Global email cyber attack could cost $193bn economic damage, report finds

In the hypothetical scenario studied by Lloyd's of London and Aon, they say the largest losses would likely be in retail, health care, manufacturing and banking

epa07294580 (FILE) - ILLUSTRATION - A person sits in front of a computer screen in Moers, Germany, 04 January 2019 (reissued 19 Jauary 2019). Media reports on 17 January 2019 state that a record with numerous stolen user data has been published on the Internet. The collection named Collection #1 contained almost 773 million different email addresses, more than 21 million different passwords and more than a billion combinations of credentials, according to a Australian IT security expert. Internet users shall be affected worldwide.  EPA/SASCHA STEINBACH
Powered by automated translation

A co-ordinated global cyber attack, spread through malicious email, could cause economic damages anywhere between $85 billion and $193bn, a report aid on Tuesday.

Insurance claims after such an attack would range from business interruption and cyber extortion to incident response costs, the hypothetical scenario developed as a stress test for risk management jointly produced by Lloyd's of London and Aon showed on Tuesday.

Total claims paid by the insurance sector in this scenario is estimated to be between $10bn and $27bn, based on policy limits ranging from $500,000 to $200 million. The stark difference between insured and economic loss estimates highlights the extent of underinsurance, in case of such an attack, the stress test showed, according to Reuters. An attack could affect several sectors globally, with the largest losses in retail, health care, manufacturing and banking fields, the report said.

Regional economies that are more service dominated, especially the United States and Europe, would suffer more and are vulnerable to higher direct losses, the report said.

Cyber attacks have been in focus after a virus spread from Ukriane to wreak havoc around the globe in 2017, crippling thousands of computers, disrupting ports from Mumbai to Los Angeles and even halting production at a chocolate factory in Australia.

Governments are increasingly warning against the risks businesses face from such attacks, both those carried out by foreign governments and financially motivated criminals.


Read more:

MI6 chief: Russia major culprit in cyber and terrorist attacks

Are 'smart' devices smart enough to thwart cybercrime?


Last month, The National reported that oil major Saudi Aramco and US-based defence company Raytheon will form a joint venture for cyber-security services in the kingdom and the region.

The JV will develop and provide integrated defensive cyber-security software and hardware capabilities, according to Aramco. The JV will increase cyber-security protection available to Saudi Aramco, its suppliers, customers and affiliates.

"Demand for cyber-security services is expected to grow as companies move further into the digital space and embrace technologies such as Internet of Things and big data," Khalid Al-Dabbagh, Saudi Aramco's senior vice president of finance, strategy and development, said at the time. "The partnership with Raytheon will help strengthen cyber-security and enhance its infrastructure in Saudi Arabia and the broader region.”

In Europe, Britain's National Cyber Security Centre announced on Friday it was investigating a large-scale Domain Name System (DNS) hijacking campaign that hit governments and commercial organisations across the world.

In another recent incident, French engineering consultancy Altran Technologies was the target of a cyber attack that hit its operations in some European countries.

On a larger scale, personal data and documents from hundreds of German politicians and public figures, including Chancellor Angela Merkel, were published online in what appears to be one of Germany's most far-reaching data breaches.