Global Cyber Attack Could Cost $53Billion.

A major, global cyber attack could trigger an average of $53 Billion of economic losses, a figure on par with a catastrophic natural disaster such as US Superstorm Sandy in 2012,  say Lloyd's of London in a new report. 

The report, co-written with risk-modeling firm Cyence, examined potential economic losses from the hypothetical hacking of a cloud service provider and cyber attacks on computer operating systems run by businesses worldwide. 

Insurers are struggling to estimate their potential exposure to cyber-related losses amid mounting cyber risks and interest in cyber insurance. A lack of historical data on which insurers can base assumptions is a key challenge. 
"Because cyber is virtual, it is such a difficult task to understand how it will accumulate in a big event," Lloyd's of London Chief Executive Inga Beale told Reuters. 

Economic costs in the hypothetical cloud provider attack dwarf the $8 billion global cost of the "WannaCry" ransomware attack in May, which spread to more than 100 countries, according to Cyence. Economic costs typically include business interruptions and computer repairs.  

The Lloyd's report follows a US government warning to industrial firms about a hacking campaign targeting the nuclear and energy sectors. 

In June, an attack of a virus dubbed "NotPetya" spread from infections in Ukraine to businesses around the globe. It encrypted data on infected machines, rendering them inoperable and disrupted activity at ports, law firms and factories. 
"NotPetya" caused $850 million in economic costs, Cyence said. In the hypothetical cloud service attack in the Lloyd's-Cyence scenario, hackers inserted malicious code into a cloud provider's software that was designed to trigger system crashes among users a year later. 

By then, the malware would have spread among the provider's customers, from financial services companies to hotels, causing all to lose income and incur other expenses. Average economic losses caused by such a disruption could range from $4.6 billion to $53 billion for large to extreme events. But actual losses could be as high as $121 billion, the report said. 

As much as $45 billion of that sum may not be covered by cyber policies due to companies underinsuring, the report said. 

Average losses for a scenario involving a hacking of operating systems ranged from $9.7 billion to $28.7 billion. Lloyd's has a 20 percent to 25 percent share of the $2.5 billion cyber insurance market, Beale said in June.

Reuters:

You Might Also Read:

Insurance: How Cyber Risks Are Evolving:

Advice For Cyber Insurance Buyers:

 

« Dark Web Marketplaces Shut Down
Can We Stop Algorithms Telling Lies? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

GlobalSign

GlobalSign

GlobalSign is an identity services company providing cloud-based, PKI solutions for enterprises needing to conduct safe commerce, communications, content delivery and community interactions.

Cyber Exchange

Cyber Exchange

Cyber Exchange provides a focal point for UK organisations connected with, or with an interest in, cyber security to connect, engage and collaborate.

Gemserv

Gemserv

Gemserv is a specialist market design, governance and assurance services consultancy.

Cybero

Cybero

Cybero offers professional corporate cybersecurity training tailored to your business requirements.

Information and Communication Technology Authority (ICT Authority) - Kenya

Information and Communication Technology Authority (ICT Authority) - Kenya

The ICT Authority is responsible for enforcing ICT standards in Government and ensuring information security.

Pipeline Security

Pipeline Security

Pipeline Security protects businesses with real-time threat data, threat detection & prevention, continuous cyber security monitoring and security analytics.

Vehere

Vehere

Vehere specialises in mission critical signals aquisition and analytics platform and cyber defence systems.

PROOF

PROOF

PROOF is a Brazilian leader in cybersecurity. Our goal is to assist our Customers in managing security efficiently and in tune with business needs.

Hunter Strategy

Hunter Strategy

Hunter Strategy focuses on delivering solutions that are concise, scalable, and target our customer’s complex technical challenges.

ABCsolutions

ABCsolutions

ABCsolutions is dedicated to assisting businesses and professionals achieve compliance with federal anti-money laundering regulations in an intelligent and pragmatic way.

blueAllianceIT

blueAllianceIT

blueAlliance IT is an investment and growth platform that unites local MSP and IT companies around the nation, helping them to grow and operate competitively.

Cyber Security Services

Cyber Security Services

Cyber Security Services is a cyber security consulting firm and security operations center (SOC).

eCentre@LindenPointe

eCentre@LindenPointe

The eCenter@LindenPointe provides assistance to the development, management and promotion of STEM (Science, Technology, Engineering, Mathematics) related business ventures.

WiebeTech

WiebeTech

WiebeTech’s line of digital forensics tools provide innovative and rugged devices for efficient disk imaging and evidence capture.

DNS Research Federation (DNSRF)

DNS Research Federation (DNSRF)

DNSRF's mission is to advance the understanding of the Domain Name System's impact on cybersecurity, policy and technical standards.

Zanutix Consulting

Zanutix Consulting

Zanutix specialize in a wide range of services including Network Design and Implementation, Data Management, Cloud Solutions, Software Development and Cybersecurity.