According to a hypothetical cyber risk scenario prepared by the Cyber Risk Management (CyRiM) project for risk management purposes, a ransomware strain that can disrupt more than 600,000 businesses worldwide within 24 hours would potentially lead to damages in the amount of billions of dollars.

Cyber Risk Management (CyRiM) project is a collaborative partnership including Lloyd’s of London, the Cambridge Centre for Risk studies, the Nanyang Technological University in Singapore and others. The report ‘Bashe Attack: Global infection by contagious malware’ uses a theoretical catastrophic ransomware attack to model the broader impact of such an incident and “explores how a ransomware attack might take place and what the impacts would be on governments, businesses, and the insurance sector.” The “hypothetical scenario [is] developed as a stress test for risk management purposes.”

While fictional, the ‘Bashe’ ransomware campaign uses data and tactics from past global cyber attacks, including WannaCry and NotPetya, as a basis for how hackers could spread malware around the world. The main finding of the report is that a worldwide cyber attack could cost global economic losses of almost $200 billion as organizations across sectors are still unprepared to face the consequences of a malicious global cyber campaign.

The Scenario

In the scenario, ‘Bashe’ is delivered to targets via phishing emails that appear to come from the target’s payroll departments. These emails attempt to trick recipients into opening a PDF attachment that triggers the ransomware.

In this scenario, the malware is so potent that once one employee runs the ransomware on their computer, it’s enough to spread the file-locking malware around the network, with a demand of $700 in cryptocurrency for each machine. Around 30 million devices at organizations around the globe are locked in just 24 hours. The report sets out how (Read more...)