In a figure that is at par with a catastrophic natural disaster such as U.S. Superstorm Sandy in 2012, Lloyd's of London said in a report on Monday that a major, global cyber attack could trigger an average of $53 billion of economic losses.
The hypothetical situation of cyber attacks on computer operating systems run by businesses worldwide and the hypothetical hacking of a cloud service provider formed the basis of the study of the potential economic losses that were expressed in the report which has been co-written with risk-modeling firm Cyence.
Amid mounting cyber risks and interest in cyber insurance, insurers are struggling to estimate their potential exposure to cyber-related losses. And in this process a key challenge is a lack of historical data on which insurers can base assumptions.
"Because cyber is virtual, it is such a difficult task to understand how it will accumulate in a big event," Lloyd's of London Chief Executive Inga Beale told Reuters.
The "WannaCry" ransomware attack in May, which spread to more than 100 countries, resulted in a global cost of $8 billion to the entire business world and according to Cyence, the projected potential economic costs in the hypothetical cloud provider attack dwarf that $8 billion global cost.
Business interruptions and computer repairs are typically included in the economic costs.
Very recently, warning about a potential hacking campaign targeting the nuclear and energy sectors was issued by the U.S. government and the Lloyd's report follows that U.S. government warning.
And spreading from infections in Ukraine to businesses around the globe was an attack of a virus dubbed "NotPetya" in June. Computers were rendered inoperable which disrupted activity at ports, law firms and factories by the spread of encrypted data on infected machines.
Cyence said that "NotPetya" caused $850 million in economic costs.
Hackers inserted malicious code into a cloud provider's software that was designed to trigger system crashes among users a year later in the hypothetical cloud service attack in the Lloyd's-Cyence scenario.
And from financial services companies to hotels, all would end up losing income and incur other expenses by the time the malware would have spread among the provider's customers.
For large to extreme events, $4.6 billion to $53 billion could be the range of the average economic losses caused by such a disruption from such a scenario. But the report said that the actual losses could be as high as $121 billion.
The report further said that due to companies underinsuring, as much as $45 billion of that sum may not be covered by cyber policies.
Ranging from $9.7 billion to $28.7 billion are the average losses for a scenario involving a hacking of operating systems.
Beale said in June that in the cyber insurance market, Lloyd's has a 20 percent to 25 percent share of the $2.5 billion.
(Source:www.reuters.com )
The hypothetical situation of cyber attacks on computer operating systems run by businesses worldwide and the hypothetical hacking of a cloud service provider formed the basis of the study of the potential economic losses that were expressed in the report which has been co-written with risk-modeling firm Cyence.
Amid mounting cyber risks and interest in cyber insurance, insurers are struggling to estimate their potential exposure to cyber-related losses. And in this process a key challenge is a lack of historical data on which insurers can base assumptions.
"Because cyber is virtual, it is such a difficult task to understand how it will accumulate in a big event," Lloyd's of London Chief Executive Inga Beale told Reuters.
The "WannaCry" ransomware attack in May, which spread to more than 100 countries, resulted in a global cost of $8 billion to the entire business world and according to Cyence, the projected potential economic costs in the hypothetical cloud provider attack dwarf that $8 billion global cost.
Business interruptions and computer repairs are typically included in the economic costs.
Very recently, warning about a potential hacking campaign targeting the nuclear and energy sectors was issued by the U.S. government and the Lloyd's report follows that U.S. government warning.
And spreading from infections in Ukraine to businesses around the globe was an attack of a virus dubbed "NotPetya" in June. Computers were rendered inoperable which disrupted activity at ports, law firms and factories by the spread of encrypted data on infected machines.
Cyence said that "NotPetya" caused $850 million in economic costs.
Hackers inserted malicious code into a cloud provider's software that was designed to trigger system crashes among users a year later in the hypothetical cloud service attack in the Lloyd's-Cyence scenario.
And from financial services companies to hotels, all would end up losing income and incur other expenses by the time the malware would have spread among the provider's customers.
For large to extreme events, $4.6 billion to $53 billion could be the range of the average economic losses caused by such a disruption from such a scenario. But the report said that the actual losses could be as high as $121 billion.
The report further said that due to companies underinsuring, as much as $45 billion of that sum may not be covered by cyber policies.
Ranging from $9.7 billion to $28.7 billion are the average losses for a scenario involving a hacking of operating systems.
Beale said in June that in the cyber insurance market, Lloyd's has a 20 percent to 25 percent share of the $2.5 billion.
(Source:www.reuters.com )
