The Global Risks Report 2016, 11th Edition

Now in its 11th edition, The Global Risks Report 2016 draws attention to ways that global risks could evolve and interact in the next decade. The year 2016 marks a forceful departure from past findings, as the risks about which the Report has been warning over the past decade are starting to manifest themselves in new, sometimes unexpected ways and harm people, institutions and economies. Warming climate is likely to raise this year's temperature to 1° Celsius above the pre-industrial era, 60 million people, equivalent to the world's 24th largest country and largest number in recent history, are forcibly displaced, and crimes in cyberspace cost the global economy an estimated US$445 billion, higher than many economies' national incomes. In this context, the Reportcalls for action to build resilience – the "resilience imperative" – and identifies practical examples of how it could be done.The Report also steps back and explores how emerging global risks and major trends, such as climate change, the rise of cyber dependence and income and wealth disparity are impacting already-strained societies by highlighting three clusters of risks as Risks in Focus. As resilience building is helped by the ability to analyse global risks from the perspective of specific stakeholders, the Report also analyses the significance of global risks to the business community at a regional and country-level

Impact Assessment of Hypothesized Cyberattacks on Interconnected Bulk Power Systems

The first-ever Ukraine cyberattack on power grid has proven its devastation by hacking into their critical cyber assets. With administrative privileges accessing substation networks/local control centers, one intelligent way of coordinated cyberattacks is to execute a series of disruptive switching executions on multiple substations using compromised supervisory control and data acquisition (SCADA) systems. These actions can cause significant impacts to an interconnected power grid. Unlike the previous power blackouts, such high-impact initiating events can aggravate operating conditions, initiating instability that may lead to system-wide cascading failure. A systemic evaluation of "nightmare" scenarios is highly desirable for asset owners to manage and prioritize the maintenance and investment in protecting their cyberinfrastructure. This survey paper is a conceptual expansion of real-time monitoring, anomaly detection, impact analyses, and mitigation (RAIM) framework that emphasizes on the resulting impacts, both on steady-state and dynamic aspects of power system stability. Hypothetically, we associate the combinatorial analyses of steady state on substations/components outages and dynamics of the sequential switching orders as part of the permutation. The expanded framework includes (1) critical/noncritical combination verification, (2) cascade confirmation, and (3) combination re-evaluation. This paper ends with a discussion of the open issues for metrics and future design pertaining the impact quantification of cyber-related contingencies

Towards the Legal Protection of Critical Infrastructure in Africa Against Cyberwar and Cyberterrorism

This article reviews the legal framework governing the protection of critical infrastructure in Africa with an emphasis on threats like cyberwar and cyberterrorism. As African governments and businesses increasingly depend on the internet and information systems, there is a need to enact appropriate laws to protect critical infrastructure from cyberattacks that could jeopardize the economic and national security postures of African countries. The article outlines the need for appropriate legal instruments to protect critical infrastructure as African businesses increasingly rely on the internet and information systems. The lack of adequate laws regulating critical infrastructure does not translate to the absence of critical infrastructure in African countries. Ghana, for instance, has a legal framework governing critical infrastructure. These infrastructures are common in most African countries but lack the required legal framework to protect them. It is important to note that despite the Budapest Convention and African Convention on Cybersecurity and Personal Data Protection, there is no international legal framework regulating cyberwar and cyberterrorism. Considering these factors, this article reviews Ghana's Cybersecurity Act and the Directive on Critical Information Infrastructure and uses the United States framework for comparative analysis. In addition to reviewing the types of attacks critical infrastructure could face, the article looks at the legal framework for managing incidents that could arise from cyberattacks targeting critical infrastructure

Increasing resilience to cascading events: The M.OR.D.OR. scenario

The growing complexity of global interconnected risk suggests that a shift has occurred in the way emergency planners need to improve preparedness and response to cascading events. With reference to the literature from the physical, social and political sciences, this paper analyses extreme space weather events and cyberattacks. The goal of this work is to produce a replicable scenario-building process, based on cross-disciplinary understanding of vulnerability, that could be complementary to probabilistic hazard assessment. Our hypothesis is that the technological and human component of critical infrastructure could be the primary vector for the escalation of secondary emergencies. While not themselves having direct implications in terms of loss of life, elements that are common to different risks could provide particular challenges for disaster management. Our findings identify some vulnerable nodes, such as Global Navigation Satellite System technology and remote-control systems, that could act as paths for the escalations of events. We suggest that these paths may be common to various known and unknown threats. We propose two scenarios of Massive, OveRwhelming Disruption of OpeRations (M.OR.D.OR.) that could be used for testing emergency preparedness strategies, and increasing the response to highly complex, unknown events. The conclusions highlight the open challenges of seeking to increase societal resilience. The limitations of this work are described, as are the possible challenges for future research

Cyberattacks on critical infrastructure: an economic perspective

The aim of this article is to analyze the economic aspects of cybersecurity of critical infrastructure defined as physical or virtual systems and assets that are vital to a country’s functioning and whose incapacitation or destruction would have a debilitating impact on national, economic, military and public security. The functioning of modern states, firms and individuals increasingly relies on digital or cyber technologies and this trend has also materialized in various facets of critical infrastructure. Critical infrastructure presents a new cybersecurity area of attacks and threats that requires the attention of regulators and service providers. Deploying critical infrastructure systems without suitable cybersecurity might make them vulnerable to intrinsic failures or malicious attacks and result in serious negative consequences. In this article a fuller view of costs and losses associated with cyberattacks that includes both private and external (social) costs is proposed. An application of the cost-benefit analysis or the Return on Security Investment (ROSI) indicator is presented to evaluate the worthiness of cybersecurity efforts and analyze the costs associated with some major cyberattacks in recent years. The “Identify, Protect, Detect, Respond and Recover” (IPDRR) framework of organizing cybersecurity efforts is also proposed as well as an illustration as to how the blockchain technology could be utilized to improve security and efficiency within a critical infrastructure

Digitalization Processes in Distribution Grids: A Comprehensive Review of Strategies and Challenges

This systematic review meticulously explores the transformative impact of digital technologies on the grid planning, grid operations, and energy market dynamics of power distribution grids. Utilizing a robust methodological framework, over 54,000 scholarly articles were analyzed to investigate the integration and effects of artificial intelligence, machine learning, optimization, the Internet of Things, and advanced metering infrastructure within these key subsections. The literature was categorized to show how these technologies contribute specifically to grid planning, operation, and market mechanisms. It was found that digitalization significantly enhances grid planning through improved forecasting accuracy and robust infrastructure design. In operations, these technologies enable real-time management and advanced fault detection, thereby enhancing reliability and operational efficiency. Moreover, in the market domain, they support more efficient energy trading and help in achieving regulatory compliance, thus fostering transparent and competitive markets. However, challenges such as data complexity and system integration are identified as critical hurdles that must be overcome to fully harness the potential of smart grid technologies. This review not only highlights the comprehensive benefits but also maps out the interdependencies among the planning, operation, and market strategies, underlining the critical role of digital technologies in advancing sustainable and resilient energy systems

Eleven years of cyberattacks on Chinese supply chains in an era of cyber warfare, a review and future research agenda

Purpose – The contribution of this study aims to twofold: First, it provides an overview of the current state of research on cyberattacks on Chinese supply chains (SCs). Second, it offers a look at the Chinese Government’s approach to fighting cyberattacks on Chinese SCs and its calls for global governance. Design/methodology/approach – A comprehensive literature review was conducted on Clarivate Analytics’ Web of Science, in Social Sciences Citation Index journals, Scopus and Google Scholar, published between 2010–2021. A systematic review of practitioner literature was also conducted. Findings – Chinese SCs have become a matter of national security, especially in the era of cyber warfare. The risks to SC have been outlined. Cybersecurity regulations are increasing as China aims to build a robust environment for cyberspace development. Using the Technology-organizationenvironment (TOE) framework, the results show that the top five factors influencing the adoption process in firms are as follows: relative advantage and technological readiness (Technology context); top management support and firm size (Organization context) and government policy and regulations (Environment context). Research limitations/implications – This review focuses on cyberattacks on Chinese SCs and great care was taken when selecting search terms. However, the author acknowledges that the choice of databases/terms may have excluded a few articles on cyberattacks from this review. Practical implications – This review provides managerial insights for SC practitioners into how cyberattacks have the potential to disrupt the global SC network. Originality/value – Past researchers proposed a taxonomic approach to evaluate progress with SC integration into Industry 4.0; in contrast, this study is one of the first steps toward an enhanced understanding of cyberattacks on Chinese SCs and their contribution to the global SC network using the TOE framewor

What Ukraine Taught NATO about Hybrid Warfare

Russia’s invasion of Ukraine in 2022 forced the United States and its NATO partners to be confronted with the impact of hybrid warfare far beyond the battlefield. Targeting Europe’s energy security, Russia’s malign influence campaigns and malicious cyber intrusions are affecting global gas prices, driving up food costs, disrupting supply chains and grids, and testing US and Allied military mobility. This study examines how hybrid warfare is being used by NATO’s adversaries, what vulnerabilities in energy security exist across the Alliance, and what mitigation strategies are available to the member states. Cyberattacks targeting the renewable energy landscape during Europe’s green transition are increasing, making it urgent that new tools are developed to protect these emerging technologies. No less significant are the cyber and information operations targeting energy security in Eastern Europe as it seeks to become independent from Russia. Economic coercion is being used against Western and Central Europe to stop gas from flowing. China’s malign investments in Southern and Mediterranean Europe are enabling Beijing to control several NATO member states’ critical energy infrastructure at a critical moment in the global balance of power. What Ukraine Taught NATO about Hybrid Warfare will be an important reference for NATO officials and US installations operating in the European theater.https://press.armywarcollege.edu/monographs/1952/thumbnail.jp