political relationships rather than solely on domestic capabilities. Governments are increasingly worried about the potential use of “back doors” in digitized components of critical infrastructure. Natural resource endowments such as rare earths or production of sought-after industrial components can be used as leverage in broader trade, investment or other negotiations. The next decade could see such leverage being applied more frequently, weakening critical infrastructure in countries that are exposed. For example, uranium mining, conversion, enrichment and fabrication needed for running nuclear power plants102 are susceptible to being impacted by geopolitical tensions in some countries. With water security concerns likely to continue rising worldwide, governments with upstream control over rivers and reservoirs could be tempted to divert water to their own populations at the expense of neighbouring countries. Such actions could be in response to growing social instability and domestic political weakness, as part of escalating geopolitical tensions with neighbours, or both. Potential flashpoints over the next decade could include the Indus River Basin, between India and Pakistan, or Afghanistan’s construction of the Qosh Tepa Canal, which could diminish the flow of the Amu Darya River into Turkmenistan and Uzbekistan.103 Direct physical attacks on physical infrastructure are also a rising feature of state-based armed conflict. Since Russia’s invasion of Ukraine in February 2022, all categories of critical infrastructure in Ukraine have repeatedly been targeted. Elsewhere, undersea cables have been cut,104 and airport operations have repeatedly been interrupted by drone activity. Global satellite navigation systems, which help to ensure safe maritime and air transport, and also are used in supply chain logistics or agritech, have been targeted with jamming and spoofing of signals.105 These attacks are becoming more frequent and more sophisticated.106 While governments appear to be the leading perpetrators, risks are rising of non- state actors purchasing commercial technologies that could be used for jamming and spoofing. As critical infrastructure becomes more digitized, automated and interconnected, industrial control systems and devices can become insufficiently secured and monitored, and therefore vulnerable. The risks of cyber-physical failures are rising, for example from cyberattacks exploiting weaknesses in energy management software. In 2024, vulnerabilities in solar energy systems that could have compromised four million solar systems in 150 countries were highlighted by a group of so-called “ethical hackers”.107 On 7 April 2025, the Bremanger dam in Norway suffered a cyber- physical attack, leading to the unplanned release of water.108 Such disruptive and potentially dangerous activities are attractive targets for adversarial governments or criminal groups, as they can often plausibly deny involvement, complicating diplomatic, legal or military responses. If such disruptions escalate in the coming years, attitudes in already-strained societies towards governments suspected of involvement in attacks could harden. The line between cyber-physical attacks and kinetic warfare might start to blur. In parallel, trust in governments that consistently fail to ensure security and uninterrupted basic service delivery could be dented further. Pete Alexopoulos, Unsplash Global Risks Report 2026 51