Category Archives: cybercrime

7/9/17: What the Hack: Systematic Risk Contagion from Cyber Events

We just posted three new research papers on SSRN covering a range of research topics.

The second paper is "What the Hack: Systematic Risk Contagion from Cyber Events", available here:


This paper examines the impact of cybercrime and hacking events on equity market volatility across publicly traded corporations. The volatility influence of these cybercrime events is shown to be dependent on the number of clients exposed across all sectors and the type of the cyber security breach event, with significantly large volatility effects presented for companies who find themselves exposed to cybercrime in the form of hacking. Evidence is presented to suggest that corporations with large data breaches are punished substantially in the form of stock market volatility and significantly reduced abnormal stock returns. Companies with lower levels of market capitalisation are found to be most susceptible. In an environment where corporate data protection should be paramount, minor breaches appear to be relatively unpunished by the stock market. We also show that there is a growing importance in the contagion channel from cyber security breaches to markets volatility. Overall, our results support the proposition that acting in a controlled capacity from within a ring-fenced incentives system, hackers may in fact provide the appropriate mechanism for discovery and deterrence of weak corporate cyber security practices. This mechanism can help alleviate the systemic weaknesses in the existent mechanisms for cyber security oversight and enforcement.

10/6/17: Visualizing Cyber Security Attacks

Here is a brilliant visualization of data breaches over time and by size:

As the chart above clearly shows, the number of reporter/disclosed attacks has exploded, staring with 2014, and the volume of attacks (data files impacted) has blown out starting 2010 (note: Yahoo attacks were severely lagged in reporting). In part, the two factors are down to changes in reporting and disclosure rules, and in part they are down to changes in reporting practices. But, as we observe econometrically in our recent papers on the subject: and, the pattern on frequency, severity and impact of attacks, as well as their typology, are richer than the chart above provides.

Starting with 2010s, the typology of cyber security risks and attacks has been shifting from malicious and accidental losses of hardware and accidental disclosures of data to malware-based hacks, direct hacks, and illegal disclosures. The distribution of attacks has been changing since 2014, with smaller and larger, state and private sector players being hit with higher frequency, as opposed to the 2000s-early 2010s when we had more concentrated distribution of attacks. And, crucially, the impact of the attacks is also changing: starting with 2014, we are witnessing systemic shocks contagion propagating from individual attack targets to their exchanges and even to other exchanges.