN militaries and defence agencies to new levels of military cooperation and defence diplomacy to unprecedented levels. 

The ACDC will also serve as a liaison unit between ASEAN and non-ASEAN countries involved in cyber defence in the region. For example ACDC can emulate and work with the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE) as well as cyber commands of the ASEAN Plus members.  The joint capacity and capabilities building program between these centres and commands will also drive new levels of cooperation, trust building and networking.

To further boost ACDC’s joint operational status, ACDC can also introduce standard operating procedures that will ensure smooth coordination and execution of emergency operations by the multitude of ASEAN agencies which have different languages and work cultures. The ACDC will also develop an ASEAN Cyber Defence Information Network (ACDefINET), which provides an up-to-date database of all cyber attacks and threats reported in the region. This database will be used for analysis and cyber alerts and freely shared between member states. To overcome potential obstacles in differing ASEAN members’ domestic cyber laws (or lack of) pertaining to cyber defence, the ACDC can also serve as a forum to jointly deliberate and formulate a joint consensual ASEAN cyber law to facilitate the region’s unified cyber defence approach. Perhaps, the ACDC may even be able to produce a non-binding legal framework on how to deal with cyber threats akin to the Tallinn Manual produced by NATO CCD COE.

The ACDC is also envisaged to conduct regular executive courses and joint civilian and military training on cyber defence for ASEAN members.  These joint military exercises differs from physical military exercises which will entail movement of troops and hardware as well as immense logistical support.  Cyber defence exercises can be conducted in the virtual world.  This will allow ASEAN militaries to conduct simultaneous cyber defence or offence training exercises by computers via the internet.  These exercises test the readiness of ACDC on cyber defence management and cyber emergency response, its cohesiveness and its ability to collaborate closely with other agencies, non-government organisations and civilian units. The ACDC will have a joint HQ centre and shall be jointly funded by all ASEAN members. The centre will be led by an ASEAN member and the leadership selected by rotational basis on a yearly term. Ultimately, each ASEAN member will be given the opportunity to lead the proposed centre.

Although cyber threats by terrorists today provide clear and immediate dangers to ASEAN Member States, it also presents the regional bloc with opportunities to build a more resilient and cooperative ASEAN, to new heights never imagined before.  The proposed ACDC will, in a stroke, provide ASEAN defence organizations a platform to collaborate, cooperate and build stronger defence ties in responding to common terrorist threats. The cyber defence centre will augur well for the future of ASEAN defence cooperation and if implemented successfully, will provide a platform for a more unified and cyber-connected ASEAN.