During his first official visit to India, Thailand’s Foreign Minister Sihasak Phuangketkeow called for deeper cooperation between the two countries on cyber security. He highlighted the need for a coordinated action to tackle the increase in transnational cybercrimes. Cyber security is an area that India should pursue with its Southeast Asian partners with greater focus. There are three main aspects that mandate closer cooperation between India and Southeast Asia in this domain.

First, there has been a sharp rise in the number of cyber frauds originating from Southeast Asia that has targeted India. Over the past few years, notably between 2022 and 2024, thousands of Indians have been lured into job offers in various Southeast Asian countries only to be trapped in cyber-scams in Myanmar. Between January 2022 and May 2024, over 29,000 Indians travelled to Cambodia, Myanmar, Thailand and Vietnam on tourist visas and did not return. As regards to the cyber-scam, most Indians end up in Myawaddy town in Myanmar where they are forced into captivity and made to work in illegal cyber activities. Those who manage to escape usually cross over to Thailand.

During his visit to India, the Thai foreign minister raised concern over rapid expansion of cyber-scam operations along Thailand’s borders with Myanmar and Cambodia. Already India and Thailand have coordinated in repatriating the escaped/rescued Indians from Myanmar. Around 1000 Indians have been brought back from Thailand so far by special flights of Indian Air Force. However, considering the magnitude of these cyber-scam groups operating along the Thailand-Myanmar border and with several thousand Indians could still be trapped in these activities, New Delhi and Bangkok would need deeper collaboration in this area.

Second, China remains a common threat for India and the Southeast Asian countries in military and cyber domain as well. China has border disputes with India and with Southeast Asian nations, particularly with those involved in maritime dispute in South China Sea. Cyber warfare has emerged as one of the principal tools of China’s grey zone tactics. For years, China has developed its cyber warfare capabilities and is using those against the countries with which it has disputes. China hosts several cyber groups like APT40, APT41, Mustang Panda, Naikon and others to carry out cyber-attacks the claimant countries in the South China Sea.

Similarly, China’s cyber-attacks against India have surged after the two sides were involved in a violent exchange in Galwan in 2020. Chinese hacking groups like APT10, also known as Stone Panda, and Red Echo were found to be involved in attacks against India. Since the mid-2020s Chinese cyber groups have targeted various government and private institutions/infrastructure in India: Bharat Biotech and Serum Institute of India (both engaged in developing anti-COVID-19 vaccine) in March 2021; electricity networks across various Indian cities resulting in power outage; phishing campaign against several ministries of the Indian government through infiltrating into the government domain. These are some of the instances of China’s cyber warfare carried against India. In 2023 China replaced Pakistan as the country carrying out most cyber-attacks against India. Further, Southeast Asia has become a testing ground for the Chinese cyber groups to carry out attacks in that region and beyond.

Third, various terror groups are using Southeast Asia as a base to carry out cyber-attacks through different means. Terror organization Islamic State (IS) has expanded its base to Southeast Asia. Indonesian group Hacktivist is believed to have support of the IS. In the past few years, military operations, particularly by Indonesia and the Philippines against groups like Jemaah Ansharut Daulah (JAD) and Daulah Islamiyah Maute Group (DIMG) have weakened the physical presence of these groups. However, online threat from these terror outfits and other remains. Members of the terror groups have diverse avenues for increasing their footprint. These include targeting impressionable youngsters in the age groups of 15 to 24 and radicalize them and engaging in crypto currency mining for terror funding. Besides, many members of terror organizations use encrypted sources for communication which makes it difficult for the intelligence agencies to track.

Cyber-attacks are grey zone warfare tactics adopted by state and non-state actors. Cyber warfare is the most sophisticated form of transnational criminal and terror activities. For India, threats emanating from Southeast Asia provide a formidable challenge. India and Southeast Asian countries have strategic cooperation which include regular joint military drills. Cyber security has also been getting attention in India’s interactions with Southeast Asia; however, the persistent threats in the cyber domain from different avenues call for increasing collaboration between India and Southeast Asia.

Mr. Niranjan Marjani is a political analyst and researcher based in Vadodara, India.