Global Cyber Attack Could Cost $53Billion.

A major, global cyber attack could trigger an average of $53 Billion of economic losses, a figure on par with a catastrophic natural disaster such as US Superstorm Sandy in 2012,  say Lloyd's of London in a new report. 

The report, co-written with risk-modeling firm Cyence, examined potential economic losses from the hypothetical hacking of a cloud service provider and cyber attacks on computer operating systems run by businesses worldwide. 

Insurers are struggling to estimate their potential exposure to cyber-related losses amid mounting cyber risks and interest in cyber insurance. A lack of historical data on which insurers can base assumptions is a key challenge. 
"Because cyber is virtual, it is such a difficult task to understand how it will accumulate in a big event," Lloyd's of London Chief Executive Inga Beale told Reuters. 

Economic costs in the hypothetical cloud provider attack dwarf the $8 billion global cost of the "WannaCry" ransomware attack in May, which spread to more than 100 countries, according to Cyence. Economic costs typically include business interruptions and computer repairs.  

The Lloyd's report follows a US government warning to industrial firms about a hacking campaign targeting the nuclear and energy sectors. 

In June, an attack of a virus dubbed "NotPetya" spread from infections in Ukraine to businesses around the globe. It encrypted data on infected machines, rendering them inoperable and disrupted activity at ports, law firms and factories. 
"NotPetya" caused $850 million in economic costs, Cyence said. In the hypothetical cloud service attack in the Lloyd's-Cyence scenario, hackers inserted malicious code into a cloud provider's software that was designed to trigger system crashes among users a year later. 

By then, the malware would have spread among the provider's customers, from financial services companies to hotels, causing all to lose income and incur other expenses. Average economic losses caused by such a disruption could range from $4.6 billion to $53 billion for large to extreme events. But actual losses could be as high as $121 billion, the report said. 

As much as $45 billion of that sum may not be covered by cyber policies due to companies underinsuring, the report said. 

Average losses for a scenario involving a hacking of operating systems ranged from $9.7 billion to $28.7 billion. Lloyd's has a 20 percent to 25 percent share of the $2.5 billion cyber insurance market, Beale said in June.

Reuters:

You Might Also Read:

Insurance: How Cyber Risks Are Evolving:

Advice For Cyber Insurance Buyers:

 

« Dark Web Marketplaces Shut Down
Can We Stop Algorithms Telling Lies? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ON-DEMAND WEBINAR: Future-proof your security with Secure Access Service Edge (SASE)

ON-DEMAND WEBINAR: Future-proof your security with Secure Access Service Edge (SASE)

Watch this webinar to explore the Security orchestration, automation, and response (SOAR) paradigm, its relationship with organization IT practices, and its role in your security strategy.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Synology

Synology

Synology provides high-performance, reliable, and secure Network Attached Storage (NAS) products.

Aviva

Aviva

Aviva provides Cyber Liability cover for small to mid-market customers to help combat the threat of data and privacy breach.

CyberPoint

CyberPoint

CyberPoint delivers innovative, leading-edge cyber security products, solutions, and services to customers worldwide.

Institute for Cyber Security Innovation - Royal Holloway

Institute for Cyber Security Innovation - Royal Holloway

The Institute for Cyber Security Innovation aims to bring together Academia, Industry and Government to be a catalyst for applied research and innovation in cyber security policy and solutions.

Cyber Discovery

Cyber Discovery

Cyber Discovery, the UK Government's Cyber Schools Programme, is a learning programme designed to give young people the opportunity to learn the skills needed to enter the cyber security profession.

certSIGN

certSIGN

certSIGN develop innovative software for information security and information systems protection.

UKAS

UKAS

UKAS is the national accreditation body for the UK. The directory of members provides details of organisations offering certification services for ISO 27001.

X4 Technology

X4 Technology

X4 Technology is a leader in finding the very best technology talent for some of the world’s most innovative start-ups and globally recognised brands.

Dice

Dice

Dice is a leading recruitment platform, helping technology professionals manage their careers and employers connect with highly skilled tech talent in specialist areas including cybersecurity.

Cyber 101

Cyber 101

Cyber 101 is a government funded programme for UK cyber security startups. The programme is designed to sharpen your business skills, refine your strategies and help propel your business to success.

Nihon Cyber Defense

Nihon Cyber Defense

Nihon Cyber Defence’s mission is to provide robust solutions, services and support to governments, corporates and organisations in order to protect them from all forms of cyber warfare.

Cyber Security Cooperative Research Centre (CSCRC)

Cyber Security Cooperative Research Centre (CSCRC)

The CSCRC provides frank and fearless research and in-depth analysis of cyber security systems, the cyber ecosystem and cyber threats.

SessionGuardian

SessionGuardian

SessionGuardian (previously SecureReview) is the world's first and only technology which ensures second-by-second biometric identity verification of your remote user, from log on to log off.

Arcturus Security

Arcturus Security

Arcturus is a CREST-approved cyber security consultancy created by experts in the field.

Tech Vedika

Tech Vedika

Tech Vedika has access to technical guidance, training and resources from AWS to successfully undertake solution architecture, application development, application migration, and managed services.

RiskSmart

RiskSmart

RiskSmart empower risk, compliance, and legal teams with a tech-led and data-driven platform designed to save time, reduce costs and add real value to businesses.