NEW YORK — A three-hour shutdown of the New York Stock Exchange on the same day that a network failure halted all United Airlines flights in the United States had people across the country thinking one thing: cyberattack.

It wasn't, but the July 8 incidents were alarmingly close to the Armageddon scenario that Austin Berglas, a former FBI agent, described in an interview last month, in which the Nasdaq exchange, the New York subway system and power provider Con Edison go offline at the same time.

Berglas, who started the FBI's New York cybercrime unit in 2009 and worked on probes into a breach at JPMorgan Chase and the Silk Road drug market, joined corporate investigations company K2 Intelligence in April. The firm is partly owned by American International Group, which is seeking to sell insurance policies for property and infrastructure damage caused by hackers and cyberterrorists.

"There's going to be mass panic, people are going to think it's a terrorist attack, people are going to think it's another 9/11 event," Berglas said. "You're not only dealing with a cyber-incident, but now you have to get folks stranded in a subway in the middle of tubes, or people stuck in buildings."

K2, founded by corporate investigators Jules Kroll and his son Jeremy, has been bulking up its cyber-response unit with former FBI agents. AIG, one of the first firms to offer insurance for property damage caused by hackers, is counting on Berglas's team to investigate attacks on policyholders. It's also asking K2 to provide data on threats to protect clients from events that could cost hundreds of millions of dollars.

"We'd like to aggregate that data to use for ourselves, but also to use for our clients so they know what industries are being targeted by what type of attackers, what the motivation is, if it's on the rise," said Tracie Grella, who oversees cyber coverage at AIG for clients including retailers, banks and energy companies.

Grella said AIG will offer coverage limits of as much as $100 million for property damage and $100 million in bodily injury caused by a cyberattack. She predicts the market could balloon to $10 billion in annual premiums by 2020, compared with about $2 billion this year, as more companies buy policies. That's still small compared with the more than $85 billion of premiums for homeowners' policies sold in the U.S. last year.

Zurich Insurance Group and Munich Re say they are considering offering infrastructure-damage policies similar to AIG's. None of the companies has signed a contract.

"We are listening to our customers, who tell us they are looking for larger limits -- some as high as $1 billion in coverage for cyber property damage and business interruption for larger corporate properties and facilities," said Dan Riordan, chief executive officer of Zurich Global Corporate in North America. He wouldn't say how much coverage Zurich might provide.

Since the first cyber policy was written in the late 1990s, insurers have been unwilling to provide coverage for all losses.

Most firms are reluctant to offer policies for property damage resulting from hacking because there's almost no data available to determine costs, according Tracy Dolin, an analyst at Standard & Poor's. Insurers have been excluding infrastructure damage caused by cyberattacks from standard property and general liability policies, said Kevin Kalinich, who leads the cyberrisk team at insurance broker Aon.

During an interview at K2's midtown Manhattan office, he used terms like DDoS attack, TTP and CISO -- that's Distributed Denial of Service; Tactics, Techniques and Procedures; and chief information security officer. But he can describe nightmare scenarios to civilians in clear sound bites.

He began working on cybercrime at the FBI while investigating child exploitation over the Internet. Berglas had served a six years in the military, before joining the FBI in 1999.

After starting the New York team, he had several high-profile assignments, including overseeing last year's probe of a network breach at JPMorgan that involved more than 70 million customers. Members of his 100-person team also seized control of Silk Road's online drug market, leading to a life sentence for kingpin Ross William Ulbricht.

That experience is useful to AIG, which has fewer than 20 years of actuarial records to craft its cyber-offerings, compared with 50 to 100 years of data available to underwrite other forms of property or general liability insurance, Grella said. She first met Berglas about a year ago, when the FBI briefed AIG on global cyberrisks. She said she realized that the insurer and the government were seeing similar threats.