Report Warns That Fallout From Large Global Cyberattack Could Be As Costly As A Major Natural Disaster
A recent report warns that the fallout from a large worldwide cyberattack could be as costly as a major natural disaster, topping more than $53 billion. As a comparison, Lloyd’s of London cites Superstorm Sandy, which devastated New Jersey and other East Coast states in 2012.
The report, which Lloyd’s prepared with risk-modeling company Cyence, examines the potential losses associated with two hypothetical cyber incidents. In the first, hackers take down a cloud-service provider, which causes many cloud-based customer servers to fail and leads to widespread service and business interruption. In the second, a cyber analyst loses a bag that contains a hard copy of a report on a vulnerability that affects all versions of an operating system run by 45 percent of the global market. Criminals purchase the report on the dark web and begin attacking vulnerable businesses for financial gain.
According to Lloyd’s, the goal of its “Counting the Cost” report is to help insurers and risk managers quantify cyber-risk aggregation. While costly cyberattacks are on the rise, “the understanding of cyber liability and risk exposures is relatively underdeveloped compared with other insurance classes,” the report notes.
In May, the “WannaCry” ransomware attack spread to more than 100 countries and caused $8 billion in damage. One month later, the virus “NotPetya” spread from the Ukraine to businesses across the world, encrypting data and disabling infected computers along the way. It caused an estimated $850 million in economic losses.
Lloyd’s predicts that losses for future cyberattacks could be much higher. Below are several key findings of the report:
Cyber incidents can wreak widespread havoc on the global economy. For the hypothetical cloud service disruption incident, the predicted losses range from $4.6 billion for a large event to $53.1 billion for an extreme event. The report projects that the mass software vulnerability incident would cause losses ranging from $9.7 billion for a large event to $28.7 billion for an extreme event.
The uncertainty around cyber aggregation means that economic losses could be much lower or higher than the averages stated above. For example, losses in the cloud service disruption scenario could be as high as $121.4 billion or as low as $15.6 billion, depending on factors such as the different organizations involved and how long the cloud-service disruption lasts.
Cyberattacks could trigger billions of dollars of insured losses. According to the report, in the cloud-services scenario, insured losses range from $620 million for a large loss to $8.1 billion for an extreme loss. For the mass software vulnerability scenario, the insured losses range from $762 million (large loss) to $2.1 billion (extreme loss).
The hypothetical cyberattacks reveal there is an insurance gap of between $4 billion (large loss) and $45 billion (extreme loss) in terms of the cloud services attack, which means that between 13 percent and 17 percent of the losses are covered, respectively. The underinsurance gap is between $8.9 billion (large loss) and $26.6 billion (extreme loss) for the mass vulnerability scenario, which means that just 7 percent of economic losses are covered.
Preparing Your Business for Cyberattack
For New York and New Jersey businesses, the report can be helpful in assessing the impacts a major global cyberattack could have on your day-to-day processes. It can also help determine what actions may be necessary to mitigate these risks.
In June 2017, Lloyd’s released another report regarding the cost of cyberattacks. The report, titled “Closing the gap – insuring your business against evolving cyber threats,” warned that many businesses fail to recognize how costly a cyber incident can be, highlighting that reputational harm and loss of competitive advantage can cause long-term damage to a company’s bottom line.
“The reputational fallout from a cyber breach is what kills modern businesses. And in a world where the threat from cyber-crime is when, not if, the idea of simply hoping it won’t happen to you, isn’t tenable,” said Inga Beale, CEO of Lloyd’s “To protect themselves businesses should spend time understanding what specific threats they may be exposed to and speak to experts who can help handle a breach, minimize reputational harm and arrange cyber insurance to ensure that the risks are adequately covered,” she added.
For companies that have not yet considered dedicated cyber insurance, now may be the time. In addition to the rise in cyberattacks and data breaches, many commercial general liability (CGL) policies now expressly exclude such losses. While cyber insurance policies were once reserved for billion-dollar companies operating in high-risk industries, the market has grown significantly in recent years.
Do you have any comments concerning this topic? Feel free to leave a comment below for Fernando M. Pinguelo. If you have any questions about this post, please contact me or the Scarinci Hollenbeck attorney with whom you work.
Does Your Homeowners Insurance Provide Adequate Coverage?
Your home is likely your greatest asset, which is why it is so important to adequately protect it. Homeowners insurance protects you from the financial costs of unforeseen losses, such as theft, fire, and natural disasters, by helping you rebuild and replace possessions that were lost While the definition of “adequate” coverage depends upon a […]
Understanding the Importance of a Non-Contingent Offer
Making a non-contingent offer can dramatically increase your chances of securing a real estate transaction, particularly in competitive markets like New York City. However, buyers should understand that waiving contingencies, including those related to financing, or appraisals, also comes with significant risks. Determining your best strategy requires careful analysis of the property, the market, and […]
Fred D. Zemel Appointed Chair of Strategic Planning at Scarinci & Hollenbeck, LLC
Business Transactional Attorney Zemel to Spearhead Strategic Initiatives for Continued Growth and Innovation Little Falls, NJ – February 21, 2025 – Scarinci & Hollenbeck, LLC is pleased to announce that Partner Fred D. Zemel has been named Chair of the firm’s Strategic Planning Committee. In this role, Mr. Zemel will lead the committee in identifying, […]
Novation Agreement Process: Step-by-Step Guide for Businesses
Big changes sometimes occur during the life cycle of a contract. Cancelling a contract outright can be bad for your reputation and your bottom line. Businesses need to know how to best address a change in circumstances, while also protecting their legal rights. One option is to transfer the “benefits and the burdens” of a […]
What Is a Trade Secret? Key Elements and Legal Protections Explained
What is a trade secret and why you you protect them? Technology has made trade secret theft even easier and more prevalent. In fact, businesses lose billions of dollars every year due to trade secret theft committed by employees, competitors, and even foreign governments. But what is a trade secret? And how do you protect […]
What Is Title Insurance? Safeguarding Against Title Defects
If you are considering the purchase of a property, you may wonder — what is title insurance, do I need it, and why do I need it? Even seasoned property owners may question if the added expense and extra paperwork is really necessary, especially considering that people and entities insured by title insurance make fewer […]
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
Economic Damage from Global Cyberattack Would Rival Superstorm Sandy
Author: Scarinci Hollenbeck, LLC
Report Warns That Fallout From Large Global Cyberattack Could Be As Costly As A Major Natural Disaster
A recent report warns that the fallout from a large worldwide cyberattack could be as costly as a major natural disaster, topping more than $53 billion. As a comparison, Lloyd’s of London cites Superstorm Sandy, which devastated New Jersey and other East Coast states in 2012.
The report, which Lloyd’s prepared with risk-modeling company Cyence, examines the potential losses associated with two hypothetical cyber incidents. In the first, hackers take down a cloud-service provider, which causes many cloud-based customer servers to fail and leads to widespread service and business interruption. In the second, a cyber analyst loses a bag that contains a hard copy of a report on a vulnerability that affects all versions of an operating system run by 45 percent of the global market. Criminals purchase the report on the dark web and begin attacking vulnerable businesses for financial gain.
According to Lloyd’s, the goal of its “Counting the Cost” report is to help insurers and risk managers quantify cyber-risk aggregation. While costly cyberattacks are on the rise, “the understanding of cyber liability and risk exposures is relatively underdeveloped compared with other insurance classes,” the report notes.
In May, the “WannaCry” ransomware attack spread to more than 100 countries and caused $8 billion in damage. One month later, the virus “NotPetya” spread from the Ukraine to businesses across the world, encrypting data and disabling infected computers along the way. It caused an estimated $850 million in economic losses.
Lloyd’s predicts that losses for future cyberattacks could be much higher. Below are several key findings of the report:
Cyber incidents can wreak widespread havoc on the global economy. For the hypothetical cloud service disruption incident, the predicted losses range from $4.6 billion for a large event to $53.1 billion for an extreme event. The report projects that the mass software vulnerability incident would cause losses ranging from $9.7 billion for a large event to $28.7 billion for an extreme event.
The uncertainty around cyber aggregation means that economic losses could be much lower or higher than the averages stated above. For example, losses in the cloud service disruption scenario could be as high as $121.4 billion or as low as $15.6 billion, depending on factors such as the different organizations involved and how long the cloud-service disruption lasts.
Cyberattacks could trigger billions of dollars of insured losses. According to the report, in the cloud-services scenario, insured losses range from $620 million for a large loss to $8.1 billion for an extreme loss. For the mass software vulnerability scenario, the insured losses range from $762 million (large loss) to $2.1 billion (extreme loss).
The hypothetical cyberattacks reveal there is an insurance gap of between $4 billion (large loss) and $45 billion (extreme loss) in terms of the cloud services attack, which means that between 13 percent and 17 percent of the losses are covered, respectively. The underinsurance gap is between $8.9 billion (large loss) and $26.6 billion (extreme loss) for the mass vulnerability scenario, which means that just 7 percent of economic losses are covered.
Preparing Your Business for Cyberattack
For New York and New Jersey businesses, the report can be helpful in assessing the impacts a major global cyberattack could have on your day-to-day processes. It can also help determine what actions may be necessary to mitigate these risks.
In June 2017, Lloyd’s released another report regarding the cost of cyberattacks. The report, titled “Closing the gap – insuring your business against evolving cyber threats,” warned that many businesses fail to recognize how costly a cyber incident can be, highlighting that reputational harm and loss of competitive advantage can cause long-term damage to a company’s bottom line.
“The reputational fallout from a cyber breach is what kills modern businesses. And in a world where the threat from cyber-crime is when, not if, the idea of simply hoping it won’t happen to you, isn’t tenable,” said Inga Beale, CEO of Lloyd’s “To protect themselves businesses should spend time understanding what specific threats they may be exposed to and speak to experts who can help handle a breach, minimize reputational harm and arrange cyber insurance to ensure that the risks are adequately covered,” she added.
For companies that have not yet considered dedicated cyber insurance, now may be the time. In addition to the rise in cyberattacks and data breaches, many commercial general liability (CGL) policies now expressly exclude such losses. While cyber insurance policies were once reserved for billion-dollar companies operating in high-risk industries, the market has grown significantly in recent years.
Do you have any comments concerning this topic? Feel free to leave a comment below for Fernando M. Pinguelo. If you have any questions about this post, please contact me or the Scarinci Hollenbeck attorney with whom you work.
Let`s get in touch!
Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!
