This report explores a hypothetical cyber-attack on major ports across Asia Pacific, estimating that losses of up to $110 billion would occur in an extreme scenario in which a computer virus infects 15 ports.
The report was produced by the University of Cambridge Centre for Risk Studies, on behalf of the Cyber Risk Management (CyRiM) project, in partnership with Lloyd’s. The CyRiM project is led by Nanyang Technological University, in collaboration with industry partners and academic experts. Lloyd’s is a founding member of CyRiM.
'Shen attack’ depicts a plausible scenario in which an attack is launched via a computer virus carried by ships, which then scrambles the cargo database records at major ports and leads to severe disruption.
The report shows how an attack of this scale would cause substantial economic damage to a wide range of business sectors globally due to the interconnectivity of the maritime supply chain.
The report estimated that:
•Transportation, aviation and aerospace sectors would be the most affected ($28.2bn of economic losses in total), followed by manufacturing ($23.6bn) and retail ($18.5bn).
•Productivity losses affect each country that has bilateral trade with the attacked ports. Asia would be the worst affected region, set to lose up to $27bn in indirect economic losses, followed by $623m in Europe and $266m in North America.
Other key findings from the report included:
•The transportation sector in Singapore would take the biggest economic hit, followed by the same sector in South Korea.
•Business interruption and contingent business interruption insurance coverages would be the main drivers of the insured losses, amounting to 60% of the loss in the most extreme version of the scenario.
•Non-affirmative cyber, meaning cyber risk that is not explicitly mentioned in an insurance policy [or silent cyber], would account for up to 57% of the total insured losses.
•Insurance claims would arise from port operators (50% of insured losses), companies along the supply chain (21% of insured losses), and logistics and cargo handling companies (16% of insured losses).
Despite the high costs to business and international trade, the report shows the global economy is underprepared for such an attack with 92% of the total economic costs uninsured, leaving an insurance gap of $101bn.
The report is the second publication from the Cyber Risk Management (CyRiM) project, the Singapore-based public-private initiative that assesses cyber risks, of which Lloyd’s is one of the founding members.
8. −
−
−
$- $5 $10 $15 $20 $25 $30 $35
Transportation / Aviation / Aerospace
Retail
Manufacturing
Business & Professional Services
Real Estate / Property / Construction
Pharmaceuticals
Defence / Military Contractor
IT - Hardware
Entertainment & Media
Tourism & Hospitality
Food & Agriculture
Utilities
Energy
Education
Mining & Primary Industries
IT - Software
Healthcare
Finance - Banking
Finance - Insurance
Finance - Investment Management
IT - Services
Telecommunications Direct
Indirect
9. −
−
Asia EU North
America
Oceania Central
America
Europe Middle East Africa South
America
The
Caribbean
$26,871
$623
$266
$52
$19 $14 $12
$6 $5
$0.1
30. 94% 92% 89%
83% 81% 76%
67%
61%
China Japan Korea Hong Kong
Special
Administrative
Region of the
People's
Republic of
China
Philippines Singapore Malaysia India
