Aon plc Guidewire Software have launched a scenario for a hypothetical attack by hackers on a U.S. hydroelectric dam, which could impact both U.S. businesses and homeowners.
There are over 90,000 dams in the U.S., providing irrigation, hydroelectric power, flood control, and recreation. While technology and automation improve dam safety and operation, they also create new risks.
In this scenario developed by Aon and Guidewire’s Cyence Risk Analytics team, part of Guidewire’s Analytics and Data Services unit, a hacker seeks to create significant disruption in the U.S. by opening the flood gates at a hydroelectric dam. If such a scenario were to occur it would likely cause significant downstream flood damages, resulting in ‘silent cyber’ losses for insurers. Silent cyber risk is the potential for cyber perils to trigger losses on traditional insurance policies – such as property or casualty – where coverage is unintentional or unpriced.
Aon and Guidewire analyzed the potential impacts of the scenario at three dams, selected to reflect a small, a medium, and a large exposure respectively. The key findings were that a cyberattack could cause:
- Major impacts not only to dam operations but also to the resilience of local businesses and communities, with the highest economic loss estimated at $56 billion.
- Silent cyber exposure to insurers, with total insured losses of up to $10 billion. By comparison, initial estimates of insured losses resulting from wind and storm surge damage from Hurricane Michael have ranged up to $10 billion.
- A significant protection gap that would impact homeowners and businesses if such an event were to occur, with only 12% insured in one scenario.
Jonathan Laux, Head of Cyber Analytics for Aon’s Reinsurance Solutions business, commented: “Insurers must consider how changing technologies can cause ‘established’ perils such as flood to morph into new risks, with resulting changes to frequency and severity. By using scenarios such as this one, insurers have the ability to stress test their portfolios against new and emerging perils created by cyber risk. With that knowledge, insurers can take steps to mitigate risk, through reinsurance as well as working with businesses to increase their resilience.”
Matt Honea, Director of Cyber at Guidewire, added: “We face a huge challenge today, securing not only all laptops and phones, but all network connected devices. These connected devices are automating human tasks by powering more equipment and processing systems. We bring focus to these dam scenarios to highlight concrete examples of an extreme cyber event.”
The scenario is further outlined in the report ‘Silent Cyber Scenario: Opening the Flood Gates’ which is the latest in Aon’s Global Insurance Market Opportunities series.
Latest from Cyber Policy Magazine
- Generali Launches Its Fully-Dedicated Cyber Insurance Function And The CyberSecurTech Start-Up
- Silent Cyber Added To Willis Re’s Cyber Portfolio Management Tool PRISM-ReTM
- Companies Will Make Major Enterprise Wide Changes To Address Cyber Risk In 2018
- DAS Spain Launches DAS Cyberbullying Insurance
- BDO Advises Urgent Assessment Of Cyber Risk And Warns Against ‘One Size Fits All’ Cyber Insurance