It would be equivalent to the cost of the damage caused by Hurricane Sandy in the United States in 2012. A global cyberattack could result in an average of $53 billion ($46 billion) in economic losses, according to a study released Monday, July 17, by the British insurance market Lloyd’s of London.
The study, co-conducted by the firm Cyence, looked at the potential economic losses that would be caused by the hacking of a cloud service provider and cyber attacks on corporate computer operating systems. Insurers are looking to estimate their exposure to potential losses from cyber attacks.
“Because cyber is virtual, it’s really hard to understand how a cyber attack could snowball,” Inga Beale, chief executive of Lloyd’s of London, told Reuters. The economic costs of a hypothetical attack on a cloud service provider would far exceed those of the $8 billion WannaCry computer virus attack, according to Cyence. This “ransomware” infected several hundred thousand computers in about 100 countries last May.
Economic costs include lost business revenue due to business interruption and repairs to IT systems. In their scenario, LLoyds and Cyence study the consequences of an attack on cloud services consisting of the introduction of malicious code designed to trigger a year later.
By that time, the software will have spread to all of the provider’s customers of those services, who will suffer lost revenue and additional costs. Economic losses could range from $4.6 billion to $53 billion, according to the study.
As much as $45 billion of that amount may not be covered by cyber insurance policies due to companies’ underinsurance of cyber risks, the study continues. Losses from operating system hacking are estimated to be between $9.7 billion and $28.7 billion. In June, Inga Beale estimated Lloyd’s share of the $2.5 billion cyber insurance market at 20 to 25 percent.