UNC3886 and Beyond: Why Cyber Security is Core to ASEAN’s Digital Future
TL:DR
ASEAN faces rising cyber threats from the UNC3886 espionage campaign in Singapore, ransomware in Indonesia, and hacktivist disruptions in Malaysia. Attackers increasingly exploit AI to target critical infrastructure, highlighting the urgency for stronger regional defences.
In response, ASEAN governments are strengthening cyber security laws, enhancing regional collaboration (e.g., ASEAN CERT), and enterprises are raising security budgets and embedding cyber security into digital transformation.
AIBP has facilitated regional cooperation, connecting ASEAN firms with cyber security experts from Europe, Singapore, and South Korea to build local cyber resilience through knowledge exchange and proven solutions.
These developments underline that cybersecurity is no longer optional but foundational for ASEAN’s digital economy.
Escalating Cyber Threats Demand Stronger Resilience
Recent events underscore why cyber resilience is a top priority in ASEAN.
In Singapore authorities revealed it is battling an ongoing cyber-espionage campaign against critical infrastructure by a group codenamed UNC3886, such advanced persistent threats (APTs) pose “a serious danger” to national security, targeting essential services from energy and water to finance and healthcare. Singapore’s Cyber Security Agency (CSA) noted that suspected APT incidents surged more than fourfold between 2021 and 2024, a stark indicator of the escalating threat landscape.
The danger isn’t confined to state-sponsored hacking. In Indonesia, a massive ransomware attack in mid-2024 crippled government services across 230 agencies, including immigration systems and major airports. The incident, deemed the worst in recent years, exposed serious lapses such as poor data backups (an audit found 98% of data in one affected government data center had no backup).
Malaysia, too, faced hacktivist threats. In early 2024, its National Cyber Coordination Centre issued heightened alerts after a group threatened to deface websites and steal data in retaliation for geopolitical events.
May 2025 - AIBP Focus Group with 40 IT & cybersecurity professionals, co-hosted with CyberSecurity Malaysia
These incidents, from espionage to ransomware and hacktivism, all send a clear message: ASEAN organisations must bolster cyber defenses and resilience to withstand a diverse range of attacks.
Evolving Attack Techniques and Critical Infrastructure Risks
Attackers are continually refining their methods to infiltrate systems, steal sensitive data, and disrupt essential services. The use of artificial intelligence (AI) and machine learning (ML) is amplifying threat capabilities, enabling attackers to automate phishing campaigns, identify system vulnerabilities, and evade detection with greater precision.
This has direct implications for ASEAN nations, where protecting critical infrastructure such as power grids, transport systems, and financial networks is a national priority. Attacks on such systems could cause cascading disruptions and economic loss. Safeguarding them requires robust cyber security measures, regular risk assessments, and stronger public–private sector collaboration.
Cyber espionage also poses a strategic risk. Nation-state actors increasingly pursue sensitive government or commercial information, using tactics such as disinformation, cyber propaganda, and infiltration of government networks. Countering these threats demands a combination of threat intelligence, diplomatic coordination, and national cyber deterrence strategies.
National Strategies: Strengthening Cyber Defences Across ASEAN
Governments across ASEAN are responding with more robust legislation, national strategies, and institutional capacity building.
In Malaysia, National Cyber Security Agency (NACSA), Malaysia (established in 2017) plays a central role in cyber coordination. The 2024 Cyber Security Act formalised its mandate. Introducing licensing requirements for security providers and establishing stricter obligations to protect Critical Information Infrastructures (CIIs).
Indonesia, too, is advancing its cyber strategy. The National Cyber and Crypto Agency (BSSN) leads a roadmap to improve resilience across state and enterprise networks. The proposed Cyber Security Resilience Bill (RUU KKS) and the new Personal Data Protection Law aim to unify fragmented regulations, promote breach notification, and raise compliance standards across the public and private sectors.
Oct 2023 - Updates on Indonesia’s Cyber Security Policy and Regulation Landscape by Farosa, S.T., Senior Cryptography Expert from Directorate of Cybersecurity and Cryptography for Industry, National Cyber and Crypto Agency (BSSN) & Firlie Ganinduto, Vice Chairman of Communication & Informatics, Indonesian Chamber of Commerce and Industry (KADIN) , as part of a business mission led by AIBP, Cyber Security Agency of Singapore (CSA) & SGTech .
At the regional level, ASEAN is uniting through initiatives such as the ASEAN Regional Computer Emergency Response Team (CERT) launched in Singapore in late 2024. Funded by Singapore for the next ten years, the facility enables member states to share threat intelligence and coordinate response efforts during cross-border incidents—reinforcing a “secure and resilient cyberspace” across the region.
Enterprise Insights: What ASEAN Firms Are Prioritising
As the landscape of cyber attacks has evolved, with attackers continually refining their techniques to infiltrate security systems, pilfer sensitive data, or disrupt services. AIBP’s 2024 ASEAN Enterprise Innovation Survey also highlighted that 39% of ASEAN enterprises identified cyber security and privacy as top challenges to digital transformation.
AIBP’s 2024 ASEAN Cyber Security Survey conducted in partnership with CrowdStrike reveals several trends among enterprise leaders:
45% of organisations in ASEAN say they are integrating security measures into digital initiatives to mitigate cyber risks from the outset.
Budget trends reflect this too: nearly 46% plan to increase cyber security spending in 2025, even if many are still constrained by overall IT budgets.
Sep 2024 - CyberSecurity in ASEAN Report co-authored with CrowdStrike, featuring interviews with 40 CISOs/CIOs in the region.
What are the biggest cyber challenges worrying ASEAN enterprises?
Top threats: Phishing and social engineering top the list of threats, cited by 43% of organizations, followed closely by malware and ransomware attacks (around 37%). High-profile incidents like ransomware outages and phishing-driven breaches have made these very tangible risks. In Indonesia, for example, data leaks and identity theft (often stemming from phishing or poor security) comprised 88% of cyber incidents in the past three years, according to one study. It’s no surprise that threat detection and awareness is a priority for 40% of firms, who are investing in better threat intelligence and user training to reduce successful attacks
Talent and Skills Shortage: Shortage of cyber security professionals is an acute concern, tied with malware as a top challenge at 37% of respondents This region-wide skills gap has real consequences. Governments are responding (Malaysia aims to train 25,000 new cyber professionals by 2025, the Philippines 10,000), but in the meantime enterprises are turning to managed security services and automation to fill the gap. Upskilling existing IT staff in security basics is also crucial, as human error remains a leading factor in breaches.
Protecting Data and Legacy Systems: About 29% of organisations struggle with user data protection and privacy compliance, and 28% cite legacy systems as a vulnerability that limits their ability to respond to modern threats.
Regional Collaboration: Sharing Effective Solutions with Local Enterprises
March 2024 - Visit to the CyberSG TIG Collaboration Centre, an initiative by the CyberSecurity Agency of Singapore and NUS Enterprise, as part of AIBP ASEAN Innovation Retreat for 72 business & technology leaders across ASEAN.
AIBP has been actively collaborating with leading cyber security firms from Europe, Singapore and South Korea to introduce effective, enterprise-ready solutions to ASEAN organisations. These efforts aim to support local enterprises in addressing complex cyber security challenges through shared regional expertise and proven implementation models.
July 2024 - Dialogue with CyberSecurity Malaysia, organised by AIBP with a delegation of cybersecurity solution providers from South Korea, an initiative by the Korea Trade-Investment Promotion Agency (KOTRA)
Through these partnerships, enterprises in ASEAN gain access to proven frameworks for threat detection, identity management, and infrastructure hardening, alongside practical case studies from more mature markets. These engagements also serve to demystify advanced technologies (e.g. AI-based security monitoring, zero-trust architectures) and enable local CISOs to benchmark their strategies against regional peers.
The goal of these efforts is to foster long-term enterprise learning and readiness, building a foundation of trust and capability that supports broader digital transformation goals.
Conclusion
The UNC3886 campaign is a stark reminder that advanced cyber threats are already embedded in ASEAN’s digital environment. In response, governments are formalising cyber security governance, enforcing protection mandates for critical sectors, and cooperating across borders. Enterprises are also stepping up, by integrating security into transformation plans, addressing skill gaps, and adopting AI-driven defences.
Challenges remain, but the direction is promising. With sustained effort, investment, and public–private collaboration, ASEAN can turn today’s cyber vulnerabilities into tomorrow’s resilience.
Nov 2023 - Discussion on Cybersecurity Priorities for Indonesia’s Critical Infrastructure with Ari Rahmat Indra Cahyadi, President Director, PLN Icon Plus , and Yohanes Sukrislismono, Director of Information Technology Services, PLN ICON Plus, as part of a business mission led by AIBP, CyberSecurity Agency of Singapore & SGTech.
Sep 2023 - An exchange on best practices in combatting scams and digital frauds with the Royal Thai Police, hosted by AIBP for an international delegation comprising 7 Singaporean, 13 South Korean and 3 European firms.
Further Insights
AIBP Reports: Cyber Security in ASEAN: Navigating the Evolving Threat Landscape - Report co-authored with CrowdStrike with insights into how organisations are managing cybersecurity threats, adopting advanced security measures, and aligning their strategies to enhance overall security posture..
AIBP Reports: Cyber Security in the Philippines : AI Enhanced Security through Platforms - Report co-authored with Fortinet on how enterprises in the Philippines are increasingly adopting Secure Access Service Edge (SASE) & Zero Trust Architecture (ZTA) to address cyber security challenges.
AIBP Reports: Cyber Security in ASEAN: Deep Dive into Identity and Access Management (IAM) and Privileged Access Management (PAM) - Report co-authored with Okta , on the importance of IAM and PAM in strengthening digital trust.
AIBP B2B GrowthPodcast: Building Digital Trust – Axiata, Indosat Ooredoo Hutchison , Tenaga Nasional Berhad, Okta Learn how regional leaders are building enterprise-wide authentication, access control, and transparency frameworks.
AIBP B2B Growth Podcast: Cybersecurity Growth in Malaysia & the Philippines – CyberSecurity Malaysia & Department of Information and Communication Technology (DICT) Hear from national experts on how these countries are strengthening policy, enforcement, and public awareness to build a resilient digital future.
