U.S. stocks have opened the first full week of earnings season on an upbeat note, shrugging off last week's missile attack on Syria as a one-time and limited response to the latest allegations of chemical weapons use by the Assad regime.

The chief beneficiary in the markets appears to be Raytheon (RTN) , which makes the Tomahawk cruise missiles employed in the U.S. response.

But in spite of the muted reaction to this and other U.S. missile attacks in the Middle East over the years, the markets may be missing, or at least mispricing, the risk of a counter attack using cyber munitions.

The possibility is, or should be, on investors' minds in the wake of last month's announcement by the FBI and Dept. of Homeland Security that Russia has been conducting sustained infiltration of the U.S. energy grid.

"Since at least March 2016, Russian government cyber actors-hereafter referred to as "threat actors"-targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors," the agencies said in a statement last month.

The potential damage from attacks is frequently considered in academic and insurance circles. 

Less than a year ago, Stuart Madnick wrote in the Harvard Business Review that cyberattacks are "unavoidable" because we won't give up using computer networks. Madnick is a professor of information technologies at MIT, and the academic director of the MIT interdisciplinary consortium for improving critical infrastructure cybersecurity. 

In the piece he noted that "The tools to accomplish attacks are increasingly available on the dark web at decreasing costs, including troves of cyber tools stolen from the NSA and CIA."

Be worried, markets.
Be worried, markets.

So while Syria itself may not have the bandwidth, its ally and backer Russia is certainly building the capability necessary. This is perhaps all the more concerning given President Trump's penchant for taunting tweets and blustery posturing.  

A particular concern is secondary impacts of attacks. For instance, if a substantial portion of the U.S. power grid went down, the ripple effects could be felt for days or weeks. In many cases, electric power is required to pump water and sewage in large urban centers and a sustained outage could create havoc on a large scale.

Lloyds of London attempted to assess the potential financial risks of such a scenario in a 2015 report.

In one unlikely but technologically feasible outcome, the total economic impact on the U.S. economy was estimated at "$243bn, rising to more than $1trn in the most extreme version of the scenario," according to the report.

For sake of comparison, the National Oceanic and Atmospheric Administration estimates the costs of Hurricane Katrina, the costliest storm in U.S. history, at $161 billion.

A real-world stress test of sorts occurred in 2003 when the power grid in much of the Northeast was knocked offline on a hot summer day in August due to a computer coding glitch at a regional power company in Ohio.

Power for 50 million people was lost in a broad area that included much of New York City, many Northeast and Midwest states and most of Ontario, Canada. While much of the problem was resolved in a few hours, some areas were without power for much longer. The U.S. Dept. of Energy put the cost of the event at around $6 billion, though some private industry estimates put it at up to $10 billion at the time, or roughly $13.3 billion in current dollar terms.

Be worried, Mr. Market.