It’s been another interesting week from a cybersecurity perspective. On Wednesday 8th July, a report issued by Cambridge University and the Lloyds insurance group suggested that a successful cyberattack on America’s electrical grid could create $1tn dollars of damage.
A trillion dollars is such a huge sum that it can’t easily be grasped. But on the same day, two incidents happened that highlighted the vulnerability of business systems in the event of outages – and the potential scale of the possible losses if a major attack was successful.
First, United Airlines grounded all its US flights for two hours, due to ‘network connectivity’ problems. Flights were restored, but only after massive disruption. Then within hours, a technical outage forced the New York Stock Exchange to halt trading for nearly half the day. The technical problems did not extend to other exchanges, so markets continued trading; some commentators even regarded the outage as a sign of how resilient the markets are.
But a quick glance at the market data from the day tells a different story. Because of the outage, the Dow Jones Industrial Average lost 261 points, or 1.5% of its value, falling to 17,515. That doesn’t sound like much of a fall, until you turn it into a cash value. The companies making up the DJIA have a combined market capitalization of nearly 5 trillion dollars. We’ll do the maths for you: a 1.5% fall equates to 75 billion dollars . All as a result of a 3-hour systems outage. So a trillion dollars in damage from a concerted cyberattack suddenly looks like an underestimate.
Both United and the NYSE were quick to insist that the outages were due to technical hitches, not cyberattacks. But the fact that simple glitches caused such problems is hardly reassuring. It highlights the fact that our business infrastructure is barely able to cope with someone accidently unplugging a device, or making a network management error, let alone handle the fall-out from a determined malicious party.
This is why Clavister is working with a number of high-profile partners such as Intel, to develop security that can be embedded into devices and help to mitigate threats. We all need to get a lot smarter in protecting the infrastructure and assets that we rely on for business, and for our day-to-day lives.