At Least 57 Negative Impacts from Cyber-Attacks

Cyber-security researchers have identified a total of at least 57 different ways in which cyber-attacks can have a negative impact on individuals, businesses and even nations, ranging from threats to life, causing depression, regulatory fines or disrupting daily activities

The researchers, from Kent’s School of Computing and the Department of Computer Science at the University of Oxford, set out to define and codify the different ways in which the various cyber-incidents being witnessed today can have negative outcomes.

They also considered how these outcomes, or harms, can spread as time passes. The hope is that this will help to improve the understanding of the multiple harms which cyber-attacks can have, for the public, government, and other academic disciplines.

Overall the researchers identified five key themes under which the impact – referred to in the article as a cyber-harm – from a cyber-attack can be classified:

Physical/Digital
Economic
Psychological
Reputational
Social/societal

Each category contains specific outcomes that underline the serious impact cyber-attacks can have. For example, under the Physical/Digital category there is the loss of life or damage to infrastructure, while the Economic category lists impacts such as a fall in stock price, regulatory fines or reduced profits as a possibility.

In the Psychological theme, impacts such as individuals being left depressed, embarrassed, shamed or confused are listed, while Reputational impacts can include a loss of key staff, damaged relationships with customers and intense media scrutiny.

Finally, on a Social/Societal level, there is a risk of disruption to daily life such as an impact on key services, a negative perception of technology or a drop in internal morale in organizations affected by a high-level incident.

Taxonomy of organizational cyber-harms.

The researchers point to high-profile attacks against Sony, JP Morgan and online dating website Ashley Madison, as examples where a wide variety of negative outcomes were experienced, from reputational loss, causing shame and embarrassment for individuals or financial damage.

They say these incidents underline why a taxonomy of impacts and harms is so important for businesses. Many successful cyber-attacks have been traced to exploits of well-known vulnerabilities that had not been dealt with appropriately because of a lack of action by firms who did not appreciate the ways in which they could be affected by a cyber-attack.

By providing a detailed breakdown of the many different ways a cyber-attack can impact a business and third-parties, it gives board members and other senior staff a better understanding of both direct and indirect harms from cyber-attacks when considering the threats their organization faces. This also equally applies to other organizations and even governments or those who manage critical national infrastructure.

Commenting on the article, Dr. Nurse from the School of Computing: ‘It’s been well understood that cyber-attacks can have numerous negative impacts. However, this is the first time there has been a detailed investigation into what these impacts are, how varied they can be, and how they can propagate over time. This base figure of 57 underlines how damaging cyber-incidents can be and we hope it can help to better understand how a business, individual or even nation is affected by a cyber-attack. This is going to be even more relevant as everything and everyone becomes connected and the Internet of Things is fully realized.’

A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate.

4 Comments
  1. It’s hard to find knowledgeable people in this particular topic, but you seem
    like you know what you’re talking about! Thanks

  2. I’m extremely inspired along with your writing talents and also with
    the structure for your blog. Is this a paid subject or did
    you modify it yourself? Either way stay up the
    nice high quality writing, it is rare to peer a great weblog like this one nowadays..

  3. Nice post. I was checking constantly this blog and I am impressed!
    Extremely useful info specially the last part 🙂 I care for
    such info much. I was looking for this certain information for a very long
    time. Thank you and best of luck.

Leave a Reply

Your email address will not be published.

©2020 Global Cyber Security Report. Use Our Intel. All Rights Reserved. Washington, D.C.