by John R. Fischer
, Senior Reporter | February 05, 2019
An international ransomware attack could inflict an $89 billion blow to the U.S. economy, according to a new report by the Cyber Risk Management (cyRiM) project, an initiative for assessing cyber security risks, of which specialist insurance and reinsurance market, Lloyd’s is a founder.
Entitled Bashe attack: Global infection by contagious malware
, the report asserts that the cost to the U.S. would be nearly half that of the $193 billion global price tag of an attack and lists global healthcare as one of the business sectors that would accrue the most damage.
“Overall, healthcare facilities have likely become susceptible to ransomware and other cybersecurity threats due to the lack of historical focus on cybersecurity as a key priority,” Juuso Leinonen, senior project engineer at ECRI Institute, told HCB News. The rapid trend in connecting medical devices and overall increase in connected data systems integral to patient care have likely exacerbated the problem. Healthcare facilities also house a plethora of protected health information, making them potential targets, as this data can be particularly attractive to malicious actors due to it being non-disposable and its high black market value.”
Ransomware and other cybersecurity attacks topped ECRI Institute’s Health Technology Hazard List in 2018, which pointed to cybersecurity as a key organizational priority and a proven patient safety concern. Lloyd’s City Risk Index also listed a cyberattack as the second greatest threat to the U.S. economy due mainly to greater dependence on technology by the U.S. and other countries, a trend which continuously raises the impact of such attacks.
The Bashe attack takes the form of an infected email that sweeps across the globe encrypting data on every device connected to a network. It has so far damaged 600,000 companies worldwide, ranging from premier institutions to small businesses, with U.S. losses due to a combination of reduced productivity and consumption, IT clean-up costs, ransom payments and supply chain disruption.
The onset of an attack would bring financial ruin to a wide range of businesses in the U.S., with healthcare and retail each suffering a $25 billion loss and the financial industry also taking a heavy hit.
Though it acknowledges an increase in public awareness of threats and a growing response by America’s global insurance industry, the report rates companies as “unprepared” for such an event, with 86 percent of total economic costs uninsured.