According to a hypothetical cyber risk scenario prepared by the Cyber Risk Management (CyRiM) project for risk management purposes, a ransomware strain that can disrupt more than 600,000 businesses worldwide within 24 hours would potentially lead to damages in the amount of billions of dollars.
Consequences of the attack are catastrophic, with organizations of all sizes in all sectors unable to perform day-to-day operations. The report shows a ransomware attack on this scale would cause substantial economic damage to a wide range of business sectors through reduced productivity and consumption, IT clean-up costs, ransom payments and supply chain disruption. As a result, some organizations opt to pay ransoms. Among them are healthcare companies, which need to keep life-saving equipment online.
No matter how companies choose to deal with the attack, the Lloyd’s report predicts that such an event would cost a total of $193 billion around the world as a result of cyber incident response, damage control and mitigation, business interruption, lost revenue and reduced productivity. To put that figure into perspective, it’s estimated that WannaCry caused a total of $4 billion in damages.