19

Cybersecurity in ASEAN: An Urgent Call to Action

With economic interconnectedness, the region faces more systemic risk, a concept traditionally

applied to financial services. Systemic risk is defined as the risk that a cyber event cascades into

related ecosystem components, creating adverse effects in public health, safety, the economy,

or national security.

21

Recent cyber heists are game changing in their implications on regional

systemic risk, demonstrating that threat actors need not attack a core system to exploit its

weaknesses. Systemic risk took center stage with the hacking of banks in Bangladesh, Vietnam,

and Ecuador—exposing the entire SWIFT network of more than 11,000 banks (see sidebar:

Systemic Attack on SWIFT).

Further, as discussed, supply chain partners have the potential to be the weak links in any

company’s business operation. Even if companies can ensure the robustness of their own

cybersecurity operations, there is often limited visibility into the business partner ecosystem,

creating blind spots in data security. The challenges are twofold in the region: First, supply

chain partners are at varying levels of IT and security readiness, requiring significant

foundation-setting and training. Second, the adoption of security standards is as yet nascent,

and companies with a regional footprint as well as market entrants face the risk of differing

regulations by country, leading to inefficiencies in intraregional trade.

2.1.2Divergingnational priorities because of varyingpaces of digital evolutionwill foster

a pattern of sustainedunderinvestment

Despite the region’s interconnectedness, the networked readiness and pace of digital

evolution across ASEAN countries has been and is likely to continue to be much different

(see figure 15 on page 20).

As the region becomes increasingly digital, there will be a greater need to spend more on

cybersecurity. There is a strong correlation between the share of the digital economy and spend

SystemicAttack onSWIFT

Systemiccyber risk recentlycame

under scrutinywith thediscovery

of threeseparatehacking

incidentsagainstmember

institutionsconnectedto the

SWIFTnetworkatbanks in

Bangladesh,Vietnam, and

Ecuador, accountingformore than

$90million instolen funds. The

attacksdemonstratedthat the

applications that enable the

financialmessagingtraffic

betweenmemberbankscanbe

manipulatedandmisusedwhen

member institutionsdonot strictly

adhere to thesecuritystandards.

Previously, accessingtheSWIFT

network requiredbeingphysically

present at adedicatedterminal.

However, asbankingrequirements

andtechnologieshavechanged,

theability for financial institutions

toconnect to thisnetworkhas

changedaswell. Banksnow

leveragemultipleapplications,

resident onvarioususer

endpoints, to interfacewith the

SWIFTnetwork. Eachconnected

endpointpresentsanavenueof

attack for threat actors to fraudu-

lentlycreateandsendfinancial

messages. TheBangladesh

Central Bankhack isaprime

exampleof thissituation; a threat

actor infiltratedapoorlysecured

networkandusedanunsecured

endpoint tocarryout oneof the

largestbankheists inhistory.

Approximately 11,000 institutions

enjoyaccess toSWIFT, andthe

abilityof thenetwork towithstand

acyberattack isonlyasgoodas the

weakest link in thenetwork.

21

Understanding Systemic Cyber Risk

, World Economic Forum