The World Economic Forum (WEF) has called for new thinking about global governance of the Internet, warning against a possible “cybergeddon” in its annual risk assessment.
The study, Global Risks 2014, notes that while cyberspace has proved largely resilient to attacks and other disruptions so far, its the attackers who have an easier time than defenders.
The international body says that there are reasons to believe that resilience is “gradually being undermined”.
The WEF points out that more devices are being connected online “widening both the potential entry points for and impacts of disruption”. Also, there is ever-deepening complexity of interactions among the many aspects of life that are dependent on connected devices, making those impacts potentially harder to predict.
“Together, these twin trends demand new thinking about global governance of the Internet,” the WEF said.
It cautions that this prospect has been undermined by recent revelations about the extent to which national security organisations are shaping cyber policy and conducting espionage and attacks, “eroding trust among the very stakeholders whose collaboration will be necessary to avert a conceivable cybergeddon”.
Cyber incidents, the WEF says, have so far tended to have effects that are either widespread but fleeting, or persistent but narrowly focused.
“Risks to the Internet continue to grow more serious for one key reason: attacking others in cyberspace has always been easier than defending them. The offence has had the advantage over the defense,” the economic body said.
The WEF says that cyber risks are often summarized through the acronym CHEW – crime, hacktivists, espionage and war.
However, it notes that other risks in cyberspace could have systemic impacts including a scenario where a large cloud provider could suffer an Enron- or Lehman-style failure.
Environmental triggers could also easily play a role, especially given the inherent fragility of the underlying physical infrastructure.
“A solar super-storm could cause substantial outages of national grids, satellites, avionics or signals from global navigation satellite systems (GNSS). The growing mass of “space junk” in orbit around the earth also poses a threat to GNSS,” the WEF said.
“A future in which attackers − whether hackers, organised-crime groups or national militaries − have an overwhelming, dominant and lasting advantage over defenders could be just one disruptive technology away,” the WEF warns, as a worst-case scenario.
Attackers in this future could achieve a wide range of effects with little input, making large-scale, Internet-wide disruptions easy and common, it says.
“The Internet would cease to be a trusted medium for communication or commerce and would be increasingly abandoned by consumers and enterprises. Cyberspace would no longer be divided between attackers and defenders but between predators and prey.”
A “cybergeddon” would see the next generation grow up with a cyberspace that is less open, less resilient and fundamentally less valuable than currently.
“The most transformative technology since Gutenberg would regress, to the loss of societies, economies and humanity. Piecemeal, individual solutions generally fail to address the underlying systemic issue: the mismatch between attackers and defenders.”
“The world will not be able simply to secure, risk-manage or information-share its way out of this situation to tip the balance of advantage towards defenders,” the WEF said.