Cybercrime Deterrence and International Legislation: Evidence from Distributed Denial of Service Attack
We estimate the impact of enforcing the Convention on Cybercrime (COC) on deterring distributed denial of service (DDOS) attack. Our data set comprises a sample of real random spoof-source DDOS attacks recorded in 106 countries in 177 days in 2004-2008. We find enforcing the COC decreases DDOS attack by at least 10.8%, but a similar deterrence effect does not exist if the enforcing countries make a reservation on international co-operation. We also find evidence of network and displacement effects in COC enforcement. Our findings imply attackers in the cyberspace are rational and motivated by economic incentives, and strategic in choosing attack targets. We draw related implications.
Kai-Lung Hui is a professor in the Department of Information Systems, Business Statistics, and Operations Management at the Hong Kong University of Science and Technology. His research interests include information privacy and security, information technology policies, and electronic commerce. His research has been published in Management Science, Information Systems Research, MIS Quarterly, and Journal of MIS, among others. He has served on the editorial boards of various journals and conferences, and is currently a senior editor of Information Systems Research.
Dr. Hui has provided consulting services to various government and non-government organizations, including the Intellectual Property Department of the Hong Kong SAR Government, the World Intellectual Property Organization (WIPO), and the Ministry of Law of Singapore. He has taught courses in business strategy, privacy and security management, and technology management, among others. He obtained his BBA and PhD degrees from the Hong Kong University of Science and Technology.