17/07/2017
(Reuters) — A major, global cyber attack could
trigger an average of $53 billion of economic losses, a figure on par with a
catastrophic natural disaster such as U.S. Superstorm Sandy in 2012, Lloyd’s of
London said in a report on Monday.
The report, co-written with risk-modeling firm
Cyence, examined potential economic losses from the hypothetical hacking of a
cloud service provider and cyber attacks on computer operating systems run by
businesses worldwide.
Insurers are struggling to estimate their potential
exposure to cyber-related losses amid mounting cyber risks and interest in
cyber insurance. A lack of historical data on which insurers can base
assumptions is a key challenge.
“Because cyber is virtual, it is such a difficult
task to understand how it will accumulate in a big event,” Lloyd’s of London
Chief Executive Inga Beale told Reuters.
Economic costs in the hypothetical cloud provider
attack dwarf the $8 billion global cost of the “WannaCry” ransomware attack in
May, which spread to more than 100 countries, according to Cyence.
Economic costs typically include business
interruptions and computer repairs.
The Lloyd’s report follows a U.S. government
warning to industrial firms about a hacking campaign targeting the nuclear and
energy sectors.
In June, an attack of a virus dubbed “NotPetya”
spread from infections in Ukraine to businesses around the globe. It encrypted
data on infected machines, rendering them inoperable and disrupted activity at
ports, law firms and factories.
NotPetya caused $850 million in economic costs,
Cyence said.
In the hypothetical cloud service attack in the
Lloyd’s-Cyence scenario, hackers inserted malicious code into a cloud
provider’s software that was designed to trigger system crashes among users a
year later.
By then, the malware would have spread among the
provider’s customers, from financial services companies to hotels, causing all
to lose income and incur other expenses.
Average economic losses caused by such a disruption
could range from $4.6 billion to $53 billion for large to extreme events. But
actual losses could be as high as $121 billion, the report said.
As much as $45 billion of that sum may not be
covered by cyber policies due to companies underinsuring, the report said.
Average losses for a scenario involving a hacking
of operating systems ranged from $9.7 billion to $28.7 billion.
Lloyd’s has a 20% to 25% share of the $2.5 billion
cyber insurance market, Ms. Beale said in June.
Compilação: Carlos BARROS DE MOURA EXPERTISE EM SEGUROS
Nenhum comentário:
Postar um comentário