Aon, a professional services provider, and Guidewire Software has launched a scenario for a hypothetical attack by hackers on a US hydroelectric dam and its impact on businesses and homeowners.
Image: Aon, Guidewire launch hypothetical cyber attack scenario on hydroelectric dam. Photo: Courteys of Nathan Roser/Unsplash.
There are over 90,000 dams in the US, providing irrigation, hydroelectric power, flood control, and recreation. While technology and automation improve dam safety and operation, they also create new risks.
In this scenario developed by Aon and Guidewire’s Cyence Risk Analytics team, part of Guidewire’s Analytics and Data Services unit, a hacker seeks to create significant disruption in the U.S. by opening the flood gates at a hydroelectric dam.
If such a scenario were to occur it would likely cause significant downstream flood damages, resulting in ‘silent cyber’ losses for insurers. Silent cyber risk is the potential for cyber perils to trigger losses on traditional insurance policies – such as property or casualty – where coverage is unintentional or unpriced.
Aon and Guidewire analyzed the potential impacts of the scenario at three dams, selected to reflect a small, a medium, and a large exposure respectively. The key findings were that a cyberattack could cause:
Major impacts not only to dam operations but also to the resilience of local businesses and communities, with the highest economic loss estimated at $56bn.
Silent cyber exposure to insurers, with total insured losses of up to $10bn. By comparison, initial estimates of insured losses resulting from wind and storm surge damage from Hurricane Michael have ranged up to $10bn.
A significant protection gap that would impact homeowners and businesses if such an event were to occur, with only 12% insured in one scenario.
Aon’s Reinsurance Solutions business Cyber Analytics Head Jonathan Laux said: “Insurers must consider how changing technologies can cause ‘established’ perils such as flood to morph into new risks, with resulting changes to frequency and severity. By using scenarios such as this one, insurers have the ability to stress test their portfolios against new and emerging perils created by cyber risk.
“With that knowledge, insurers can take steps to mitigate risk, through reinsurance as well as working with businesses to increase their resilience.”
Guidewire Cyber Director Matt Honea said: “We face a huge challenge today, securing not only all laptops and phones, but all network connected devices. These connected devices are automating human tasks by powering more equipment and processing systems. We bring focus to these dam scenarios to highlight concrete examples of an extreme cyber event.”
The scenario is further outlined in the report ‘Silent Cyber Scenario: Opening the Flood Gates’ which is the latest in Aon’s Global Insurance Market Opportunities series.
Source: Company Press Release