BENGALURU (REUTERS) - A co-ordinated global cyber attack, spread through malicious e-mail, could cause economic damages anywhere between US$85 billion and US$193 billion (between S$115 billion and S$261 billion), a hypothetical scenario developed as a stress test for risk management showed.
Insurance claims after such an attack would range from business interruption and cyber extortion to incident response costs, the report jointly produced by insurance market Lloyd's of London and Aon said on Tuesday (Jan 29).
The report was co-produced by insurance companies MSIG, SCOR and TransRe as well as the Cyber Risk Management initiative.
Total claims paid by the insurance sector in this scenario is estimated to be between US$10 billion and US$27 billion, based on policy limits ranging from US$500,000 to US$200 million.
The stark difference between insured and economic loss estimates highlights the extent of underinsurance, in case of such an attack, the stress test showed.
An attack could affect several sectors globally, with the largest losses in the fields of retail, healthcare, manufacturing and banking.
Regional economies that are more service dominated, especially the United States and Europe, would suffer more and are vulnerable to higher direct losses, the report said.
Cyber attacks have been in focus after a virus spread from Ukraine to wreak havoc around the world in 2017, crippling thousands of computers, disrupting ports from Mumbai to Los Angeles and even halting production at a chocolate factory in Australia.
Governments are increasingly warning against the risks that private businesses face from such attacks, both those carried out by foreign governments as well as by financially motivated criminals.
For example, Britain's National Cyber Security Centre announced last Friday that it was investigating a large-scale Domain Name System (DNS) hijacking campaign that hit governments and commercial organisations across the world.
In another recent incident, French engineering consultancy Altran Technologies was the target of a cyber attack that hit its operations in some European countries.
On a larger scale, personal data and documents from hundreds of German politicians and public figures, including Chancellor Angela Merkel, were published online in what appears to be one of Germany's most far-reaching data breaches.