Global hackers have unleashed a brace of attacks in recentmonths, but while their haul in bitcoin has been paltry, therevenue hit to companies infected is reaching into the hundreds ofmillions of dollars.

The WannaCry ransomware that spread in May featured a flaweddesign that led to its prompt shutdown, and June's computer viruscalled Petya was designed to wipe data rather than collect money.The two attacks netted the attackers around $140,000, according toanalysis of their bitcoin wallets.

The fallout for companies affected is proving costlier. Niveaskin-cream maker Beiersdorf said last Thursday that Petya cost 35million euros ($41.5 million) in first-half sales. The company hasyet to report the costs of held inventory and halted production in17 plants. Computers at its Hamburg, Germany, headquarters andnearly 160 global offices were also knocked off-line. “We haveworked here day and night, 24-7, across the globe,” CEO StefanHeidenreich told analysts.

Reckitt Benckiser, the U.K.-based maker of Dettol cleaners andDurex condoms, last month lopped 90 million pounds off its expectedsales this year after the June attack knocked 2,000 servers and15,000 company laptops out of commission. The company was stillmanufacturing at less than full capacity in July. French buildingmaterials manufacturer Cie. de Saint-Gobain said July 27 thecyberattack would drain about 250 million euros in sales thisyear.

“I don't think you can model a cyberattack,” said RobertWaldschmidt, an analyst at Liberum Capital in London, who coversReckitt and Beiersdorf. “Companies can only try their best toprepare defenses. This may mean that IT and consulting costs needto rise a bit to improve these defenses and or implement newones.”

Danish shipping company A.P. Moller-Maersk told customers lastweek it's still clearing backlog from a shutdown of its onlineordering system after its machines were infected by malware.

Companies are now piling up the sandbags in the expectation ofanother attack. Germany's national Deutsche Bahn railroad created a“cyber rapid deployment force” of highly trained IT specialistswith computer-threat experience to be available around the clockagainst future attacks, a spokesman said. The group restoredservice to ticket machines and departure boards after the WannaCryattack, he said.

U.K. advertising agency WPP Plc plans to invest more inthwarting hackers after a Petya infection spread across the group,which Chief Executive Officer Martin Sorrell called “an increasedcost of doing business.”

These costs can be hard for investors to estimate. “Saint-Gobainhas spent some cash to respond to the attack and says it's in amore solid position now to face future attacks,” said Eric Lemarie,an analyst at Bryan Garnier & Co. in Paris. “They say they willimplement some IT programs a bit differently, but that's it,really. The group hasn't really provided a specific figure thatwould need to be spent in the future to manage this risk.”

The resulting hundreds of millions in lost sales among Europeangroups may be dwarfed by the disruptions at American firmsincluding FedEx Corp., Merck & Co. and speech software makerNuance Communications Inc.

However, fewer European companies are insured againstcyberattacks than American groups, creating market opportunity forinsurers including Allianz, Zurich Insurance Group, Munich Re andSwiss Re, Charles Graham, an analyst at Bloomberg Intelligence,said. Saint-Gobain's CFO last week said cyberattack-related damageisn't typically covered by insurance contracts.

Lloyd's of London said in a report last month a potential globalcyber attack could wreak as much financial damage as HurricaneKatrina, and estimates the the worldwide cyber-insurance market isworth between $3 billion and $3.5 billion. It could rise to between$8.5 billion and $10 billion by 2020, according to Munich Re.

Spending by companies and governments to update old systems likeones that fell prey to WannaCry and Petya makes cybersecurity “anattractive multiyear” investment, said Patrick Kolb, who manages a$520 million IT security and safety fund at CreditSuisse.

“'If it's not broken do not fix it' simply doesn't work for ITsecurity,” he said. “The financial impact from business disruptionis likely to be far larger than $300 of ransom.”

It could cost companies a few million euros in the short term togird IT systems against further attacks, and expenditures could hitthe bottom line each year if the breaches keep coming, saidLiberum's Waldschmidt. “After the attack you can endeavor to modelit and need to consider how extensive the hit was and how longbusiness will be impacted,” he said “It's similar to modeling aholiday such as Easter.”

Bloomberg News

Copyright 2018 Bloomberg. All rightsreserved. This material may not be published, broadcast, rewritten,or redistributed.