The pandemic has opened up vast opportunities for cybercriminals worldwide, but South-east Asia is under-reacting, concludes the UN.

In South-east Asia (SEA), ransomware attacks in 2021 have already incurred US$20bn in damages.

As an illustrative example, AXA’s subsidiaries in four countries in the Philippines, Hong Kong, Malaysia, and Thailand were targeted by cybercriminals for a ransomware demand of US$20m.

In response to such incidents, United Nations Office on Drugs and Crime (UNODC) made use of funding from the Japanese government to conduct regional training on ransomware investigation last October. Participants in the training included law officers, prosecutors, and cybercrime inspectors from the aforementioned countries.

Summing up the cybersecurity crisis, the UNODC’s Cybercrime and Cryptocurrency Advisor for Southeast Asia and the Pacific, Alexandru Caciuloiu, said: “Ransomware attacks have skyrocketed in the past years, increasingly targeting critical national infrastructures, disrupting business processes, and compromising vital data required to function. There needs to be a collaborative and coherent response to these threats, and UNODC has been working closely with Member States to strengthen their national and cross-border operational capacity to respond to ransomware.”

Darknets and the Dark Web

Earlier in the year, the UNODC had issued a report on SEA, revealing that Dark Web forums had increased during the pandemic, making it possible for both sellers and buyers to remain anonymous.

The anonymity is aided by the use of cryptocurrency, particularly Bitcoin, and also privacy coins like Litecoin and Monero.

UNODC’s Chief of the Cybercrime and Anti-Money Laundering Section, Neil J. Walsh, explained: “The pandemic appears to have further exacerbated the trend, even (attracting) criminals with no prior cyber experience. Dark Web forums normally dedicated to narcotics trading have begun offering COVID-19-related merchandise including fraudulent COVID-19 vaccines, hydroxychloroquine, and personal protective equipment. New users have also started seeking support from more experienced darknet criminals about criminal opportunities. The threat is increasing, and UNODC is committed to counter this criminality.”

Another regional UNODC representative, Jeremy Douglas, noted the need for a region-wide strategy to counter cybercrime: “In recent years, anonymous darknet marketplaces have provided safe havens for organized crime groups to openly advertise illicit commodities, and (the pandemic) has accelerated the trend. It is undeniable that a regional counter-darknet cybercrime strategy is needed that improves cross-border cooperation, law enforcement capacity and results.”

The darknet is also the haven of sex criminals or those who spread, produce, or possess child pornography materials. The UNODC report stated that arrests of such deviants resulted from international investigations outside the region, and not within the region.

Four SEA pandemic cyber trends

The UNODC has finalized its observations of the cybersecurity situation (with special mention of online sex crimes against children) in the region amid the pandemic:

  1. There is currently no uniform method of gathering data, nor reporting of, cybercrime and, in particular, online child sexual abuse and exploitation in SEA.
  2. SEA cybercriminals seek to profit from the accelerated digitalization of society.
  3. Online child sexual exploitation, compounded by the pandemic, continues to rise.
  4. The COVID-19 pandemic, and subsequent responses, has created a wealth of opportunities for cybercriminals. 

In light of these conclusions, the UNODC recommends cooperation between states, prioritizing responses to high-impact and victim-centric cybercrimes, capacity-building, and public awareness:

  • Enhance coordination and international cooperation between and within states
    There is an urgent need, recognized in the UN Crime Congress Kyoto Declaration, to enhance coordination and international cooperation to effectively prevent and combat the growing threat of cybercrime. The lack of uniformity of data collection methodology in SEA hinders a unified response, obfuscating the true scale of the phenomenon.
  • Countering online child sexual exploitation and high impact cybercrime should be prioritized With an accurate picture-of-threat and reporting mechanisms, the true scale of the phenomenon can be gauged, thus enabling authorities to triage and direct resources towards the crimes that cause the most serious harms. These crimes pose the greatest threats to children, livelihoods, well-being, and societal development. Government officials, the private sector, civil society, and the general population must be routinely sensitized to the cybercrime threats that impact the region. With a better understanding of the threat, everyone can respond more effectively to the challenges faced in the region.
  • Increase capacity-building efforts to counter cybercrime
    Well-trained-and-equipped counter-cybercrime and cybersecurity professionals are an essential resource in the fight against cybercrime. Regular training, mentoring and equipment upgrades will improve capacity across government and industry in this constantly evolving digital space. This will further ensure the integration of capacity-building into pre-established mechanisms such as the ASEAN Senior Officials’ Meeting on Transnational Crime, its Working Group on Cybercrime, the ASEAN Declaration to Combat Cybercrime and the Plan of Action to Implement the Joint Declaration between ASEAN and the United Nations (2021-2025).
  • Strengthen cooperation mechanisms and public-private partnerships between sea countries Taking the UN Crime Congress Kyoto Declaration into account, SEA states should promote, at the national, regional and international levels, with due respect for domestic legal frameworks and the principles of international law, public-private partnerships with the digital industry, the financial sector and communication service providers in order to enhance international cooperation to combat cybercrime.

The paper concluded that “increasing and improving mechanisms for effective cooperation, trust and coordination can create a powerful collaborative environment, delivering an effective, robust, and lawful response to the cybersecurity threats of the future by fostering open dialog, consensus, and the participation of all relevant stakeholders.”