By Michael Moore
The enormous scale of the financial damage that could be done by a major cyber-attack on Britain’s utilities infrastructure has been revealed by a new report.
An attack on the power grid and water system could cost the country up to £442bn over five years, equivalent to around 2.3 percent of the nation’s total GDP.
And the immediate impact could affect the United Kingdom up to the tune of £85 billion, showing the huge reliance the country has on such integrated systems.
The report, entitled ‘Integrated Infrastructure: Cyber Resiliency in Society’ was carried out by Cambridge Centre for Risk Studies at the University of Cambridge Judge Business School in association with engineering firm Lockheed Martin.
Said to be the first of its kind, the report hypothesized a situation where a disgruntled electrical engineer was bribed by a rogue nation state to hijack the United Kingdom’s power network, and calculated the results of this attack on the country based on three levels of severity.
The costs, which range from the most conservative estimate of a £12bn immediate impact rising to £49bn over five years, would result from a number of knock-on effects to a variety of aspects of British society.
This includes the effects on the United Kingdom’s financial services industry, which could be hit by £1.3bn losses, retail (£1.3bn), real estate (£1.2bn) and professional services (£1bn).
Also included is the cost of getting the U.K.’s power systems back up and running, which could be anything from three weeks to three months, due to between nine and 13 million people being hit by blackouts in what is the report’s best-case scenario.
The country’s travel network would also be hit severely, as the report estimates 800,000 individual train journeys and 150,000 air passenger tickets would be impacted each day, figures that could rise to as high as one million rail and 330,200 air travel tickets cancelled.
“By better understanding and quantifying the consequences, both economic and societal, of a severe cyber hazard on our country’s critical infrastructure, we underline the level of responsibility amongst each of the key stakeholders in this value chain,” said Simon Ruffle, director of technology and innovation at the University of Cambridge’s Centre for Risk Studies.
“Through hyper-connectivity, we have created fantastic opportunities for smarter infrastructure use that also bring with them a complex set of cyber risks for the foreseeable future.”