Southeast Asian criminal syndicates are integrating generative AI and deepfake generators into their malware-as-a-service models, according to the United Nations Office on Drugs and Crime’s report on the convergence of cyber-enabled fraud, underground banking, and technological innovation. These markets, typically operating on the dark web, are openly accessible through Telegram. Experts discuss the implications of this report on the cybersecurity landscape.
The billion-dollar criminal industry is changing more quickly than ever.
The U.N. reports that organized crime in Southeast Asia is rapidly evolving, driven by synthetic drug production, cyber-enabled fraud, call center pig butchering, money laundering networks, and human trafficking. These gangs are the global market leaders in cybercrime, with fraud and scams estimated at $55 billion. AI-driven crimes involving deepfakes have seen a 600% increase in mentions in criminal environments.
Dr. Aaron Estes, CEO of Ironwood Cyber, argues that while the U.N. report on cyberfraud in Southeast Asia acknowledges the increasing sophistication of cybercrime, it does not provide tangible advances in cyber deterrence and defense technologies. He believes that awareness and policy are crucial, but they are often weak deterrents. He suggests that while modern innovations like artificial intelligence can create faster scams, sound cybersecurity engineering and authentication controls can defend against these threats.
A Key Role for Telegram in the Rise of Southeast Asian Cybercrime
The U.N. has identified over 10 deepfake software service providers in Telegram linked to cybercrime in Southeast Asia, with countries in the Mekong region being the most targeted. South Korea, one of the most targeted countries by deepfake AI pornography, has launched an investigation into Telegram, seeking to determine if the platform facilitated or was complicit in the distribution of sexually explicit content.
French authorities are investigating Telegram founder Pavel Durov, and Indian health insurance Star Health is suing the company for selling medical records and personal data of over 31 million people. This has sparked legal action against Telegram by other governments, companies, and organizations. Via Telegram, Southeast Asian organizations are promoting innovative service-based goods and technology, such as deepfakes, generative AI, and malware.
Telegram is being used by criminals to open new underground markets, recruit money launderers and mules, and promote cryptocurrency criminal solutions. UNODC’s deputy representative for Southeast Asia and the Pacific, Benedikt Hofmann, warns that this makes consumers’ data more susceptible to scams and criminal activity than ever before.
Stronger criminal compounds as casinos on the Asian Front
Major criminal groups in Southeast Asia have been linked to both legal and illegal casinos, primarily in regions like Burma. They launder billions in criminal proceeds into the financial system without accountability, but a dark reality hides within these casinos.
Human trafficking, large-scale scams, and fraud call centers operate within fortified and securitized compounds, often characterized by high walls, barbed wire, armed guards, and strict surveillance. These compounds are also often rented out to criminal groups, allowing multiple tenants to engage in various illicit online activities, as described by the United Nations.
KK Park, an alleged Chinese investment near the Thai-Burma border, is a notorious casino compound known for its construction and expansion. It is a safe haven for transnational cybercriminal operators. The Indonesian government has pledged to end criminal and unregulated gambling, with over 3 million citizens being gamblers, generating around $20 billion. The region’s online casinos are a significant source of income.
Is It Possible to Stop Transnational Criminal Organizations?
Dr. Estes from Ironwood Cyber explains that transnational criminal organizations, despite advancements in law enforcement, remain difficult to target due to their global nature and lack of universal cybersecurity standards and enforcement mechanisms across borders. Many countries may lack the infrastructure or political will to enforce stringent cybersecurity measures.
Dr. Estes predicts that cybercrime will become more sophisticated, using AI and emerging technologies to create complex fraud schemes. He believes organizations can defend themselves by prioritizing cybersecurity engineering and designing systems that assume attackers will exploit vulnerabilities. To combat future threats, Dr. Estes recommends advanced digital authentication, vulnerability testing, penetration tests, and holistic security practices. He also suggests investing in vulnerability testing, penetration tests, and other security practices to ensure transaction integrity and reliability.
The Bottom Line
The U.N. has long warned of criminal syndicates in the southeast region causing destruction and damage. These groups, previously focused on drugs, guns, casinos, money laundering, and human trafficking, have expanded into the digital world. The temptation to ignore global expansion through digital and real-world operations is overwhelming, and a state-of-the-art international task force is needed to combat these transnational criminals.
