Cyber-attacks figures: extent of damage on companies
A global cyberattack would have serious consequences. It could annihilate the IT systems of countless companies, paralyze and greatly damage more than one sector: finance, health, transport, industry, trade, energy... There are more than two million attacks annually reported worldwide.
Due to strong digitization and over-reliance on ICT systems, the most downbeat scenarios have become highly likely. Globally, it is estimated that 61% of large companies have been victims of one or more cyber-attacks [4] in 2018.
The average cost is increasing year on year. The cost is set between 200 000 USD and 1.3 million USD for small and medium-sized businesses, but can attain 27 million USD for a large US company.
Given the stakes, investments in cyber security are also on the rise, reaching an average of 1.46 million USD per company in 2018, up 24% year on year. Only after the two famous attacks made by WannaCry and NotPetya did many companies and administrations consider the need for the introduction of new security protocols.
List of the most costly cyber-attacks in recent three years
Cyberattack | Date | Country / Region | Details |
---|---|---|---|
WannaCry | May 12, 13, 2017 | worldwide | The WannaCry virus has seriously damaged more than 300 000 computers from multinational corporations and public utilities in 150 countries. The list of its victims includes, inter alia: Renault, FedEx, the Spanish telecom operator Telefonica, the German railway company Deutsche Bahn. Economic losses vary between 4 and 8 billion USD. |
NotPetya | June 27, 2017 | worldwide | The NotPetya ransomware has spread faster than the Wanna Cry virus. It first touched banks, airports and government structures in Ukraine. It then hit the Russian oil company Rosneft, German Beiersdorf (Nivea), Auchan, big shipowner Maersk, FedEx and Mondelez. The bill is estimated at 10 billion USD, 3 billion of which in insured losses. |
Marriott International - Massive Piracy | 2018 | worldwide | The Marriott International Hotel Group sustained massive piracy. Following a security breach, the data of 500 million customers were stolen. |
Massive computer attacks | February 21, 2019 | worldwide | A series of computer attacks targeting domain names around the world. According to the international organization that assigns Internet addresses (Icann), hackers have attacked governments, intelligence or police departments, airlines, oil companies in the Middle East and Europe. |
Ransomware | May 2019 | United States | The Baltimore computer network was infected with ransomware, paralyzing the city for several weeks and bringing damage to an estimated cost at 18 million USD. |
Eurofins - Cyberattack | June 2019 | France | French group Eurofins, specialized in bio-analysis, has suffered a cyberattack via ransomware. This attack has reduced the group's profitability, straining its half-year sales up to 70 million USD. |
Capital One - Theft of data | July 2019 | United States and Canada | Stealing personal data from 106 million customers belonging to the US bank, Capital One. |
(1) Ransomware: ransom or extortion software
Read also : Cyber Attacks In 2018 [5]
Cyber-attacks: A worst-case scenario
According to a scenario called Bashe attack, designed by the CyRiM research platform, a global cyber-attack ransomware that would target tens of thousands of computers would trigger record-high damage.
The toll of economic loss would be comprised between 85 billion USD and 193 billion USD. It would even exceed the losses caused by an extreme natural event like Katrina, the most expensive natural disaster ever reported in the United States. Insured losses would range between 10 and 27 billion USD, between 9 and 14% of economic losses.