A major cyber-attack on Asia’s ports could end up costing the global economy as much as $110bn due to business interruption and other knock-on impacts, according to a new report.
Backed by Lloyd’s of London, the University of Cambridge and other organizations, the report was developed by the Singapore-based Cyber Risk Management (CyRiM) project.
It paints a hypothetical picture of a computer virus, dubbed ‘Shen,’ which exploits a vulnerability in port management software from a major shipping management company. It’s not made clear whether the virus is ransomware, but the effect is to infect systems on-board ageing ships, and then to “scramble” key database records at major ports in the region.
“While cyber-attacks have impacted individual ports in the past, an attack on systematic vulnerabilities across ports on this scale has never been seen,” the report claimed. “However, the combination of ageing shipping infrastructure and global complex supply chains, makes the shipping industry vulnerable to extreme losses.”
In this scenario, not only port owners themselves, but a range of supply chain organizations including logistics companies, cargo owners, ship owners, ship management companies and port management system providers would be affected.
Every country which operates bilateral trade with the affected ports would suffer heavy losses, due to delayed delivery and the impact on perishable items waiting to be shipped. For example, port closures in Japan would directly affect the US, China, Taiwan, South Korea and Hong Kong, the report said.
The heaviest losses were predicted to affecte the transport and aviation sectors, followed by manufacturing, retail and then real estate.
An attack affecting 15 Asian ports would range from $41-$110bn, the report claimed.
However, CyRiM warned that, 92% of total economic costs are currently uninsured, leaving an insurance gap of $101bn.
“Cyber-risk is one of the most critical and complex challenges facing the Asia Pacific maritime industry today. As this risk grows with the increasing application of technology and automation in the industry, collaboration and future planning by insurers and risk managers is critical,” argued Lloyd’s Singapore country manager, Angela Kelly.
“With nine out of 10 of the world’s busiest container ports based in Asia, and high levels of underinsurance in the region, this exposure must be addressed.”