The Elephant in the Room – Catastrophic Property Damage from a Cyber Attack

Much of what we discuss in this blog relates to the loss of information and the legal and regulatory framework that exists to address individual privacy concerns following a data breach.  However, as our colleague Dick Bennett points out in a recent post on the Property Insurance Law Observer, an even greater — and potentially catastrophic — risk that looms large is the potential for a cyber attack aimed at bringing about physical harm.  An attack on an energy grid or the virtual hijacking of a driverless car are just two examples; the growth of the “internet of things” will bring countless more.  Speaking of the energy grid scenario, in a report published this past summer, Lloyd’s estimated that a full-scale attack could result in damages in excess of $1 trillion.

In his article, Dick writes:

“The ultimate risk is enormous.  Computerized industrial control systems run the world’s financial institutions, its manufacturing and chemical facilities, its transportation systems, and its energy infrastructure, including the electrical grid and power and water treatment plants.  These control systems are composed of devices such programmable logic controllers (PLCs) and supervisory control and data acquisition (SCADA) equipment that were originally designed to be open systems, which is to say systems focused on interoperability and ease of communication and repair.  Security was a secondary consideration at best.  If hijacked by a piece of malware, such systems could cause property damage and business interruption loss on a literally catastrophic scale.”  To continue reading Dick’s article, click here.

About The Author

Matt has counseled clients on the evaluation of data privacy risks, responses and solutions, and he serves as a breach coach, providing analysis and advice to address data breach events, including forensics, notification pursuant to federal and state laws, credit monitoring, and public relations issues. In addition to breach response, Matt has counseled insurers on the underwriting of cyber/tech policies.

Posted in Cyberattack, Data Breach, Data Security

Leave a Reply

Your email address will not be published. Required fields are marked *


About Cyber Law Monitor
In the new digital world, individuals and businesses are almost entirely dependent on computer technology and electronic communications to function on a daily basis. Although the power of modern technology is a source of opportunity and inspiration—it also poses huge challenges, from protecting privacy and securing proprietary data to adhering to fast-changing statutory and regulatory requirements. The Cyber Law Monitor blog covers privacy, data security, technology, and cyber space. It tracks major legal and policy developments and provides analysis of current events.
Subscribe For Updates


Cozen O’Connor Blogs