Preparing for the Coming Cyber Pandemic

The onslaught of the pandemic has worked like a double-edged sword. It has caused a wide array of disruptions for businesses, uprooting millions of livelihoods that depended on traditional ways of doing business. It also forced many to either digitalize overnight or be left behind. Meanwhile, for businesses that had already transitioned to doing business online or operating in a hybrid model, it was a much seamless shift to continue catering to their customers, albeit online.

Millions of people shifted to using the internet amid the pandemic. Between 2019 to 2022, the number of internet users in Southeast Asia grew from 360 million to 460 million – an addition of 100 million people who went online.

Separately many businesses also shifted their selling, operations and customer interactions over to the cloud. The pandemic-induced remote working requirements, along with the availability of numerous cloud services sealed the deal for many companies who were hitherto dabbling with the idea to go online. Some even went completely online, closing down most of their offices, while keeping a few functioning for meetings and conferences. Many employees completely shifted to working from home, although much of that rolls back now.

Going online does have its benefits for companies such as a wider market reach; ability to collect customer interaction data; sell products and services online; better logistics and delivery tracking capabilities; managing business operations on the move via online cloud-based platforms; real-time data on operations, delivery and customer feedback. These benefits do give an extra edge to companies that are open to working on an online mode. 

Increasing Cyberattacks

Nonetheless, one cannot refute the fact that increased digitalization has also exposed governments, businesses and individuals to increased cyberattacks. 

In this past decade alone, some of the biggest cyberattacks have taken place globally. Topping the list and still afresh is the WannaCry ransomware attack of May 2017. This malware, a type of malicious software, infected 230,000 computers across 150 countries, causing an estimated financial loss of US$4 billion. Not just individuals, but even companies and critical healthcare infrastructure were impacted. The attack purportedly took advantage of Microsoft Windows systems that were outdated and not regularly updated. User’s files were held hostage, with attackers demanding bitcoins in ransom to release these files. 

Sensitive civil infrastructure such as public healthcare is also under constant attack from cybercriminals. In July 2018, health database of about 1.5 million people, including that of Singapore Prime Minister Lee Hsien Loong was stolen from the national health database. “This was a deliberate, targeted and well-planned cyberattack. It was not the work of casual hackers or criminal gangs,” the joint statement by the Health Ministry and the Ministry of Communications and Information said.

Even critical infrastructure such as energy infrastructures have come under attack. The Colonial Pipeline was the victim of a ransomware attack in May 2021. The attackers got into the Colonial Pipeline IT systems, stealing 100 gigabytes of data and infesting its network with ransomware. This forced the pipeline to shut down, greatly impacting the airline industry, where there was a shortage of jet fuel for many carriers. 

These incidents and many more clearly indicate that cyber-preparedness is a must if we are to continue digitalizing and growing. 

Tackle the Cyber Pandemic

Cyber pandemic is becoming a realistic threat. A multistakeholder approach is warranted to ensure the increasing cyber incidents.

Individuals should develop cyber hygiene by maintaining good cyber etiquettes. One should regularly update their software and operating system and avoid clicking on unknown or suspicious links. Cyber fraudsters are also using popular social media channels to dupe individuals. So, one should be careful not to click on any unwanted links even if it is posted on popular social media channels.

Businesses should run a cyber weakness test determining the loopholes and weaknesses in their IT network that cybercriminals can exploit. Once determined, they can work to close these gaps with the help of cyber experts. As a thumb rule, every employee should be mandatorily trained and made aware of basic cyber etiquettes while using the internet or office email. Companies across the world are increasing their investments on cyber preparedness with some even going to the extent of introducing chief risk officers and chief information security officers into the board management.

Governments have a critical role to play in developing the country’s cyber preparedness. It should develop policies that inculcate the need to impart best practices in cybersecurity in both public and private places. Governments should also push to foster international cooperation with other countries by sharing details about the attack and developing common standards and protocols for cybersecurity. 

Similarly, governments must actively invest in research & development of new cyber technologies and approaches to better cybersecurity while enforcing stronger penalties for cybercrime and mandatory reporting of data breaches.

Photo Caption: Cyber security has become top of agenda in every boardroom.