Assessing the impacts of a global ransomware attack
This report, ‘Bashe attack: Global infection by contagious malware’ explores a scenario in which companies’ devices are infected with malware that threatens to destroy or block access to files unless a ransom is paid.
The attack is launched through an infected email, which once opened is forwarded to all contacts and within 24 hours encrypts all data on nearly 30 million devices worldwide. Companies of all sizes and in all sectors would be forced to pay a ransom to decrypt their data or to replace their infected devices.
The report estimates a cyber-attack on this scale could cost $193bn and affect more than 600,000 businesses worldwide.
Despite the high costs to business, the report shows that the global economy is underprepared for such an attack with 86% of the total economic losses are uninsured, leaving an insurance gap of $166bn.
The report provides an overview of insurance losses and classes impacted:
- Analyses regional economic impacts in the US, Europe, Asia and the rest of the world.
- Analyses the economic impacts by industry sector.
- Challenges assumptions of how prepared the global economy is for a cyber-attack of this nature and scale.
- Highlights lessons for the insurance sector in terms of policy, legal and aggregation issues in cyber insurance products.
- Identifies opportunities for insurers to expand their business in insurance classes associated with ransomware attacks.
The report is a new publication from the Cyber Risk Management (CyRiM) project, the Singapore-based public-private initiative that assesses cyber risks, of which Lloyd’s is one of the founding members. Understand more about CyRiM click here