As organisations and economies become highly interconnected, it exposes themselves to new types of risks, such as the potential for vulnerabilities and manipulation in a cyber attack. In a new report by the Cyber Risk Management (CyRiM) project, a Singapore based public-private initiative for studying cyber risks.
The team created a “Bashe Attack” scenario to simulate a large scale global cyber attack that results in “catastrophic economic and insurance losses with lasting consequences”. The ransomware was spread using a phishing email and when one employee opens the attachment, all data on computers sharing the network with that device have been fully encrypted and forwarded to all other contacts; infecting other companies as well.
What were the findings?
- A global ransomware cyber-attack could potentially affect over 600,000 businesses worldwide and cost $193 billion.
- The top three sectors that suffered the highest economic loss are:
- Retail ($15 billion) – attack on payment system causing significant sales revenue
- Healthcare ($10 billion) – attack on legacy systems and old healthcare IT equipment that will slow down restoration
- Manufacturing ($9 billion) – attack on manufacturing equipment that stops production
- The regions that showcased the highest economic loss are:
- S ($46-89 billion) – mainly driven by infection on premier-sized companies and finance sector
- Europe ($30-76 billion) – infection on a higher number of small-medium sized enterprises due to poor cyber security preparedness.
- Asia ($6-19 billion) – Lower than the US and Europe due to the lesser number of sectors with high vulnerability scores. Healthcare, transportation and manufacturing have seen to be most affected in this region.
- Insurance sector will benefit from this study, in terms of policy, legal and aggregation issues in cyber insurance offerings.
For the full report, please visit https://www.lloyds.com/news-and-risk-insight/risk-reports/library/technology/bashe-attack