The effect of information security breaches on publicly listed companies’ business performance : Research about the impact of distinct information security breach types on stock market value of publicly listed companies

The negative repercussions of cyber threats on business entities are substantial. However, the existing body of research on this topic presents contradictory or imprecise findings, impeding the establishment of a consensus on effective prevention or mitigation strategies. Compounding this issue is the lack of precision and standardization in measuring and categorizing information security breaches. This study aims to enhance our understanding of the direct and long-term impacts of information security breaches on business performance, specifically by utilizing a novel classification to measure differential impacts on the stock market value of publicly listed companies. To achieve this, the following research question is posed: What are the respective impacts of disruptive and exploitative information security breaches on the stock market value of publicly listed companies, and how do these impacts evolve over time? Drawing on prior research indicating the relevance of disruptive and exploitative characteristics in understanding the effects of information security breaches on victim companies, this study seeks to improve precision and standardization in breach measurement. To answer the research question, an extensive quantitative analysis is conducted using the Cyber Event Database from the University of Maryland and historical stock market data. The investigation focuses on identifying correlations between information security breaches and stock market responses. The findings reveal that information security breaches significantly harm business performance in the short- and long-term, particularly when breaches exhibit exploitative characteristics. Moreover, these adverse effects persist long after the occurrence of the breach. The outcomes of this research provide decision-makers with valuable insights to better comprehend, anticipate, and prepare for the persistent threats posed by information security breaches. Additionally, this study contributes to existing research by expanding upon previous works. Nevertheless, further research is warranted to gain a more comprehensive understanding of the intricate dynamics within cyberspace

Business Model of a Botnet

Botnets continue to be an active threat against firms or companies and individuals worldwide. Previous research regarding botnets has unveiled information on how the system and their stakeholders operate, but an insight on the economic structure that supports these stakeholders is lacking. The objective of this research is to analyse the business model and determine the revenue stream of a botnet owner. We also study the botnet life-cycle and determine the costs associated with it on the basis of four case studies. We conclude that building a full scale cyber army from scratch is very expensive where as acquiring a previously developed botnet requires a little cost. We find that initial setup and monthly costs were minimal compared to total revenue.Comment: Proceedings of 2018, 26th Euromicro International conference on Parallel, Distributed, and Network-Based Processing (PDP

Ethical Issues in cybersecurity: employing red teams, responding to ransomware attacks and attempting botnet takedowns

The following four research questions are analysed in this thesis: What are the ethical issues that arise in cybersecurity in the business domain? Is it ethically appropriate for organisations to employ red teams to find security vulnerabilities? What is the ethically appropriate organisational response to a ransomware attack? Is it ethically appropriate for organisations to attempt a botnet takedown in response to a DDoS attack? The first research question is answered by way of a literature review which reveals that many ethical issues arise in cybersecurity in the business domain. The second, third and fourth research questions are analysed using a strategic method described by Robert A Phillips. This method, based on stakeholder theory and the political theory of John Rawls, provides a philosophical basis for stakeholder legitimacy and the prioritisation of stakeholders’ interests should conflict of interests amongst stakeholders arise. This method can be replicated by decision-makers to determine ethically appropriate courses of action to take

Measuring the changing cost of cybercrime

In 2012 we presented the first systematic study of the costs of cybercrime. In this paper, we report what has changed in the seven years since. The period has seen major platform evolution, with the mobile phone replacing the PC and laptop as the consumer terminal of choice, with Android replacing Windows, and with many services moving to the cloud. The use of social networks has become extremely widespread. The executive summary is that about half of all property crime, by volume and by value, is now online. We hypothe- sised in 2012 that this might be so; it is now established by multiple victimisation studies. Many cybercrime patterns appear to be fairly stable, but there are some interesting changes. Payment fraud, for example, has more than doubled in value but has fallen slightly as a proportion of payment value; the payment system has simply become bigger, and slightly more efficient. Several new cybercrimes are significant enough to mention, including business email compromise and crimes involving cryptocurrencies. The move to the cloud means that system misconfiguration may now be responsible for as many breaches as phishing. Some companies have suffered large losses as a side-effect of denial-of-service worms released by state actors, such as NotPetya; we have to take a view on whether they count as cybercrime. The infrastructure supporting cybercrime, such as botnets, continues to evolve, and specific crimes such as premium-rate phone scams have evolved some interesting variants. The over- all picture is the same as in 2012: traditional offences that are now technically ‘computer crimes’ such as tax and welfare fraud cost the typical citizen in the low hundreds of Eu- ros/dollars a year; payment frauds and similar offences, where the modus operandi has been completely changed by computers, cost in the tens; while the new computer crimes cost in the tens of cents. Defending against the platforms used to support the latter two types of crime cost citizens in the tens of dollars. Our conclusions remain broadly the same as in 2012: it would be economically rational to spend less in anticipation of cybercrime (on antivirus, firewalls, etc.) and more on response. We are particularly bad at prosecuting criminals who operate infrastructure that other wrongdoers exploit. Given the growing realisation among policymakers that crime hasn’t been falling over the past decade, merely moving online, we might reasonably hope for better funded and coordinated law-enforcement action

Measuring the Changing Cost of Cybercrime

In 2012 we presented the first systematic study of the costs of cybercrime. In this paper, we report what has changed in the seven years since. The period has seen major platform evolution, with the mobile phone replacing the PC and laptop as the consumer terminal of choice, with Android replacing Windows, and with many services moving to the cloud. The use of social networks has become extremely widespread. The executive summary is that about half of all property crime, by volume and by value, is now online. We hypothesised in 2012 that this might be so; it is now established by multiple victimisation studies. Many cybercrime patterns appear to be fairly stable, but there are some interesting changes. Payment fraud, for example, has more than doubled in value but has fallen slightly as a proportion of payment value; the payment system has simply become bigger, and slightly more efficient. Several new cybercrimes are significant enough to mention, including business email compromise and crimes involving cryptocurrencies. The move to the cloud means that system misconfiguration may now be responsible for as many breaches as phishing. Some companies have suffered large losses as a side-effect of denial-of-service worms released by state actors, such as NotPetya; we have to take a view on whether they count as cybercrime. The infrastructure supporting cybercrime, such as botnets, continues to evolve, and specific crimes such as premium-rate phone scams have evolved some interesting variants. The overall picture is the same as in 2012: traditional offences that are now technically ‘computer crimes’ such as tax and welfare fraud cost the typical citizen in the low hundreds of Euros/dollars a year; payment frauds and similar offences, where the modus operandi has been completely changed by computers, cost in the tens; while the new computer crimes cost in the tens of cents. Defending against the platforms used to support the latter two types of crime cost citizens in the tens of dollars. Our conclusions remain broadly the same as in 2012: it would be economically rational to spend less in anticipation of cybercrime (on antivirus, firewalls, etc.) and more on response. We are particularly bad at prosecuting criminals who operate infrastructure that other wrongdoers exploit. Given the growing realisation among policymakers that crime hasn’t been falling over the past decade, merely moving online, we might reasonably hope for better funded and coordinated law-enforcement action

Measuring the changing cost of cybercrime

In 2012 we presented the rst systematic study of the costs of cybercrime. In this paper, we report what has changed in the seven years since. The period has seen major platform evolution, with the mobile phone replacing the PC and laptop as the consumer terminal of choice, with Android replacing Windows, and with many services moving to the cloud. The use of social networks has become extremely widespread. The executive summary is that about half of all property crime, by volume and by value, is now online. We hypothesised in 2012 that this might be so; it is now established by multiple victimisation studies. Many cybercrime patterns appear to be fairly stable, but there are some interesting changes. Payment fraud, for example, has more than doubled in value but has fallen slightly as a proportion of payment value; the payment system has simply become bigger, and slightly more ecient. Several new cybercrimes are signicant enough to mention, including business email compromise and crimes involving cryptocurrencies. The move to the cloud means that system misconguration may now be responsible for as many breaches as phishing. Some companies have suered large losses as a side-eect of denial-of-service worms released by state actors, such as NotPetya; we have to take a view on whether they count as cybercrime. The infrastructure supporting cybercrime, such as botnets, continues to evolve, and specic crimes such as premium-rate phone scams have evolved some interesting variants. The overall picture is the same as in 2012: traditional oences that are now technically `computer crimes' such as tax and welfare fraud cost the typical citizen in the low hundreds of Euros/ dollars a year; payment frauds and similar oences, where the modus operandi has been completely changed by computers, cost in the tens; while the new computer crimes cost in the tens of cents. Defending against the platforms used to support the latter two types of crime cost citizens in the tens of dollars. Our conclusions remain broadly the same as in 2012: it would be economically rational to spend less in anticipation of cybercrime (on antivirus, rewalls, etc.) and more on response. We are particularly bad at prosecuting criminals who operate infrastructure that other wrongdoers exploit. Given the growing realisation among policymakers that crime hasn't been falling over the past decade, merely moving online, we might reasonably hope for better funded and coordinated law-enforcement action