Aon and Guidewire analyse US dams cyber attack scenario

29 October 2018


Aon plc and Guidewire Software have launched a scenario for a hypothetical attack by hackers on a US hydroelectric dam, with analysis revealing a ‘silent cyber’ risk could lead to an estimated $10bn insured loss for flood.

In this scenario developed by Aon and Guidewire’s Cyence Risk Analytics team, part of Guidewire’s Analytics and Data Services unit, a hacker seeks to create significant disruption in the US by opening the flood gates at a hydroelectric dam.  If such a scenario were to occur it would likely cause significant downstream flood damages, resulting in ‘silent cyber’ losses for insurers.  Silent cyber risk is the potential for cyber perils to trigger losses on traditional insurance policies – such as property or casualty – where coverage is unintentional or unpriced.

Aon and Guidewire analyzed the potential impacts of the scenario at three dams, selected to reflect a small, a medium, and a large exposure respectively. The key findings were that a cyberattack could cause:

  • Major impacts not only to dam operations but also to the resilience of local businesses and communities, with the highest economic loss estimated at $56 billion.
  • Silent cyber exposure to insurers, with total insured losses of up to $10 billion. By comparison, initial estimates of insured losses resulting from wind and storm surge damage from Hurricane Michael have ranged up to $10 billion.
  • A significant protection gap that would impact homeowners and businesses if such an event were to occur, with only 12% insured in one scenario.

 “Insurers must consider how changing technologies can cause ‘established’ perils such as flood to morph into new risks, with resulting changes to frequency and severity,” commented Jonathan Laux, Head of Cyber Analytics for Aon’s Reinsurance Solutions business. “By using scenarios such as this one, insurers have the ability to stress test their portfolios against new and emerging perils created by cyber risk. With that knowledge, insurers can take steps to mitigate risk, through reinsurance as well as working with businesses to increase their resilience.”

Matt Honea, Director of Cyber at Guidewire, added: “We face a huge challenge today, securing not only all laptops and phones, but all network connected devices. These connected devices are automating human tasks by powering more equipment and processing systems. We bring focus to these dam scenarios to highlight concrete examples of an extreme cyber event.”

The scenario is outlined in the report ‘Silent Cyber Scenario: Opening the Flood Gates’ which is the latest in Aon’s Global Insurance Market Opportunities series.



Privacy Policy
We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.