Governments should consider legislation to force businesses to be open about the impact of cybercrime, according to the World Economic Forum.
There is an urgent need for more openness over the risks posed by cybercrime to businesses, governments, and critical infrastructure, the WEF claims in a report analysing the key risks facing global economies.
The Global Risks 2012 report , due to be discussed at the Forum in Davos (pictured) later this month, identifies online security and the risks posed to communication networks by criminals and governments, as one of the key threats facing countries.
But it warns that governments and businesses need to do much more to understand the risk posed by threats to critical computer systems.
Steve Wilson, chief risk officer at insurance company Zurich, one of the report’s contributors, said there was a need for much more openness about cyber breaches.
“The first most important step is to get greater transparency from the private sector, in particular the security industry, and businesses at large so we can understand the scale of the problem Businesses need more encouragement to be open and that might mean having legislation”, “he said.
The report warns that the risks of cybercrime and cyber terrorism may have been underestimated, and could emerge as a highly serious threat over the next 10 years.
“A virus like Stuxnet could conceivably trigger a meltdown in a functioning nuclear power plant, turn off oil and gas pipelines or change the chemical composition of tap water,” it says.
Governments are increasingly developing cyber technology that could be used in espionage, or to initiate hostile cyber attacks.
The GhostNet Trojan, for example infected thousands of computers in government offices, embassies, businesses and non-government organisations in 130 different countries.
The virus could send documents from infected hard drives back to its creator, record key strokes, and covertly activate the computer’s camera and microphone.
“In 10 years, Stuxnet and GhostNet could look as crude and primitive as websites during the dot com bubble would look to us today,” warns the WEF report.
There are signs that some industries, such as the banking sector, which participated in a mock cyber attack last year, are taking cyber threats more seriously.
But experts believe the level of resource devoted to protecting the critical infrastructure is nowhere near adequate, the WEF report concludes.
Watch a video from the World Economic Forum on the Global Risks 2012 report.