EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

What drives cybercrime? Empirical evidence from DDoS attacks

Bastiaan Overvest () and Bas Straathof
Additional contact information
Bastiaan Overvest: CPB Netherlands Bureau for Economic Policy Analysis

No 306, CPB Discussion Paper from CPB Netherlands Bureau for Economic Policy Analysis

Abstract: Distributed Denial of Service (DDoS) attacks are a frequently occurring type of cybercrime, with potentially large costs to the real economy. We propose a simple model of the size and direction of DDoS attacks. The main predictions of the model are that effective botnets are located in countries with many internet users and high internet speeds, and that the most attractive targets of DDoS attacks are countries with many internet users. We use a theoretical framework to derive a structural equation that resembles the ”gravity equations” common in the literature on international trade. The empirical results are consistent with the predictions of the model. The number of internet users is strongly related to the number of international DDoS attacks: our results suggest that a ten percent increase in the number of internet users worldwide would raise the total number of DDoS attacks by eight percent. Bandwidth in the country of origin is also significantly related to attacks, but quantitatively not very important. The vulnerability of computers does not seem influential. We use international data from www.digitalattackmap.com on 55,000 DDoS attacks in 2013 and 2014. The vast majority of attacks originate from the United States (6,256 attacks in 2013/2014) and China (2851 attacks). The Netherlands ranks third with 834 attacks. We estimate an econometric model with economic and technological variables in order to explain observed DDoS patterns. Our model is inspired by models from the international trade literature that explain trade patterns. Trade relations are significantly related to attacks, while other economic factors including GDP per capita do not appear to play a role. The geographical distance between countries is not relevant, while historical ties between countries are significantly related to the number of attacks. This paper is one of the first to explore possible determinants of cybercrime at an aggregate level. We hope that by uncovering some general patterns in the data, our research may contribute to the growing and exciting field of cybersecurity economics.

JEL-codes: F14 F51 L86 (search for similar items in EconPapers)
Date: 2015-04
New Economics Papers: this item is included in nep-ict
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (5)

Downloads: (external link)
https://www.cpb.nl/sites/default/files/publicaties ... nce-ddos-attacks.pdf (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:cpb:discus:306

Access Statistics for this paper

More papers in CPB Discussion Paper from CPB Netherlands Bureau for Economic Policy Analysis Contact information at EDIRC.
Bibliographic data for series maintained by ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:cpb:discus:306