The economic damage of a successful major cyber-attack against a large cloud services provider could be similar in scale to the financial impact of a destructive hurricane.
The destructive tropical cyclone hurricane Katrina hit the US in 2005, causing $108bn in damage – but that could be exceeded by the cost of a major cyber-attack, according to one expert.
“To compare the degree of economic cost, estimates now are that if attackers took down a major cloud provider, the damages could be $50bn to $120bn, so something in the range of a Sandy event to a Katrina event,” said John Drzik, president of global risk and digital at insurance broking and risk management company Marsh, speaking at the launch of the World Economic Forum (WEF)’s Global Risks Report 2018. Mr. Drzik was quoted on ZDNet.
Cyber attacks now cost around $1 trillion in damage per year compared to 2017’s record of $300bn for natural disasters, he said.
The risk is also growing as governments increasingly become involved in cyber attacks.
Last year’s “Wannacry” attack, which froze hundreds of thousands of computers globally and demanded a ransom from users, hit scores of NHS trusts, forcing operations to be cancelled and affecting the health service’s ability to provide care, The Telegraph reported.
The Global Risks Report found cyber risks are the fastest-growing concern among businesses, rising from sixth on last year’s list of top 10 risks in terms of likelihood to third place, the newspaper reported.
“Cyber is at or above the scale of natural catastrophes, and yet the comparative infrastructure against it is much smaller in scale,” Mr. Drzik said.
“Think about the government agencies and the voluntary organizations which focus on the response to natural disasters, versus national cyber agencies which are much less resourced. They have some capacity but not enough to deal with a significantly growing risk. International protocols have yet to emerge in dealing with cyber risk,” he added.