A single cyber attack affecting multiple Asia-Pacific ports could potentially cost up to about $110bn and cause “severe disruptions” across the maritime supply chain, according to a report.
Research carried out by two universities found that if a computer virus hit 15 ports across Asia, including Japan, China, South Korea, and Singapore, the global economic fallout would be between $40.8bn and $109.8bn.
While it would be a direct attack on Asian ports, the global connectivity of logistical networks and supply chains would result in consequent impacts on businesses through “reduced productivity and consumption, incident response costs, and supply chain disruption”.
The Shen Attack cyber risk management project was led by the Nanyang Technological University in collaboration with the University of Cambridge Centre for Risk Studies and Lloyd’s.
The report outlined potential scenarios where a computer virus shuts down 15 ports across Asia by taking advantage of port management software, and assessed the impacts and vulnerabilities across, ports, shipping companies and the supply chains involved.
In the Shen Attack scenario a computer virus is carried by ships to infect ports by “scrambling the cargo database records at major ports, leading to severe disruption”, with knock-on effects across sectors such as aviation, manufacturing and retail.
Angela Kelly, Singapore country manager, Lloyd’s, said: “Cyber risk is one of the most critical and complex challenges facing the Asia Pacific maritime industry today. As this risk grows with the increasing application of technology and automation in the industry, collaboration and future planning by insurers and risk managers is critical.
“With nine out of 10 of the world’s busiest container ports based in Asia, and high levels of underinsurance in the region, this exposure must be addressed.”
Dr Shaun Wang, director of insurance risk and finance research at Nanyang Technological University, added: “This research sheds light on the interplay of cyber risk and the physical world of complex logistics and supply chains of major ports in Asia. It deepens our understanding of potential cyber-risk liability and aggregation and helps strengthen risk management of critical infrastructure.”
The report highlighted that the world economy is unprepared for a cyber attack as 92% of the total capital is uninsured, equating to a $101bn insurance gap.
Port operators would hold an estimated 50% of insured losses, followed by third party suppliers which would incur 21%, and 16% for logistics and cargo handling companies.
Technological developments are fast advancing in the maritime industry with improved tracking and management systems, however the ageing shipping infrastructure was said to pose a significant problem with most vessels “over 30 years old and not designed with cyber in mind”.
Transportation, aviation and aerospace sectors would be the worst hit, with estimated losses of $28.2bn, followed by manufacturing at $23.6bn and retail at $18.5bn, according to the report.
Each country that has bilateral trade with the affected countries would incur productivity losses.
The project focused on risk scenarios based in Asia. However if an attack occurred in US ports “similar vulnerabilities and impacts would be seen” but the insurance losses would higher, warned the report.
☛ Want to stay up to date with the news? Sign up to our daily bulletin.