Cyberthreats pose significant risks to critical infrastructure which depends on networks of interconnected devices and legacy systems, a new report released by the World Economic Forum (WEF), has mentioned.
Such an infrastructure would include water facilities, biosecurity, communications infrastructure, climate and energy.
The report titled Global Cybersecurity Outlook 2025 was released on January 13, 2025.
According to the report, geopolitical tensions and increasingly sophisticated cyberthreats pose significant risks to critical infrastructure, which depends on networks of interconnected devices and legacy systems.
The ongoing conflict in Ukraine exemplifies these vulnerabilities, with critical sectors such as energy, telecommunications, water and heating repeatedly targeted by both cyber and physical attacks. These attacks often focus on disrupting control systems and compromising data, highlighting the critical risks associated with operational technology.
As cyberthreats continue to evolve, they not only endanger system functionality but also threaten human safety, increasing the severity and consequences of disruptions to vital infrastructure.
Cyberattacks on water facilities pose significant risks to public safety, infrastructure and national security.
The Cybersecurity and Infrastructure Security Agency (CISA) of the United States outlined these risks in a toolkit, emphasising the vulnerabilities in operational technology (OT) systems used in water facilities, such as remote access points and outdated software.
Cybercriminals can exploit these weaknesses to disrupt water-treatment processes, causing potential contamination, loss of service or other hazardous consequences.
A notable example of these threats occurred in October 2024, when a cyberattack targeted the largest water utility in the United States, disrupting operations and raising alarms about the security of critical infrastructure.
Rapid technological advances have redefined the biological threat landscape, with biosecurity coming to the forefront.
The World Health Organization (WHO) has warned that advances in artificial intelligence, cyberattacks and genetic engineering could pose potentially catastrophic risks to global biosecurity.
Cyberattacks could incapacitate essential laboratory systems, interrupting operations and causing loss of data integrity, which would delay critical research or compromise safety protocols. Over the course of 2024, two laboratories were targeted in South Africa and the United Kingdom.
These vulnerabilities underscore the need for advanced cybersecurity measures in biosecurity strategies to address these growing risks.
From large-scale state-sponsored cyber espionage via telecommunications infrastructure to the targeting of satellites and undersea cables, geopolitical tensions continue to manifest through the increasing number of attacks on critical communications infrastructure.
Undersea cables are crucial for global data flow and economic exchange.
Modern technology relies heavily on substantial energy consumption, rendering power grids highly attractive targets for cybercriminals.
Simultaneously, energy systems are undergoing a profound transformation as societies transition to renewable technologies. It is essential that these emerging energy systems are designed with security as a foundational priority; otherwise, in the effort to address an existential crisis with urgency, there is a risk of introducing vulnerabilities that could undermine the reliability of this new energy infrastructure, with far-reaching consequences for the economy and society.
The report highlights comprehensive analysis of the escalating complexities in cybersecurity.
This complexity arises from the rapid growth of emerging technologies, prevailing geopolitical uncertainty, the evolution of threats, regulatory challenges, vulnerabilities in supply chain interdependencies and the growing cyber skills gap.
The cyber skills gap has widened since 2024, with two in three organisations reporting moderate-to-critical skills gaps.
The sector is currently lacking up to 4.8 million cybersecurity professionals. Only 14 per cent of organisations say they have the skilled people they need in the current cyber landscape.
The growing complexity of cyberspace is exacerbating cyber inequity, widening the gap between large and small organisations, deepening the divide between developed and emerging economies, and expanding sectoral disparities.
This disparity in cyber resilience is further highlighted by regional differences in preparedness- while only 15 per cent of respondents in Europe and North America lack confidence in their country’s ability to respond to major cyber incidents targeting critical infrastructure, this proportion rises to 36 per cent in Africa and 42 per cent in Latin America.
According to the report, leaders must prioritise cybersecurity as a strategic investment to ensure resilience amid emerging new threats.
The report released ahead of the Forum’s Annual Meeting in Davos, Switzerland draws on a survey of industry experts and identifies the various trends complicating the cyberspace.