A major, global cyber attack could trigger an average of $53 billion of economic losses, a figure on par with a catastrophic natural disaster such as U.S. Superstorm Sandy in 2012, Lloyd's of London said in a report on Monday.
The report, co-written with risk-modeling firm Cyence, examined potential economic losses from the hypothetical hacking of a cloud service provider and cyber attacks on computer operating systems run by businesses worldwide.
Insurers are struggling to estimate their potential exposure to cyber-related losses amid mounting cyber risks and interest in cyber insurance.
A global cyber attack could trigger an average of $53 billion of economic losses, a figure on par with a catastrophic natural disaster such as U.S. Superstorm Sandy in 2012, Lloyd's of London claims.
- The WannaCry attack paralysed NHS computers, Germany's national railway and scores of other companies and government agencies
- The extortion scheme hit 150 countries including the US, Britain, Russia, China, Germany and France
- It is estimated it infected more than 200,000 computers worldwide
- The virus locked each computer it infected and demanded a ransom for their safe return
- Microsoft pinned partial blame on the NSA for the cyber attacks, which were spread using hacking tools created by the agency
- The tools were leaked online by a hacking group last month after they accessed NSA cyberware files
- Now Microsoft has released security updates in preparation for a string of similar attacks
A lack of historical data on which insurers can base assumptions is a key challenge.
'Because cyber is virtual, it is such a difficult task to understand how it will accumulate in a big event,' Lloyd's of London Chief Executive Inga Beale told Reuters.
Economic costs in the hypothetical cloud provider attack dwarf the $8 billion global cost of the 'WannaCry' ransomware attack in May, which spread to more than 100 countries, according to Cyence.
Economic costs typically include business interruptions and computer repairs.
The Lloyd's report follows a U.S. government warning to industrial firms about a hacking campaign targeting the nuclear and energy sectors.
In June, an attack of a virus dubbed 'NotPetya' spread from infections in Ukraine to businesses around the globe. It encrypted data on infected machines, rendering them inoperable and