Global ransomware could cost almost $200bn

New report suggests that a worldwide attack could hit more than 600,000 businesses

hackers layer

A global ransomware attack could cost $193 billion and affect more than 600,000 businesses worldwide, according to a new report.

The report is called 'Bashe Attack: Global infection by contagious malware' and has been compiled by a Singapore-based public-private initiative called Cyber Risk Management. Lloyds of London is one of the initiatives founding members and posted the findings on its website.

It involves a scenario where an attack is launched through an infected email. Once opened it's forwarded to all contacts and within 24 hours all the data on 30 million devices worldwide is encrypted. This would result in companies worldwide being forced to pay ransom to decrypt their data or to replace infected devices.

According to the report, a ransomware attack on this scale would cause substantial economic damage to a wide range of business sectors through reduced productivity and consumption, IT clean-up costs, ransom payments and supply chain disruption.

It estimates that retail and healthcare would be most affected $25 billion each, followed by manufacturing, at $24 billion. The US would be hardest hit with a potential $89 billion cost, whereas Europe could lose $76 billion. Despite the high cost to business, the report shows the global economy is underprepared for such an attack with 86% of the total economic cost uninsured - leaving an insurance gap of $166 billion.

"This report shows the increasing risk to businesses from cyber attacks as the global economy becomes more interconnected and reliant on technology," said Dr Trevor Maynard, head of innovation at Lloyd's.

"Companies must ensure they are better prepared for ransomware attacks, and that includes working with insurers to reduce the risks before they are attacked and ensure they have the right insurance cover in place to respond after the event. The reality for business is it's not if you get attacked but when."

Claiming from insurance companies for ransomware attacks isn't always straightforward. Early this month, US food distributor, Mondelez, which owns Oreo and Cadbury, began legal action against its insurer, Zurich for not paying out over the NotPetya cyber attacks that took place in 2017.

Mondelez originally made claims for the cost of these damages on its property insurance policy, taken out with Zurich. The policy suggested it was covered for physical loss or damage to electronic data, software and physical damage caused by the malicious code or instruction.

The documents claim that Zurich initially promised to pay a $10 million interim payment but later refused, citing an exclusion in the policy for "a hostile or warlike action" by a nation state or people acting on its behalf.

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Recommended

How can you protect your business from crypto-ransomware?
Security

How can you protect your business from crypto-ransomware?

20 Apr 2021
Best ransomware removal tools
ransomware

Best ransomware removal tools

9 Apr 2021
Geico data breach leads to stolen driver’s license numbers
data breaches

Geico data breach leads to stolen driver’s license numbers

21 Apr 2021
UK’s IoT security regulation will also include smartphones
Internet of Things (IoT)

UK’s IoT security regulation will also include smartphones

21 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
REvil threatens to release Apple’s hardware schematics
ransomware

REvil threatens to release Apple’s hardware schematics

21 Apr 2021