The European Space Agency defines a solar flare as ‘a tremendous explosion on the Sun that happens when energy stored in twisted magnetic fields (usually above sunspots) is suddenly released.’ On Earth, a solar flare could have a devastating impact on power grids and cause widespread damage as a result of interconnected risks.
Although there has been little modelling of the risks and minimal loss experience, scientific research is now creating a better understanding of the phenomenon, underlining the severity of the threat and the need to be prepared for solar flare events. For example, the Helios Solar Storm Scenario, a report published by The Cambridge Centre for Risk Studies, provides a catastrophe scenario for a US-wide power system collapse after a solar flare. Furthermore, the Carrington Event, a solar storm in 1859, provided a real-life demonstration of the threat to critical infrastructure – and that in an age without the technology and power systems that would be at risk today.
Counting the cost
The Helios Solar Storm Scenario report highlights the risk exposure across various systemic shocks and serves as a stress test for managers and policymakers. Three different scenarios explored damage distributions and restoration periods, with US insurance industry losses estimated to be between US$55 billion and US$333.7 billion. This range, at the low end, is approximately double the insurance payouts for major natural disasters like Hurricane Katrina and Superstorm Sandy.
The Helios Solar Storm Scenario imagines direct and indirect damage resulting in power blackouts, insurance claims, and economic losses. Global supply chain disruptions are estimated to be between US$0.5 and US$2.7 trillion while the global GDP impact is put at between US$140 billion and US$613 billion. The report proposes three scenario variants (S1, S2, and X1) to capture different levels of damage and restoration times, emphasising the uncertainty surrounding extreme space weather impacts.
The limits of cyber insurance
Typically, cyber insurance policies will not specifically exclude space weather events (yet); however, there is a more general and far-reaching exclusion for infrastructure failure. Namely:
“Electrical failure, including any electrical power interruption, surge, brownout or blackout.”
A cyber insurance policy might also exclude space weather events more directly, as follows:
“Electromagnetic fields, radiation, earthquake, windstorm or other natural peril or any pollution or alleged or threatened discharge, dispersal, seepage, release or escape of pollutants or contamination of any kind.”
Note that cyber insurance policies will usually only cover non-physical damage from a cyber event. Therefore, interruption to revenues, loss of profits, and the increased costs of working as a result of a major space weather event, are likely to be excluded. However, it might be possible to claim some cover if the infrastructure which is impacted by the organisation is owned and operated by the policyholder and not a third party.
Given that the probability of a severe space weather event is similar to that of a global pandemic, it is a risk that should not be ignored. It is vital to understand the potential impact of an extreme event such as a solar flare and the strategies which can be deployed to minimise the impact to network operations as well as insurance policy coverage.
For more information and to understand how your insurance portfolio may be impacted by a space weather event, please contact the ElmoreCyberTeam@elmorebrokers.com.