A single, large cyber-attack hitting major ports across the Asia-Pacific region could cost as much as USD 110 billion, of which just 8% would be covered by insurance, according to a new report produced by the University of Cambridge Centre for Risk Studies, on behalf of the Cyber Risk Management project, in partnership with Lloyd’s of London.
According to the report, ‘Shen attack: Cyber risk in Asia Pacific ports’, the cost of a single cyber-attack affecting major ports across the region is equal to half of all natural disasters in 2018.
While the potential economic cost of such an event is staggering, it’s even more alarming that of the total, the report estimates that 92% of the costs are uninsured, resulting in a huge USD 101 billion protection gap.
A plausible scenario depicted in the report, notes that an attack via a computer virus carried by ships has the potential to scramble the cargo database records at major ports, resulting in severe disruption. Furthermore, the global interconnectivity of the maritime supply chain means that economic losses would be felt around the world, as well as the direct impacts to ports in the Asia-Pacific region.
Interestingly, the report breaks down the estimated financial hit to each sector, were such an attack to occur. The transportation, aviation and aerospace sectors would be the most affected (USD 28.2 billion of economic losses in total), followed by manufacturing (USD 23.6 billion) and then retail (USD 18.5 billion).
Productivity losses would hit any country that has bilateral trade with the attacked ports, although Asia would be the most affected region, estimated to lose as much as USD 27 billion in indirect economic losses, followed by USD 623 million in Europe, and USD 266 million in North America, finds the report.
Regarding the potential insurance and reinsurance industry loss from such an event, and the report states that business interruption and contingent business interruption protection would be the main drivers. Adding that non-affirmative, also known as cyber silent cyber, would account for as much as 57% of the total insured losses.
Insurance claims would come from a variety of areas, says the report, including port operators, companies along the supply chain, and logistics and cargo handling firms.
Chief Executive Officer (CEO) of the specialist Lloyd’s of London insurance and reinsurance marketplace, John Neal, said: “We know that the biggest assets for companies are not physical they are intangible. This is confirmed by Lloyd’s latest research, which shows that a single severe cyber attack on Asia’s biggest ports could cause roughly the same economic loss as half of all the natural disasters in the world in 2018.
“With the increasing application of technology and automation, these risks will become even more acute. High levels of underinsurance in Asia, which is also home to nine out of ten of the world’s busiest ports, means that these exposures must be urgently addressed.
“This new research provides new insights on this fast moving threat to support the creation of new products, services and mitigation strategies and in doing so make businesses and communities more resilient.”