Data breaches, cyberattacks are top global risks alongside natural disasters and climate change

Increased connectivity in society and rapidly evolving threats are leaving the world open to damaging large-scale cyberattacks, warns the World Economic Forum.

Rebuilding the grid after a cyberattack: The Department of Energy has a plan The project will investigate the consequences of attacks on energy infrastructure and how long it takes systems to recover.

Cyberattacks and their potential to cripple critical infrastructure remain one of the biggest risks facing the world today, the World Economic Forum (WEF) has warned.

Both large-scale cyberattacks and mass incidents of data theft feature in the top five most likely risks in the WEF's Global Risks Report 2019. The WEF is an international group that aims to bring business leaders, politicians, and academics together to help shape the global agenda. This is the 14th annual edition of the report, which has been produced with insurance broking and risk management firm Marsh.

Cyberattacks and data breaches featured heavily in last year's report, ranking as third and fourth most likely global risks, only finishing behind extreme weather events and natural disasters. This year, massive data breaches and large-scale cyberattacks are ranked as the fourth and fifth most likely global risks, with failure of climate-change mitigation and adaptation ranked second behind extreme weather. Natural disasters again ranked above cyberattacks and data breaches.

But that doesn't mean the risk of cyberattacks is decreasing -- and following another 12 months of hacking incidents and and data breaches, the vast majority of respondents expect cyberattacks to be a major problem during 2019; 82 percent of those surveyed believe there's an increased risk of cyberattacks leading to the theft of money and data, and 80 percent believe there's an increased risk of cyberattacks leading to the disruption of operations.

In particular, the report points towards the risk cyberattacks pose to critical infrastructure, noting how nation-state backed hackers were able to gain access to the control rooms of US utility companies in a series of incidents that came to light in July last year.

SEE: Cybersecurity in an IoT and mobile world (ZDNet special report) | Download the report as a PDF (TechRepublic)

The Global Risks Report therefore warns that the "potential vulnerability of critical technological infrastructure has increasingly become a national security concern." It puts the combination of cyberattacks and the breakdown of critical information infrastructure second only to extreme weather and failure to mitigate climate change when it comes to the top risk interconnections.

One of the key reasons why cyberattacks on infrastructure are viewed as such a significant risk by the WEF is because of the rise of digitalisation and the growth of the Internet of Things in recent years.

While these devices are designed with the intention of making lives easier, the increased connectivity across the world has increased the potential for hackers to conduct campaigns -- particularly when many IoT products have weak cybersecurity to begin with.

With IoT devices and connected things now embedded within industrial environments, they could potentially provide an attacker with an easy backdoor into infrastructure, triggering a destructive cyberattack with what the WEF describes as "devastating spill-over effects," damaging critical services and causing billions in damage.

The Global Risks Report warns that organisations need to make progress on this blind spot sooner rather than later in order to prevent damaging consequences.

"Persistent underfunding of critical infrastructure worldwide is hampering economic progress, leaving businesses and communities more vulnerable both to cyberattacks and natural catastrophes, and failing to make the most of technological innovation," said John Drzik, president of global risk and digital at Marsh.

"Allocating resources to infrastructure investment, in part through new incentives for public-private partnerships, is vital for building and strengthening the physical foundations and digital networks that will enable societies to grow and thrive."

READ MORE ON CYBER SECURITY