The Cyber Landscape in the Digital Age of COVID-19

By Quek Xin Wei | May 5, 2021, 1.30PM

Photo by Joshua Woroniecki on unsplash

The global pandemic has induced a tectonic shift of the global economy towards one which has fully embraced digitalization. In the wake of government-ordered lockdowns which have shuttered brick and mortar businesses and corporate companies alike as well as forced schools into closure, services, operations and learning have rapidly shifted online. For better or for worse, the pandemic has changed our digital habits which are likely to stick post-pandemic. Companies that have quickly adopted cloud services and migrated to business communication platforms have effectively normalized remote work. Even as lockdown measures ease, workplaces in countries like Singapore are still following a ‘flexible and hybrid way’ of working. Similarly in schools, ‘blended learning’ which involves both home-based (online) and in-person (offline) approaches to learning continues to remain in place. The e-commerce boom which has taken place during the course of the pandemic also attests to a change in consumer habits and business operations. According to Shopify’s The Future of Ecommerce Report 2021, lockdowns saw nearly 150 million people shopping online for the first time and at the height of the pandemic, 10 years of e-commerce growth happened in the span of 90 days. While this pandemic-driven digitalization has offered increased convenience, flexibility and opportunities to many, it is, however, not without its own set of challenges.

A larger online population presents greater opportunities for cybercrimes. Globally, it has been widely reported that the digital transformation caused by COVID-19 has coincided with the rise of cybercrimes and attacks. In 2020, the estimated monetary cost of cybercrime was over $1 trillion which hovers above 1% of the global gross domestic product (GDP). In a similar vein, Interpol’s latest COVID-19 Cybercrime Analysis Report identified malicious domains; fake news; malware, ransomware and phishing; and scams & frauds as four key threat areas which have emerged since the outbreak began. The Asia and South Pacific region, in particular, has witnessed an uptick in COVID-19 fraud and phishing campaigns as well as the illegal sale of drugs and medical supplies. Compounded with the prevalence of vaccine misinformation and counterfeit vaccines which are reportedly on the rise, these issues could have a knock-on effect on the worldwide vaccination campaign which is currently underway.

The widespread deployment of remote systems and networks has also witnessed cyber targets shifting from individuals and small businesses to governments, critical infrastructure, and major corporations. The succession of cyberattacks against the United States, such as the SolarWinds hack in December 2020 which breached multiple agencies such as the Pentagon and the State Department, as well as Fortune 500 companies like Intel and Cisco; the hijacking of a Florida city’s water treatment plant operating system in an attempt to poison the water supply by raising levels of sodium hydroxide; and the latest Microsoft Exchange Sever data breach in March 2021 which affected both government agencies and global customers, all serve as stark reminders that governments must remain clear-eyed of the invisible threats presented by the rapidly evolving cyber landscape while managing the spread of COVID-19 and its attendant crises.

As the global trend of digital transformation is unlikely to lose momentum any time soon, governments and tech companies alike are under immense pressure to keep pace and address the growing risks and challenges in the cyberspace. Needless to say, heavy reliance on digital technology increases the vulnerability of its users to technical failures and cyber incidents which have the potential to cause severe disruptions on both a societal and national level. In that respect, governments in particular must lead the charge to develop a high standard of online security while moving to invest in cybersecurity defences to achieve digital infrastructure resiliency. On that front, having been ranked as the most cyber prepared country by the Deloitte Cyber Smart Index 2020 despite simultaneously being the most cyber exposed, Singapore is a leading figure whose comprehensive national cyber strategy can be modelled by other countries.

Under the Safer Cyberspace Masterplan 2020, Singapore has developed a three-pronged strategy focused on securing digital infrastructure, safeguarding cyberspace activity, and empowering a cyber savvy population. Notwithstanding the series of initiatives which were rolled out under these ‘strategic thrusts’, what is perhaps of note is the holistic and coherent approach which has been undertaken by the government. Moving to minimize digital infrastructure vulnerabilities reflects the government’s keen understanding that new cyber threats will continue to emerge from the changing cyber landscape and that building infrastructure resiliency is the best practice to manage its future impact. Similarly, increasing cyber surveillance to swiftly detect and remediate cyber threats demonstrates the constant vigilance which is required to address the growing frequency and sophistication of cyber threats. Finally, addressing cybersecurity on the individual level and cultivating sound cyber habits is a preventive measure which reduces the opportunity for cybercrimes to take place. The Safer Cyberspace Masterplan works on corrective, predictive and preventive measures, and as the cyber landscape continues to evolve through digital transformation, Singapore’s renowned cybersecurity is demonstrative that effective governance serves as the critical foundation to address these new challenges.