In an increasingly interconnected world, a single cyber attack can ripple through the global economy with profound consequences. As cyber threats become more sophisticated, businesses must prioritize cybersecurity measures to help protect against the potential damage a serious hack could cause.
In a new report, the commercial insurance market Lloyd’s of London (SOLYD.UL) presents a chilling scenario that shows a significant attack on a financial services payments system could lead to global losses of $3.5 trillion, with much of it not covered by insurance.
The United States would suffer the most over five years, followed by China ($1.1 trillion) and Japan ($200 billion). Lloyd’s and the Cambridge Centre for Risk Studies created the scenario as part of an ongoing research effort to model the potential economic impact of systemic risks.
“Significant disruption to global business is a major threat that can’t be ignored, and it’s important to understand the scale of the risk,” said Lloyd’s chairman, Bruce Carnegie-Brown. “Our world is now more complex and exposed to a range of systemic risks, including cyber attacks.”
The study found that a significant cyber attack on a financial services payment system would result in substantial secondary impacts across many sectors, causing lost productivity and eroding consumer confidence. It could even have broader social implications, such as changing geopolitical dynamics or triggering corporate strategies and supply chain shifts.
Cyberattacks are escalating, with attackers targeting financial institutions for profit and a loss of trust. In the wake of the COVID-19 pandemic, attacks against financial firms jumped 238%, and the sector saw the second-highest share of attacks, behind health. This trend will likely continue as many financial companies accelerate digital transformation and integrate technology firms.
These changes can also make it easier for hackers to access data. For example, the use of Internet-of-things technologies in industrial and manufacturing systems means that many machines are connected to a central network, making them susceptible to various vulnerabilities. A recent attack on a building in New York City showed how easy it was for hackers to gain access to the building management system, which controls power, communications, security, and environmental systems, by exploiting a vulnerability in an outdated serial communication protocol that Edry likens to the beeps and squeals of old-style dial-up.
With the world’s economic growth relying on a growing middle class, the study says all sectors must have resilience to mitigate against the potential impact of a systemic risk. In addition to the financial services sector, other areas targeted by cyberattacks include oil and gas operations and utilities. According to the study, the insurance industry is working to develop solutions to cover the losses from these kinds of attacks and provide coverage for the impact on society, such as reduced incomes or increased energy bills. “We need to be prepared for a major systemic risk in any sector, and that’s why we must continue to work together to develop solutions,” the report says.