As organisations and economies become highly interconnected, it exposes themselves to new types of risks, such as the potential for vulnerabilities and manipulation in a cyber attack. In a new report by the Cyber Risk Management (CyRiM) project, a Singapore based public-private initiative for studying cyber risks.

The team created a “Bashe Attack” scenario to simulate a large scale global cyber attack that results in “catastrophic economic and insurance losses with lasting consequences”. The ransomware was spread using a phishing email and when one employee opens the attachment, all data on computers sharing the network with that device have been fully encrypted and forwarded to all other contacts; infecting other companies as well.

What were the findings?

• A global ransomware cyber-attack could potentially affect over 600,000 businesses worldwide and cost $193 billion.
• The top three sectors that suffered the highest economic loss are:

1. Retail ($15 billion) – attack on payment system causing significant sales revenue
2. Healthcare ($10 billion) – attack on legacy systems and old healthcare IT equipment that will slow down restoration
3. Manufacturing ($9 billion) – attack on manufacturing equipment that stops production

• The regions that showcased the highest economic loss are:

1. S ($46-89 billion) – mainly driven by infection on premier-sized companies and finance sector
2. Europe ($30-76 billion) – infection on a higher number of small-medium sized enterprises due to poor cyber security preparedness.
3. Asia ($6-19 billion) – Lower than the US and Europe due to the lesser number of sectors with high vulnerability scores. Healthcare, transportation and manufacturing have seen to be most affected in this region.

• Insurance sector will benefit from this study, in terms of policy, legal and aggregation issues in cyber insurance offerings.

For the full report, please visit https://www.lloyds.com/news-and-risk-insight/risk-reports/library/technology/bashe-attack