According to SMU Assistant Professor of Information Systems Wang Qiuhong, unravelling the economics of cyberattacks is just as important as grasping the technologies that hackers use to launch them. “I think cybersecurity is not just a technical issue, but also a business and economics issue. We need researchers who can cross disciplines, and who deeply understand the technology as well as the economics and social science,” she said. “They can then bring these disciplines together and gain insights that will facilitate decision making.”
Together with her collaborators, Assistant Prof Wang has used economic modelling to assess how effective the Convention on Cybercrime (COC) has been at deterring distributed denial of service (DDOS) attacks. Introduced in 2001 and now signed by more than 50 countries, the COC is the world’s first piece of international legislation against cybercrime. Using data from real attacks in 106 countries, the researchers showed that enforcement of the COC was associated with a nearly 12 per cent decrease in DDOS attacks; this effect, however, disappeared when the enforcing countries were unwilling to fully engage in international co-operation. Assistant Prof Wang and her collaborators published their results in a 2017 paper in MIS Quarterly, titled ‘Cybercrime deterrence and international legislation: Evidence from distributed denial of service attacks’.