The Covid-19 pandemic has helped drive the rapid growth of digital solutions. While this has enabled a number of positive developments, it has also exposed many sectors to a heightened threat of cyberattacks.
As lockdowns and curfews were introduced around the world to stop the spread of Covid-19, various aspects of daily life shifted online.
In many countries, digital education platforms were introduced to ensure that students could continue their studies while adhering to social distancing guidelines. Similarly, there was a boom in telemedicine solutions, with innovations that allow doctors to remotely assess patients becoming increasingly popular.
Perhaps more dramatic was the exponential growth in digital payments, as consumers sought to avoid person-to-person contact when paying for many goods and services.
While these developments have been key to maintaining some form of continuity during the pandemic, they have also opened up more industries to the threat of cyberattacks.
One sector to have experienced a sharp increase in cyberthreats is education, due to the uptick in remote learning over the past 12 months.
According to research from cybersecurity provider Kaspersky, in the second half of last year the number of threats disguised as popular learning platforms increased by 60 per cent relative to the first half of the year.
There have also been a number of high-profile hacks in remote management systems over the past year. In the US state of Florida, for instance, officials in the town of Oldsmar reported in early February that a hacker had gained access to the city’s water system and attempted to mix the dangerous chemical sodium hydroxide into the water flow.
Meanwhile, in December the European Medicines Agency, the EU body that assesses and regulates medicines, announced that it had been targeted in a cyberattack. During the hack, documents from US pharmaceutical company Pfizer and its German counterpart BioNTech, the producers of a leading Covid-19 vaccine, were accessed.
The hack came just weeks before the vaccine was ultimately approved by the regulatory body. While it ultimately did not delay or compromise the vaccine-approval process, this attack nevertheless raised concerns about the potentially catastrophic effects of cybersecurity breaches.
Emerging markets become key targets
While cybersecurity is a truly global concern, such attacks pose a particularly grave threat in emerging markets.
In Kenya, cyberattacks rose by 125 per cent year-on-year in the second half of 2020, with the country – home to Africa’s largest mobile money market – accounting for around half of all cyberattacks on the continent.
Similarly, Indonesia – Southeast Asia’s largest digital economy, worth an estimated US$44 billion – has been a major target for hackers. Between January and October last year, the country experienced a six-fold increase in cyberattacks, with some of its leading e-commerce firms finding themselves in the firing line.
In May it was reported that Tokopedia, Indonesia’s largest e-commerce platform, had been hacked, with the details of 91 million users leaked online. Shortly after this, Bhinneka, one of Tokopedia’s e-commerce rivals, announced it had also been the victim of a cyberattack, with hackers gaining access to 1.2 million accounts.
In a sign of the how widespread cyberthreats are in the region, a report from data security company Trend Micro found that 80 per cent of Asia-Pacific organisations had suffered a cyberattack last year.
Meanwhile, in the Middle East, the United Arab Emirates experienced a 250 per cent increase in attacks, according to government officials, with financial services firms and hospitals among the most targeted.
Increase in cybersecurity
The scale and high-profile nature of many cyberattacks, combined with an increased reliance on digital technology, has ultimately led to a rise in cybersecurity awareness.
In fact, PwC’s Global Digital Trust Insights 2021, a survey of more than 3000 business, technology and security executives based around the world, found that 96 per cent of respondents had changed or were intending to change their cybersecurity strategies due to Covid-19.
In a sign of growing concern, 55 per cent said they would increase their cyber budget moving forward, while 51 per cent said they would add dedicated, full-time cybersecurity staff, even though nearly two-thirds thought revenues were set to decline. Meanwhile, one half of respondents said that cybersecurity or privacy measures were now incorporated into every business decision or plan, up from 25 per cent just a year ago.
On top of business-level solutions, a number of governments have also sought to bolster online security.
In light of the sharp rise in attacks in Indonesia, the government worked on a Personal Data Protection Bill in 2020.
Based on the EU’s General Data Protection Regulation, the bill – which has yet to be ratified into law – includes proposals that would make it illegal to collect consumer data without permission, and requires companies to inform consumers if their details have been hacked.
Elsewhere, in late January, the state-owned Saudi Telecom Company announced the creation of a new firm dedicated to providing advanced cybersecurity services. The 1.5-TB platform will aim to prevent cyberattacks, while also providing services to protect public and private sector companies.
This opinion piece was produced by the Oxford Business Group.