Author Archives: Gordon Woo

About Gordon Woo

Catastrophist, RMS
Gordon is a catastrophe-risk expert, with 30 years’ experience in catastrophe science, covering both natural and man-made hazards. Gordon is the chief architect of the RMS terrorism risk model, which he started work on a year after joining RMS in December 2000. For his thought leadership in terrorism risk modeling, he was named by Treasury & Risk magazine as one of the 100 most influential people in finance in 2004. He has since lectured on terrorism at the NATO Center of Excellence for the Defense against Terrorism, and testified before the U.S. Congress on terrorism-risk modeling. As an acknowledged, international expert on catastrophes, Gordon is the author of two acclaimed books: “The Mathematics of Natural Catastrophes” (1999) and “Calculating Catastrophe” (2011). Dr. Woo graduated as the best mathematician of his year at Cambridge University and he completed his doctorate at MIT as a Kennedy Scholar and was a member of the Harvard Society of Fellows. He also has an Master of Science in computer science from Cambridge University.

On Writing a Book on Cyber Risk

Accessing information on the Internet was once likened to searching for information in a library, where the pages of all the books had been ripped out and strewn on the floor. Everyone knows that there is a colossal amount of online information about cyber security issues. How can this seemingly boundless ocean of information be processed for the practical benefit of cyber risk professionals?

This is a daunting multi-disciplinary challenge because cyber risk management spans the broad domains of information technology, risk regulation, law and criminology, security economics, insurance, as well as risk analysis.

This challenge can’t be met by one person – but it can with three. Early in 2017, Andrew Coburn conceived of the idea of a book on cyber risk, with Éireann Leverett and myself as the two other co-authors. Eireann is an ethical hacker, with specialist capabilities and technical insight into the shadowy world of cyber attack and defense. I knew he had special expertise when he showed he could hack my (Samsung) phone in five minutes.

After a brainstorming session in the RMS London office, Andrew came up with the title, Solving Cyber Risk, and after a year and a half of gestation, this book has just been published by Wiley.

Continue reading

Insuring Against Failure: The Terrorist Threat to Australia

This is a reprint of an article originally published in Insurance News. For the original article, click here.

Australia, along with New Zealand, is part of the formidable Five Eyes Alliance with the intelligence forces of the U.K., U.S. and Canada.

With a massive annual budget of US$100 billion (AUD$138 billion), this is the most effective and intrusive intelligence cooperative in the world, capable of smashing terrorist cells and interdicting complex terrorist plots.

The price of security is not just financial; there is also a cost in loss of privacy. At a recent Five Eyes ministerial meeting on Australia’s Gold Coast, a statement was issued warning that privacy is not absolute, and tech companies must give law enforcement access to encrypted data.

Credible intelligence assessed by Australian security agencies indicates individuals or groups continue to possess the intent and capability to conduct a terrorist attack in Australia. On a five-grade scale, the current threat level is three: probable. The higher grades are “expected” and “certain”. By comparison, the U.K. threat level is one notch higher at grade four.

Everyone has their own social network. For terrorists, interaction with their social network is needed for motivation and gaining the tradecraft for terrorist operations. However, the more communication there is between cell members, the greater the chance that counter-terrorism surveillance will close in. Too many terrorists spoil the plot.

Continue reading

Civil War Drives the Spread of Ebola

The worst outbreak of Ebola in the DRC (Democratic Republic of Congo), Africa’s second largest country by area, with a population of over 77 million, has already claimed several hundred lives, and there have been more than three hundred and fifty cases.

Many of the Ebola cases have been in Beni (pop. ~230,000), a major city in North Kivu province, close to the Ugandan border. DRC is a failing state, where the government regime is weak, and cannot prevent militias from pillaging DRC’s abundant mineral resources. One such militia is the ADF (Allied Democratic Forces), which was formed in neighboring Uganda in the 1990s, and operates in the mineral-rich border area in North Kivu province.

The geography of the disease spread is intriguing for epidemiologists. Officially declared on August 1, 2018, this is the tenth outbreak of Ebola in DRC since 1976, but this is the first time that Ebola has affected the far northeast of this vast Central African nation. A crucial risk factor hampering the control of Ebola in this region is the conflict over mineral resources. This has limited the number of inhabitants who can be vaccinated, and restricted the access of health response teams, who are exposed to personal danger such as physical assault and kidnapping. Indeed, insecurity was a factor delaying the alert to the actual start of the outbreak, which was several months before the official declaration.

Continue reading

Downward Counterfactual of the Seattle Suicide Pilot Crash

When hazard events occur, substantial resources are often committed to find out what happened, and investigate the factors that led up to them. Rarely is there a systematic investigation of downward counterfactuals, addressing the question: how could the loss consequences have been more severe?

On October 31, 1999, an Egyptian pilot, Gameel Al-Batouti, deliberately crashed EgyptAir 990 into the Atlantic, en route from JFK to Cairo. Batouti had waited to be alone in the cockpit of the Boeing 767, and had intentionally manouvered the airplane to its destruction, switching off the engines. His last words, repeated several times, were, ‘I trust in Allah’.

Continue reading

Terrorism Modeling: The Challenges of Keeping One Step Ahead

A version of this article was published by Insurance Day

Terrorism is asymmetric warfare, and terrorism risk analysis entails knowing not only what has occurred in past terrorist campaigns, but also everything that could have occurred. Carl von Clausewitz, the foremost Prussian military theorist, insisted that perfecting the art of warfare entailed knowing not only what had occurred in previous wars, but also everything that could have occurred. The catalog of successful terrorist attacks is only a small subset of the much longer list of terrorist plots, most of which have been interdicted through the diligent surveillance and pre-emptive action of the counter-terrorism forces.

Continue reading

RMS: Working for the Good of the Game

On November 13, 2015, the multiple terrorist attacks on Paris began with a suicide bomb blast at the 81,000 capacity Stade de France soccer stadium, where France were playing Germany in an international friendly. Soccer is the world’s most popular game, and terrorism is the language of being noticed. When France hosted the FIFA World Cup in 1998, Algerian terrorists planned to attack the opening match in Marseille between England and Tunisia, and follow-up by attacking the U.S. soccer team in their Paris hotel. Fortunately, a mole inside the Algerian terrorist organization passed on intelligence to the French security service, and the plot was disrupted.

Continue reading

Reimagining the 1918 Pandemic

Ask any child, a world without Walt Disney would be unimaginable. Born in December 1901, Walt was sixteen years old when he caught the 1918 pandemic influenza — and survived. A century has passed since the great 1918 pandemic, in which tens of millions died, the deadliest in history. When an anniversary of a major event comes round, we can ask what if the event were to occur today.

Catastrophe modelers can also reimagine the event being different from what it actually was. This counterfactual perspective leads to important insights into pandemic risk, which have only recently emerged from virological research.

Continue reading

Lassa Fever Outbreak in Nigeria

A few years ago, West Africa was struck by an epidemic of Ebola, which killed more than ten thousand people in Liberia, Sierra Leone, and Guinea. The first case of Ebola was a child who had been playing in a bat-infested tree. From him, the disease rapidly spread from person to person in a chain reaction of contagion. A quite different type of hemorrhagic disease is Lassa fever, which was first identified in 1969, and named after the town in Nigeria where the first cases were observed.

Continue reading

Terror in Manhattan

After Faizal Shahzad was arrested on May 1, 2010, for attempting to detonate a vehicle bomb in Times Square, Mayor Bloomberg commented, “It’s been said that when you find a terrorist, he’ll have a map of New York City in his back pocket.” A few blocks from Times Square is the Port Authority Bus Terminal, where a pipe bomb explosion occurred at 7.20 a.m. local time on Monday, December 11, 2017, in an underground passage, about 200 feet (60 meters) from the bus terminal.

Continue reading

Reimagining the WannaCry Cyberattack

On Thursday April 6, 2017, President Trump ordered a Tomahawk missile attack on a Syrian military airfield. This was a direct response to President Assad’s use of sarin gas to attack Syrian dissidents. Just two days later, the password to an encrypted archive of cyber weapons (stolen from the U.S. National Security Agency) was posted by the so-called Shadow Brokers cyber group. This hacking group is thought to have connections with Russia, which is the leading supporter of the Assad regime. They were angered by President Trump’s action.

An immediate beneficiary of this password release was the Lazarus Group, linked with North Korea, which had been launching ransomware attacks at targets over the previous several months. What they lacked was an effective tool to propagate their ransomware from computer to computer. This missing tool, a Microsoft Windows bug called “EternalBlue”, they now were gifted thanks to Shadow Brokers.

Continue reading