Estimates of the macroeconomic costs of cyber‐attacks

Document

Cited in

Author	Niaz Kammoun,Rokhaya Dieye,Altay Ozaygen,Ahmed Bounfour
DOI	http://doi.org/10.1111/rmir.12151
Date	01 June 2020
Published date	01 June 2020

Risk Manag Insur Rev. 2020;23:183–208. wileyonlinelibrary.com/journal/rmir

183

Received: 21 March 2019

Accepted: 29 May 2020

DOI: 10.1111/rmir.12151

FEATURE ARTICLE

Estimates of the macroeconomic costs of

cyber‐attacks

Rokhaya Dieye |Ahmed Bounfour |Altay Ozaygen |

Niaz Kammoun

European Chair on Intangibles & RITM,

Université Paris‐Saclay, Sceaux, France

Correspondence

Ahmed Bounfour, Professor, European

Chair on Intangibles & RITM, Université

Paris‐Saclay, Sceaux, France.

Email: ahmed.bounfour@universite-paris-

saclay.fr

Funding information

European Union’s Horizon 2020 Research

and Innovation Programme,

Grant/Award Number: 740322

Abstract

This paper estimates the macroeconomic losses re-

lated to the cyber‐attacks originating from the in-

formation and communications technology (ICT) and

the financial sectors. The study accounts for the in-

terdependency of various economic sectors and looks

to the cascading effect of cyber‐attacks on production

network in the United States and leading Organisa-

tion for Economic Co‐operation and Development

countries with the help of the input–output metho-

dology and the World Input–Output Database. Our

results suggest that cyber‐attacks that affect the ICT

and finance sectors result in losses which also impact

different economic sectors, due to cascading effects.

KEYWORDS

cyber‐attack, input–output model, dynamic input–output

inoperability model, macroeconomics

1|INTRODUCTION

Cyber‐attacks are becoming increasingly frequent on a global scale, which makes it difficult to

assess damage at the firm level and at the macro level. The high level of sophistication of cyber‐

attacks also makes it difficult to estimate their costs. The growing importance of cyber‐security

in knowledge‐based economies is due to concerns about integrity, confidentiality, and acces-

sibility of data. In addition, given interdependencies within and between other economic

sectors, the consequences of cyber‐attacks can have a significant impact at the macroeconomic

level.

----------------------------------------------------------------------------------------------------

These impacts are felt not only by firms but also the whole economy. For example, a recent

article from the French daily newspaper Le Monde about the Petya virus that recently hit several

companies, including the French enterprise Saint‐Gobain, reported total economic loss for these

companies due to the attack of more than a billion euros (Untersinger, 2017). Saint‐Gobain was

so severely affected that employees had to work with pen and paper (Jacqué, 2017). Cyber‐

attacks may thus make firms inoperable and have cascading effects on the other firms and/or

sectors they interact with, extending to the whole industry (Ali and Santos, 2015). Moreover,

given the interconnectedness between industries, such attacks may have even greater economic

impacts.

Here, we attempt to assess the effects of cyber‐attacks at the macroeconomic level. Our

analysis aims to capture their systemic, economy‐wide impacts. Although the analysis is dif-

ficult, due to the short duration of a given cyber‐attack, significant macroeconomic effects can

be found resulting from interdependencies between firms and economic sectors. The literature

has already proposed several models of the effects of information disruption, such as those

caused by cyber‐attacks. Most are based on an input–output (I–O) model, which argues that

there are intersectoral dependencies such that the output from one industry constitutes inter-

mediary goods or inputs to other industries (Leontief and Leontief, 1986).

In the literature, the economic loss due to cyber‐attacks is examined with the change in the

market value of attacked firms with the well‐known event study methodology. This metho-

dology attempts to measure the response of stock prices following the release of new in-

formation (Ball and Brown, 1968; Fama, Richardroll, Jensen, & Roll, 1969). However, as the

extensive literature review on that matter shows (Kammoun, Bounfour, Özaygen, &

Dieye, 2019), results are not clear cut. The production and service sectors are interwoven, and a

cyber‐attack can have devastating effects on the flow of services and products. Capturing the

network effect of a production inoperability after a cyber‐attack is the main advantage of use of

I–O model.

The methodology adopted for this study helps to evaluate the effects of cyber‐attacks on the

whole economy. It includes a sectoral analysis based on an I–O matrix and draws upon the

dynamic input–output inoperability model (DIIM) derived from the study by Ali and Santos

(2015) of the macroeconomic impact of information technology‐based and finance‐based in-

cidents on interdependent economic systems. We take data from the World Input–Output

Database (WIOD; Timmer, Dietzenbacher, Los, Stehrer, & De Vries, 2015) (mainly focused on

the United States and leading Organisation for Economic Co‐operation and Development

[OECD] countries) to estimate inoperability and economic losses resulting from cyber‐attacks.

Next, we apply the state‐of‐the‐art DIIM to examine sector resilience and the dynamics of cyber‐

attacks. Inoperability, which takes a value between 0 and 1, is adopted as an indicator of

production dysfunction. An economic sector is said to be inoperable if, postdisruption, it does

not function as originally intended. We base our analysis on the concept of sector‐level in-

operability in a given year; this is measured from a combination of expert judgments and

simulations and takes the values 10% and 40%. Sectors are ranked according to the extent to

which they are affected by economic losses, and we focus on the effects of cyber‐attacks that last

180 days.

In this study, we present scenario‐specific results for cyber‐incidents in the United States,

the United Kingdom, France, Italy, Germany, Japan, and the Rest of the World for 2013. We

analyze two distinct economic sectors at the origin of the initial cyber‐attack; information and

communications technology (ICT) and finance. In this study, the ICT sector is the aggregation

of TELECOM and COMPUTER sectors and the finance sector in International Standard

184

DIEYE ET AL.

To continue reading

Request your trial

Subscribers can access the reported version of this case.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see a list of all the cited cases and legislation of a document.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see a list of all the documents that have cited the case.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see the revised versions of legislation with amendments.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see any amendments made to the case.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see a visualisation of a case and its relationships to other cases. An alternative to lists of cases, the Precedent Map makes it easier to establish which ones may be of most relevance to your research and prioritise further reading. You also get a useful overview of how the case was received.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see the list of results connected to your document through the topics and citations Vincent found.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Estimates of the macroeconomic costs of cyber‐attacks

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users