According to a new report published by the Lloyd’s of London (“Counting the cost: Cyber exposure decoded”), a massive cyber attack on a global scale could cause an average of $53 billion of economic losses. a figure on par with a catastrophic natural disaster such as U.S. Superstorm Sandy in 2012, Lloyd’s of London said in a report on Monday.
“A major global cyber-attack has the potential to trigger $53 billion of economic losses, roughly the equivalent to a catastrophic natural disaster like 2012’s Superstorm Sandy, according to a scenario described in new research by Lloyd’s, the world’s specialist insurance market, and Cyence, a leading cyber risk analytics modelling firm.” states a blog post published by Lloyd’s of London.
The figure is disconcerting, experts compared it with losses caused by a natural disaster such as the Superstorm Sandy that hit the US in 2012.
“The report, co-written with risk-modeling firm Cyence, examined potential economic losses from the hypothetical hacking of a cloud service provider and cyber attacks on computer operating systems run by businesses worldwide.” reported the Reuters.
Insurers are trying to estimate the economic impact of a cyber attack and the potential exposure to cyber risks, and believe me, it is very difficult to do it due to the lack of historical data on such kind of incidents.
“This report gives a real sense of the scale of damage a cyber-attack could cause the global economy. Just like some of the worst natural catastrophes, cyber events can cause a severe impact on businesses and economies, trigger multiple claims and dramatically increase insurers’ claims costs. Underwriters need to consider cyber cover in this way and ensure that premium calculations keep pace with the cyber threat reality.” said Lloyd’s of London Chief Executive Inga Beale.
“We have provided these scenarios to help insurers gain a better understanding of their cyber risk exposures so they can improve their portfolio exposure management and risk pricing, set appropriate limits and expand into this fast-growing, innovative insurance class with confidence.”
According to Cyence, economic costs in the hypothetical cloud provider attack could reach $8 billion global cost for cases like “WannaCry” ransomware that hit targets in more than 100 countries.
Economic costs could include business interruptions and computer repairs.
In June, the “NotPetya” ransomware infected systems worldwide causing $850 million in economic costs.
According to the report, in the hypothetical cloud service attack, hackers delivered a malware into a cloud provider’s software that was designed to trigger system crashes among users a year later.
The malware then propagates among the provider’s customers, infecting systems in almost any industry, from financial services to healthcare
The experts estimated average economic losses caused by the disruption of the victims’ operations could range from $4.6 billion to $53 billion for massive cyber attacks.
“But actual losses could be as high as $121 billion, the report said.” continues the Reuters.
“As much as $45 billion of that sum may not be covered by cyber policies due to companies underinsuring, the report said.”
The report estimates average losses for a scenario involving a hacking of operating systems ranged from $9.7 billion to $28.7 billion.
“Lloyd’s has a 20 percent to 25 percent share of the $2.5 billion cyber insurance market,” added Beale.
Download ‘Counting the cost: Cyber exposure decoded‘ report
(Security Affairs – (Lloyd’s of London, cost of massive cyber attack)