BetaShares Updates: Forget nukes – cyber conflict is the 21st century crisis

BY BLAIR MODICA

The online age has heralded a new era of warfare, which pits not only sovereign nations against one another, but also cyber criminals against businesses, individuals, and their intellectual property.

Cybersecurity incidents soared in Australia during the past financial year, according to the recent Australian Cyber Security Centre’s (ACSC) second annual threat report. Whilst we are aware that cybercrime exists, and many of us may have been touched by a cybersecurity breach, it is possible we have underestimated the prevalence and severity of these incidents within society at large.

New data shows cybercrime is now reported every eight minutes in Australia ¹ with foreign agents and criminals taking advantage of large numbers of people working from home during COVID-19 lockdowns. In its second annual threat report, the ACSC revealed over 67,500 cybercrime reports were made in the last financial year, up 13% ² from the previous year, indicating that the online threat is fast becoming a national security emergency.

About one-quarter of cyber incidents reported to the ACSC last year were associated with Australia’s critical infrastructure or essential services, including education, communications, electricity, water, and transport.

The report warns that business email compromise – which includes when companies are targeted with fake invoices that appear to be for genuine services, continues to present a major threat to Australian businesses and government enterprises, especially as more Australians work remotely. The average loss associated with such incidents was over $50,000, more than 50% higher than the previous financial year ³.

Source: https://www.cyber.gov.au/sites/default/files/2021-09/ACSC%20Annual%20Cyb...

However, the threat isn’t just to business. During the past year, cybersecurity officials working with Telstra and Services Australia helped to take down over 110 malicious COVID-19 ⁴ themed websites aimed at targeting vulnerable citizens who were looking to obtain government grants, and other vital pandemic-related information.

It is estimated that cybercrime has cost Australian businesses and individuals A$33 billion over the past year ⁵.

State secrets are becoming more vulnerable

The crisis extends to state-sponsored espionage that is targeting our national data and intellectual property, and has the potential to create security chaos at an international level.

Last year, the Australian government identified that a sophisticated state-based hacking program had continually targeted Australian businesses and the government – believed to be primarily from China and Russia ⁶.

International espionage is nothing new, but with more data being stored online, confidential national information remains vulnerable to the presence of nefarious state-based hackers.

To highlight the severity of these incidents, staff from the Australian Signals Directorate have been embedded in the Federal Health Department to protect the country’s COVID-19 response from cyber-attacks.

Any corruption of medical data would be a huge issue for the federal government as it continues to combat the effects of the virus as well as handling the weary public. The health sector reported the second-highest number of ransomware incidents in the country, which grew as COVID-19 vaccines were developed and rolled out.

A breakdown of the severity of cyber incidents in 2020-21 shows there were 14 cases in which federal government entities or nationally significant infrastructure suffered the removal or damage of sensitive data or intellectual property, indicating that even with cybersecurity resourcing, the risk is ever present.

Source: https://www.cyber.gov.au/sites/default/files/202109/ACSC%20Annual%20Cybe...

Looking internationally, last year a major cyber-attack by a group with suspected backing by the Russian government penetrated thousands of organisations globally including multiple parts of the U.S. federal government, leading to a series of data breaches ⁷.

The attack and subsequent data breaches were among the worst cyber-espionage incidents ever suffered by the U.S. due to the sensitivity and high-profile nature of the targets, who were using a popular software program which had been compromised. 200 organisations including the UN, NATO and the UK government were reportedly affected by the attack, and some of these may have suffered critical data breaches ⁸.

It is becoming increasingly clear that in the future of espionage and conflict, the role that the internet plays in the transfer of data and connectivity represents a front in the battle to keep our information safe.

Global spending on cybersecurity is booming

Source: Bloomberg, AMP Capital

According to the annual Cybersecurity Ventures report, cyber-attacks are the fastest growing crime in the U.S. and sustained growth into the future is forecast. The firm expects global cybercrime costs to grow by 15% p.a. over the next five years, reaching US$10.5 trillion annually by 2025, an increase from US$3 trillion in 2015 ⁹.

The U.S. is a bellwether when discussing global cybersecurity, given it is not only the nexus for global geopolitics, but also the epicentre for technology ventures globally. Given the large financial footprint cyberattacks are leaving on the U.S. economy, there is little doubt that instances of cyberattacks will continue to increase globally.

The Cybersecurity Ventures report argues that this growth in cyberattacks represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, is exponentially larger than the damage inflicted from natural disasters in a year, and will be more profitable than the global trade of all major illegal drugs combined ¹⁰.

Evidently, the market for protecting private data and state secrets is moving in lock-step, with demand for cybersecurity booming.

At a sovereign level, the U.S. government has budgeted US$19 billion ¹¹ on Cybersecurity for 2021.

Locally, Australians spent ~A$5.6 billion on cybersecurity in 2020, with demand forecast to reach A$7.6 billion by 2024 ¹².

Projections that the global cybersecurity market is set to grow to US$300 billion by the end of 2024 ¹³ might not make this sector a global panacea for cyber-attacks, but it does represent an investment opportunity with the potential for significant and sustainable growth as the digital era matures. Indeed, cybersecurity echoes the wider investment thesis that is presented by technological innovation – as society becomes more interconnected, there is a greater propensity for criminal actors to seek to benefit from this global integration.

The BetaShares Global Cybersecurity ETF (ASX: HACK) is a simple and cost-effective way to gain exposure to the world’s leading cybersecurity companies in a single ASX trade. The table below shows performance to 30 September 2021.

Source: Bloomberg (NAV Total Returns)

Past performance is not indicative of future returns.

Investment risks associated with HACK include market risk, cybersecurity companies risk, concentration risk and currency risk. For more information on risks and other features of the Fund, please see the Product Disclosure Statement, available at www.betashares.com.au.

1. https://www.cyber.gov.au/sites/default/files/2021-09/ACSC%20Annual%20Cyb...
2. https://www.cyber.gov.au/sites/default/files/2021-09/ACSC%20Annual%20Cyb...
3. https://www.abc.net.au/news/2021-09-15/cyber-attacks-surge-activity-covi...
4. https://www.abc.net.au/news/2021-09-15/cyber-attacks-surge-activity-covi...
5. https://www.cyber.gov.au/sites/default/files/2021-09/ACSC%20Annual%20Cyb...
6. https://www.abc.net.au/news/2020-06-19/foreign-cyber-hack-targets-austra...
7. https://apnews.com/article/us-agencies-hacked-global-cyberspying-e8a2e81...
8. https://www.bloomberg.com/news/articles/2020-12-19/at-least-200-victims-...
9. https://www.herjavecgroup.com/wp-content/uploads/2018/12/CV-HG-2019-Offi...
10. https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
11. https://www.hstoday.us/subject-matter-areas/cybersecurity/u-s-government...
12. https://www.austcyber.com/resources/sector-competitiveness-plan/chapter1
13. https://www.forbes.com/sites/louiscolumbus/2020/04/05/2020-roundup-of-cy...

________________________________________________________________________________________________________________________________________________

IMPORTANT INFORMATION

BetaShares Capital Limited (ABN 78 139 566 868, AFSL 341181) is the responsible entity and issuer of the BetaShares Funds. This information is general only, is not personal financial advice, and is not an offer or recommendation to make any investment or adopt any investment strategy. It does not take into account any person’s financial objectives, situation or needs. Before making an investment decision you should obtain and read a copy of the relevant PDS available from this website (www.betashares.com.au) or by calling 1300 487 577 and obtain financial advice in light of your individual circumstances. You may also wish to consider the relevant Target Market Determination (TMD) which sets out the class of consumers that comprise the target market for the BetaShares Fund and is available at www.betashares.com.au/target-market-determinations. Investments in BetaShares Funds are subject to investment risk and the value of units may go down as well as up. Past performance is not an indication of future performance. The performance of BetaShares Fund is not guaranteed by BetaShares or any other person. To the extent permitted by law BetaShares accepts no liability for any errors or omissions in, or loss from reliance on, the information herein.

Investors may buy units in BetaShares Funds on the ASX through a stockbroker, financial adviser or online broker. Units in BetaShares Funds trade on the ASX at market prices, not at NAV.

Any BetaShares Fund that seeks to track the performance of a particular financial index is not sponsored, endorsed, issued, sold or promoted by the provider of the index. No index provider makes any representation regarding the advisability of buying, selling or holding units in the BetaShares Funds or investing in securities generally. No index provider is involved in the operation or distribution of the BetaShares Funds and no index provider shall have any liability for the operation or distribution of these Funds or their failure to achieve their investment objectives. An index provider has no obligation to take the needs of the BetaShares Fund or the unitholders of the Fund into consideration in determining, composing or calculating the relevant index. Any intellectual property rights in the index name and associated trademarks, index methodology, index values and constituent lists vest in the relevant index provider and/or its affiliates. BetaShares has obtained a licence from the relevant index provider to use such intellectual property rights in the creation and operation of the BetaShares Funds.