The world’s leading insurer, Lloyd’s of London, has this week issued a stern warning regarding the potential global cost of a well-orchestrated attack on the financial services sector.
According to Lloyds, a single well-orchestrated cyber strike breaching a financial services payments system could lead to losses of $1.1 trillion in the US alone, with global losses amounting to $3.5 trillion over a five-year period. China would face losses of around $470 billion and Japan $200 billion.
A systemic risk scenario developed by Lloyd’s and the Cambridge Centre for Risk Studies forecasts that if, as predicted, the US suffered losses of $1.1 trillion over the five years following such an attack, the fallout would cause widespread disruption to global business. However, Lloyd’s believes that it is still possible to prevent a cybercrime tsunami on this scale and the devastating global economic fallout that would most likely follow it. The insurer urges governments and organizations in all sectors to understand the increasing likelihood of a cyber-strike on the scale envisaged. Lloyd’s makes it very clear that this is not a problem that the financial sector has the resources to tackle on its own.
According to Lloyd’s chairman Bruce Carnegie-Brown: “The global interconnectedness of cyber means it is too substantial a risk for one sector to face alone and therefore we must continue to share knowledge, expertise and innovative ideas across government, industry and the insurance market to ensure we build society’s resilience against the potential scale of this risk.”
Cybercrime revenues top US$10 trillion worldwide
Roughly a fifth of the world’s cybercrime insurance is placed on the Lloyd’s insurance marketplace. But Lloyd’s insists that organizations worldwide are woefully under-insured given that the insurance premiums paid, estimated at around $9 billion a year globally, cover only a tiny fraction of the potential risk of a major cyber-attack on the financial services sector.
While the cost of a potential cyber-strike on the financial sector projected by Lloyd’s sounds high, it is in line with industry estimates regarding the global scale of cybercrime. It has been calculated that if cybercrime were a state, it would be the third largest economy in the world, only smaller than that of the US or China, with estimated annual revenues of $10.5 trillion, up from $3 trillion in 2015. By contrast, the world auto market is worth only about $3 trillion.
Lloyd’s extremely scary cybercrime projections should sound a wake-up call not only to the finance sector but also to governments and organizations working across all sectors. In the last seven years, cybercrime gangs have matured to an extent where some, such as the infamous ransomware gang LockBit, now have corporate structures resembling those of legitimate corporations complete with marketing and public relations departments, and are generating revenues to match. The world’s rapidly rising geopolitical tension has also magnified the growing threat of nation-state-sponsored cyber-attacks aimed not merely at financial gain but also destabilization of Western economies.
