top of page

Global Ransomware Attack could Cost Businesses almost $200bn – Study by CyRiM

Cyber Risk Management (CyRiM) a pre-competitive research project that assesses cyber risks of which Lloyds, one of the biggest insurer/reinsurer in the world is a founding member, issued a report on 29th January 2019 titled 'Bashe Attack: Global infection by contagious malware, explores the scenario of ransomware attack on this scale would cause substantial economic damage to a wide range of business sectors through reduced productivity and consumption, IT clean-up costs, ransom payments and supply chain disruption.

The attack is launched through an infected email, which once opened, is forwarded to all contacts within 24 hours and encrypts all data on nearly 30 million devices worldwide. Affected devices then would be forced to pay a ransom to decrypt their data.

The scenario estimated that:

  • US would be the hardest hit with $89bn at risk. Europe could lose $76bn, with Asia losing $19bn. The rest of the world could lose $9bn.

  • Top 5 Sectors that would be affected:

  1. Retail ($25bn)

  2. Healthcare ($25bn)

  3. Manufacturing ($24bn)

  4. Business & professional services ($20bn)

  5. Finance & banking ($17bn)

Key discovery:

  • The global economy is underprepared for such an attack with 86% of the total economic costs uninsured, leaving an insurance gap of $166bn.

  • Malaysia is ranked 26th in the Digital Evolution Index

Growth of Cyber Insurance Market Back in 2003, states in the US first came with a law requiring company to notify state residents regulators if personal information they held about them was accessed by an unauthorised person. The other states then came out with versions of similar laws, with additional patchwork regulatory framework for data protection. This wave of regulation sparked the formalisation of data protection management in US companies and drove the growth of demand for insurance to cover data-related liabilities.

Since then, the market for cyber insurance products continue to grow rapidly to over $4bn by 2017. This is mainly driven by the geographical spread of cyber-attacks and business losses suffered by many organisations, accompanied with proliferation of privacy protection regulation in many nations of the world.


bottom of page