Cyber and technology risks are some of the foremost facing business and society today. Whilst much of the current focus is on direct impacts to individual businesses and individuals, at the Centre for Risk Studies, we want to better understand the risk of cyber inflicted harm on the global economy and financial markets.
This report shows how some technology companies have become so critical to business productivity that they are systematically important to the global economy. Like the “Systematically Important Financial Institutions” (SIFIs) – banks that are so interlinked that their failure would cause major impact – we use the term “Systemically Important Technology Enterprises” (SITEs) that identify technology enterprises crucial to international corporate productivity.
In this scenario we take an imaginary SITE, which we call the Sybil Corporation, and investigate the impact on the global economy of an insider attack that introduces a compromise, or ‘Logic Bomb’ into their flagship database product used throughout the corporate world.
- The overall effects of the Sybil Logic Bomb are measured in losses to global GDP output over five years (‘GDP@Risk’). The five-year GDP@Risk for the standard or base scenario, S1, is in the order of $4.5 trillion.
- The most extreme scenario variant, X1, shows a GDP@Risk of $15 trillion.
- In the short term the impact on a standardised portfolio is relatively small.
- In the longer term, effectively after the software problem has been rectified in Sybil’s database packages, the effect is a 4% loss in cumulative returns due to the ‘information malaise’ affecting the global economy.