Worldwide cyber-attack could spur $53 billion in losses – Lloyd’s of London
A major, global cyber-attack could trigger an average of $53 billion of economic losses, a figure on par with a catastrophic natural disaster such as United State Superstorm Sandy in 2012, Lloyd’s of London said. The report, co-written with risk-modeling firm Cyence, inspected potential financial losses from the theoretical hacking of a cloud service provider and cyber-attacks on computer operating systems run by businesses international. Insurers are stressed to guess their potential exposure to cyber-related losses amid mounting cyber risks and interest in cyber insurance. A lack of old data on which insurers can base expectations is a key challenge. “Because cyber is virtual, it is such a tough task to know how it will accrue in a giant occasion,” Lloyd’s of London CE Inga Beale told Reuters. Economic costs in the hypothetical cloud provider attack dwarf the $8 billion global cost of the “WannaCry” ransomware attack in May, which spread to more than 100 countries, according to Cyence. Economic costs typically include computer damages and maintenances and business intervals. The Lloyd’s report follows a U.S. government warning to industrial firms about a hacking campaign targeting the nuclear and energy sectors.
In June, an attack of a virus dubbed “NotPetya” spread from infections in Ukraine to businesses around the globe. It encoded data on infected computers, rendering them inoperable and disturbed activity at ports, factories and law organizations. “NotPetya” caused $850 million in economic costs, Cyence said. In the hypothetical cloud service attack in the Lloyd’s-Cyence scenario, hackers inserted malicious code into a cloud provider’s software that was designed to trigger system crashes among users a year later. By then, the malware would have spread among the provider’s customers, from financial services companies to hotels, causing all to lose income and incur other expenses. Average financial losses caused by such a cyber-attack could range from $4.6 billion to $53 billion for large to dangerous events. But actual losses could be as high as $121 billion, the report said. As much as $45 billion of that sum may not be enclosed by cyber rules due to companies underinsuring, the report said. Average losses for a scenario involving a hacking of operating systems ranged from $9.7 billion to $28.7 billion. Lloyd’s has a 20 % to 25 % share of the $2.5 billion cyber insurance market, Beale said in June.