The rise of new and emerging technologies are driving new forms of cyberattacks which will expose businesses to threats they're unprepared to face, the World Economic Forum (WEF) has warned.
Its Global Risks Report 2017 details some of the key challenges facing the world this year, ranging from political uncertainty and climate change to how society isn't keeping up with the risks presented by technological change.
While the report notes that new technology has the potential to bring great benefit to the world, practices such as connecting more and more business, industrial, and consumer devices to the internet in the name of productivity and efficiency also increases the risk of hacking and data breaches.
"When you think about new technologies like AI and the Internet of Things, they're creating a broader attack surface for cyberattacks for those who want to steal data, disrupt business, attack industrial controls," said John Drzik, president of global risk & specialties at global insurance broker and risk management Marsh, at the launch of the report, which lists both data breaches and cyberattacks in the top ten most likely risks.
"Meanwhile, the future weaponization of AI and robotics by rogue states or terrorists, and the scope for hacking global satellite systems are also firmly on the radar of security specialists," he wrote in an article to accompany the report.
Last year's report saw cyberattacks cited as the number one risk by executives in North America, and it seems that another big year for data breaches, cyberattacks, and hacking in 2016 has increased fear of cybersecurity incidents across the globe.
2017's report sees executives in US, Germany, Japan, Switzerland, Australia, Singapore, Malaysia, UEA, and more all list cyber as the biggest risk facing businesses. "Executives noted this is the risk and it's what we see at Marsh, that cyber is the top risk of many of our clients at board levels," said Drzik, who cited October's internet blackout causing DDoS attack as a big turning point for cyber risk.
The incident saw hundreds of thousands of household IoT devices used to overwhelm servers, forcing many major services offline.
"You can see how this was a test of the defensive infrastructure and it was obviously a test that raised concerns in terms of what if this attack had more malicious intent? Can you activate IoT as weapons?" said Drzik.
Richard Samans, WEF managing board member described it as a "critical risk" which has "rocketed up to become an existential issue for many organisations".
The WEF warns that technology companies must take more responsibility when it comes to the disruptions advancements could cause, such as job losses, as the structure of society struggles to keep up with the rapid changes.
"The pace of change in technology has been very rapid and much of the focus and investment has been on innovation has been to drive benefits," said Drzik. "There needs to be a parallel spending in risk management in order to ensure we're getting the right risk-reward balance, both at a societal level and with individual companies."
The report points to the potential impact of artificial intelligence and robotics, arguing that the technologies could have the greatest potential benefits, but also the greatest potential negative effects and the greatest need for better governance to prepare for the mass unemployment which could follow as machines take more and more jobs.
Read more on cybersecurity
- How to defend against the internet's doomsday of DDoS attacks
- History repeating: How the IoT is failing to learn the security lessons of the past
- How AI-powered cyberattacks will make fighting hackers even harder
- The security tsunami of the Internet of Things is coming, are you ready? [TechRepublic]
- The first big Internet of Things security breach is just around the corner