Think Superstorm Sandy was bad? A major global cyber attack could cost $53bn, warns Lloyd's of London

 
Oliver Gill
Follow Oliver
East Coast Begins To Clean Up And Assess Damage From Hurricane Sandy
Superstorm Sandy made landfall in North America in 2012 (Source: Getty)

A major cyber attack could cost the global economy $53bn (£40bn), City stalwart Lloyd’s of London has warned.

The economic cost is roughly equivalent to the impact of Superstorm Sandy in 2012, the second costliest cyclone on record.

Lloyd’s ran two scenarios in a report released today: a malicious hack that brings down a cloud service provider and an attack on a computer operating system used by a large number of businesses around the world.

Estimated losses from the two scenarios total $53.0bn and $28.7bn respectively. This compares with the economic losses of Sandy that amount to between $50bn and $70bn.

Read more: Cyber attacks leave firms facing higher bill than they expected

Lloyd’s chief executive Inga Beale said the report gave a “real sense of the scale of damage a cyber-attack could cause the global economy”.

She added:

Just like some of the worst natural catastrophes, cyber events can cause a severe impact on businesses and economies, trigger multiple claims and dramatically increase insurers’ claims costs.

Gap

The report, produced in conjunction with risk analytics modelling firm Cyence, also highlighted an “uninsured gap” of $45bn of losses – in other words losses which are not covered by cyber insurance policies. This means less than a fifth (17 per cent) of costs could be recouped from insurers.

Furthermore, $26bn of losses could be underinsured in the report’s scenarios.

“Underwriters need to consider cyber cover in this way and ensure that premium calculations keep pace with the cyber threat reality,” said Beale.

The findings come after Lloyd’s warned at the end of June of the shocking fallout of a cyber attack on businesses.

Beale said the reputational impact of a mass hacking event was “what kills modern businesses”.

“In a world where the threat from cyber-crime is when, not if, the idea of simply hoping it won’t happen to you, isn’t tenable, she said.