Economic Update

Published 17 Feb 2021

– The education sector experienced an increase in cyberattacks as digital adoption rose

– Emerging markets with large digital industries were among those most targeted by hackers

– 96% of businesses have changed their cybersecurity strategy due to Covid-19

– Businesses and governments alike are looking to bolster their cybersecurity defences

The coronavirus pandemic has helped drive the rapid growth of digital solutions. While this has enabled a number of positive developments, it has also exposed many sectors to a heightened threat of cyberattacks.

As lockdowns and curfews were introduced around the world to stop the spread of Covid-19, various aspects of daily life shifted online.

In many countries, digital education platforms were introduced to ensure that students could continue their studies while adhering to social distancing guidelines. Similarly, there was a boom in telemedicine solutions, with innovations that allow doctors to remotely assess patients becoming increasingly popular.

Perhaps more dramatic was the exponential growth in digital payments, as consumers sought to avoid person-to-person contact when paying for many goods and services.

While these developments have been key to maintaining some form of continuity during the pandemic, they have also opened up more industries to the threat of cyberattacks.

One sector to have experienced a sharp increase in cyberthreats is education, due to the uptick in remote learning over the past 12 months.

According to research from cybersecurity provider Kaspersky, in the second half of last year the number of threats disguised as popular learning platforms increased by 60% relative to the first half of the year.

There have also been a number of high-profile hacks in remote management systems over the past year. In the US state of Florida, for instance, officials in the town of Oldsmar reported in early February that a hacker had gained access to the city’s water system and attempted to mix the dangerous chemical sodium hydroxide into the water flow.

Meanwhile, in December the European Medicines Agency, the EU body that assesses and regulates medicines, announced that it had been targeted in a cyberattack. During the hack, documents from US pharmaceutical company Pfizer and its German counterpart BioNTech, the producers of a leading Covid-19 vaccine, were accessed.

The hack came just weeks before the vaccine was ultimately approved by the regulatory body. While it ultimately did not delay or compromise the vaccine-approval process, this attack nevertheless raised concerns about the potentially catastrophic effects of cybersecurity breaches.

Emerging markets become key targets

While cybersecurity is a truly global concern, such attacks pose a particularly grave threat in emerging markets.

In Kenya, cyberattacks rose by 125% year-on-year in the second half of 2020, with the country – home to Africa’s largest mobile money market – accounting for around half of all cyberattacks on the continent.

Similarly, Indonesia – South-east Asia’s largest digital economy, worth an estimated $44bn – has been a major target for hackers. Between January and October last year, the country experienced a six-fold increase in cyberattacks, with some of its leading e-commerce firms finding themselves in the firing line.

In May it was reported that Tokopedia, Indonesia’s largest e-commerce platform, had been hacked, with the details of 91m users leaked online. Shortly after this, Bhinneka, one of Tokopedia’s e-commerce rivals, announced it had also been the victim of a cyberattack, with hackers gaining access to 1.2m accounts.

In a sign of the how widespread cyberthreats are in the region, a report from data security company Trend Micro found that 80% of Asia-Pacific organisations had suffered a cyberattack last year.

Meanwhile, in the Middle East, the UAE experienced a 250% increase in attacks, according to government officials, with financial services firms and hospitals among the most targeted.

Increase in cybersecurity

The scale and high-profile nature of many cyberattacks, combined with an increased reliance on digital technology, has ultimately led to a rise in cybersecurity awareness.

In fact, PwC’s Global Digital Trust Insights 2021, a survey of more than 3000 business, technology and security executives based around the world, found that 96% of respondents had changed or were intending to change their cybersecurity strategies due to Covid-19.

In a sign of growing concern, 55% said they would increase their cyber budget moving forward, while 51% said they would add dedicated, full-time cybersecurity staff, even though nearly two-thirds thought revenues were set to decline. Meanwhile, one half of respondents said that cybersecurity or privacy measures were now incorporated into every business decision or plan, up from 25% just a year ago.

On top of business-level solutions, a number of governments have also sought to bolster online security.

In light of the sharp rise in attacks in Indonesia, the government worked on a Personal Data Protection Bill in 2020.

Based on the EU’s General Data Protection Regulation, the bill – which has yet to be ratified into law – includes proposals that would make it illegal to collect consumer data without permission, and requires companies to inform consumers if their details have been hacked.

Elsewhere, in late January, the state-owned Saudi Telecom Company announced the creation of a new firm dedicated to providing advanced cybersecurity services. The 1.5-TB platform will aim to prevent cyberattacks, while also providing services to protect public and private sector companies.