Major Cyberattack Could Be More Economically Damaging Than Natural Disaster: Study

Image source: Foundation for Defense of Democracies

The economic fallout from a significant cyberattack in the US could be worse than the damages caused by a major natural disaster, according to a newly-released study.  

Published Monday by the Foundation for Defense of Democracies (FDD) and insurance technology firm Intangic, the report found that the indirect effects of a breach, which include damage to a company’s reputation and its ability to attract investors and creditors, are more costly in the long term than the effects of property damage from extreme weather events.

For the study, Intangic developed a system to price actuarial risk of over 6,000 public corporations and to estimate the impact of two hypothetical breach scenarios.

In the first scenario, a three-day cyber disruption of a large managed service provider was found to cause $80 billion worth of damage — more than the $65 billion cost of Hurricane Sandy in 2012.

An attack targeting a regional utility that took its services offline for five days was modeled to cost an estimated $193.5 billion — more than 2005’s Hurricane Katrina or the 2018 California wildfires.

Image source: Foundation for Defense of Democracies

“The digital age has increased productivity and efficiency, but many firms are struggling to manage the downside risks that accompany it. Too many companies are prioritizing short-term growth and cost-cutting at the expense of cybersecurity,” the report said.

Recommendations made in the report include implementing a national breach notification law and a requirement that publicly traded companies provide dollar-based disclosures of cyber risks and incidents.

The report comes in the wake of several recent cyberattacks carried out by Russia-linked hacking groups on critical US infrastructure.

In May, a ransomware attack on Colonial Pipeline, which provides 45% of the East Coast’s fuel supply, forced the company to shut down its pipeline for almost a week, trigging widespread gasoline shortages. 

A few weeks later, a cyberattack on JBS SA, the world's largest meat processing company, disrupted a key food supply chain. 

In a statement Monday, Mark Montgomery, senior director of FDD’s Center on Cyber and Technology Innovation, said, “Successful cyberattacks and ransomware against nearly every sector of the U.S. economy demonstrate to policymakers that the market has failed on its own to convince the private sector of the necessity of a minimum level of cyber hygiene.”  

“This paper provides policymakers with data that makes clear that government action is needed to fix this market failure,” Montgomery stated.

_____

Source: Equities News