A cyber attack against a major cloud computing firm could cause as much financial damage as Hurricane Sandy or Hurricane Katrina, the World Economic Forum and risk manager Marsh have warned.

Increasing numbers of businesses and individuals rely on cloud services for their IT, trusting some of the world's biggest technology companies to offer safe, good value services over the internet.

But this also concentrates risk in a handful of places, which are attracting increasing attention from criminal hackers and malign states, according to the Daily Telegraph.

"If an attacker took down a major cloud provider, the damages could be US$50 billion ($68.8b) to US$120b, so something in the range of a [Hurricane] Sandy event to a Katrina event," said John Drzik from Marsh, speaking at the launch of the WEF's annual Global Risks Report.

Advertisement

Cyber attacks now cost around US$1 trillion in damage per year compared to 2017's record of US$300b for natural disasters, he said.

"Cyber is at or above the scale of natural catastrophes, and yet the comparative infrastructure against it is much smaller in scale," Drzik said.

Hurricane Katrina devastated New Orleans in 2005. Insurers and risk managers warn cyber attacks can cause just as much financial damage in today's ever-more interconnected world. Photo / AP
Hurricane Katrina devastated New Orleans in 2005. Insurers and risk managers warn cyber attacks can cause just as much financial damage in today's ever-more interconnected world. Photo / AP

"Think about the government agencies and the voluntary organisations which focus on the response to natural disasters, versus national cyber agencies which are much less resourced. They have some capacity but not enough to deal with a significantly growing risk. International protocols have yet to emerge in dealing with cyber risk."

The risk is also growing as governments increasingly become involved in cyber attacks.

The threat of death from natural disasters had set them apart from merely financial costs, but cyber attacks can also cause more than just economic damage and, in some cases, put lives at risk.

Last year's "Wannacry" attack, which froze hundreds of thousands of computers globally and demanded a ransom from users, hit scores of NHS trusts, forcing operations to be cancelled and affecting the health service's ability to provide care.

The Global Risks Report found cyber risks are the fastest-growing concern among businesses, rising from sixth on last year's list of top 10 risks in terms of likelihood to third place.

Extreme weather events held on to the top spot and were joined by natural disasters, while refugee crises and terror attacks both dropped down the rankings.