Southeast Asia hosts strategic sea lanes like the Straits of Malacca and Singapore (SOMS), the South China Sea, and the Lombok-Makassar Straits, which are critical for the maritime trade and energy supplies of the East Asian countries. Nonetheless, these waterways are beset by various maritime non-traditional threats including maritime cybersecurity. The maritime domain has become more digitalised characterised by the complex interconnectivity between maritime information technology (IT) and operational technology (OT) systems and the increasing reliance on Internet connection. The Industrial Internet of Things (IIOT) era have brought tremendous benefits to the shipping industry and port operations in the midst of the COVID-19 pandemic; nevertheless, they also pose cybersecurity risks to the critical maritime transportation infrastructure and systems, which lead to severe implications.
In May 2020, Israeli hackers were accused of attacking the computer system of Shahid Rajaee port in Iran, causing a massive traffic congestion at the port. Moreover, North Korea allegedly carried out jamming attacks that lasted nearly a week against over 700 South Korean vessels resulting in the failure of Global Positioning System (GPS) signals reception in March 2016. Besides, shore-based IT systems of all of the “Big Four” shipping lines – Mediterranean Shipping Company (MSC), APM-Maersk, CMA-CGM, and China Ocean Shipping Company (COSCO) have been infected with ransomware and malware, which not only caused disruptions to their business operations but also leading to huge financial losses. These incidents, albeit not all took place in Southeast Asia, indicate the cross-border characteristic of cyberattacks. Therefore, bilateral or multilateral maritime cybersecurity cooperation should be strengthened, particularly in Southeast Asia whose busy shipping lanes are notably vulnerable to cyberattacks.
Among ASEAN itself, the member states have put considerable effort into strengthening inter-regional cybersecurity cooperation on confidence- and capacity-building as well as regulation- and norm-setting. At the 3rd ASEAN Ministerial Conference on Cybersecurity (AMCC), ASEAN member states have all pledged support to the 11 voluntary, non-binding norms set out in the 2015 report by the United Nations Group of Governmental Experts (UNGGE). Based on that, a draft of the ‘ASEAN Plan of Action on the Implementation Norms of Responsible States Behaviour in Cyberspace’ is currently under development by Malaysia and Singapore. This demonstrates that ASEAN acknowledges the needs and importance of creating an overarching regulation to ensure a free, open, and secure cyberspace in accordance with international law in the region. Furthermore, ASEAN launched the ASEAN Cybersecurity Cooperation Strategy 2021-2025 in January 2022 to protect the Critical Information Infrastructure from cyberthreats and ensure the safety and security of supply chain.
Multilateral cybersecurity cooperation with Dialogue Partners is also carried out through the Experts’ Working Group (EWG) on Cybersecurity in the ASEAN Defense Minister’s Meeting-Plus (ADMM-Plus) and the ASEAN Regional Forum (ARF) Inter-Sessional Meeting (ISM) on Information and Communications Technology (ICT) Security. In the ARF Work Plan for Maritime Security 2018-2020, cooperation on maritime cyberattacks was also mentioned. These ASEAN-led frameworks are the only multilateral architecture inclusive of all the major powers such as the United States, China, Japan, and India; therefore, they assume vital role in increasing the confidence between these states through dialogue and cooperation.
Nevertheless, although ASEAN states have taken many actions to tackle cybersecurity threats, the focus on the maritime sector is still not adequate against the backdrop of rapid maritime digitalisation, especially with the emergence of Maritime Autonomous Surface Ships (MASS). MASS increases the need to develop international law and guidelines to regulate and monitor their activities at sea in tandem with capacity-building and expertise sharing from other countries. Failure to do so may result in clashes and accidents in the congested sea lanes. The International Maritime Organisation (IMO), BIMCO, and INTERTANKO have also published guidelines to combat maritime cybersecurity risks on board which are encouraged to be adopted by shipowners. Furthermore, capability-building efforts can also be made to improve the capacity of ship operators to strengthen the cyber defence of their OT systems and their responses towards a cyberattack on board. Additionally, information sharing among ASEAN states, their Dialogue Partners, and international organisations like the IMO, BIMCO, and INTERTANKO is also equally important to ensure regular updates on the latest maritime cyberattacks happening in the region, which are critical for future analysis on the form and origin of the attacks.
Maritime cybersecurity cooperation can also be carried out minilaterally among the littoral states through the Cooperative Mechanism in SOMS and the Trilateral Cooperative Arrangement (TCA) in the Sulu-Sulawesi Seas, particularly in information sharing. The coordination between the littoral states can improve their maritime cyber preparedness and their responses to a cyberattack when it happens within their jurisdictions. Maritime industry contributes a lot to regional economy; hence, maritime cybersecurity cooperation should be given more attention by the Southeast Asian states.
