Selected Journal Publications


Global Co-operation is Best Way to Deter Cybercrime

Cybercrime Deterrence and International Legislation: Evidence from Distributed Denial of Service Attacks
HUI, Kai Lung | KIM, Seung Hyun | WANG, Qiu-Hong
MIS Quarterly, 41, 2, June 2017, 497-523

Cybercrime costs firms and organisations money – equivalent to 1.5 per cent of a country’s GDP according to one estimate, and up to $100,000 per hour for retailers under attack according to another. The Convention on Cybercrime (COC) was unveiled in 2001 as the first international legislation to address the problem. But a new study shows that while it helps those who have signed on, it also displaces crime to non-signatories – pointing to the need for a unified international effort to fight cybercrime.

Kai-Lung Hui, Seung Hyun Kim and Qiu-Hong Wang produce some of the strongest evidence to date on the effectiveness of the COC in deterring cybercrime among signatories, non-signatories, and signatories who make reservations about implementing specific sections such as preserving and sharing stored computer data. They also show what this reveals about cybercriminals.

“Supposedly such international co-operation should heighten the certainty and speed of apprehending and convicting global cyber criminals and thus deter crime. But the COC has been criticised for its vague definition of cybercrime and for lacking specific concrete mechanisms. There has also been scant empirical evidence of the effectiveness of other similar laws, so we are left with the question: does the COC help deter cybercrime?” they said.

They set out to answer that question by studying DDOS attacks (distributed denial of service) in 106 countries over 177 days from 2004 to 2008. Twenty-three of the countries had signed the COC, 12 with reservations.

DDOS attacks are carried out by a wide range of attackers and are pervasive on the Internet – one survey of IT professionals in 38 countries found 50 per cent had experienced such attacks, with the main purposes being to disrupt operations, distract a business while another attack took place, or using the attack to hold a company to ransom. Key targets were banks, telecom companies and financial services organisations, suggesting a financial motivation behind the attacks.

In the 106-country study, attacks were compared to country information and showed that COC enforcement led to an average 11.8 per cent decrease in DDOS attacks. For countries that fully enforced COC without reservation, the decrease was up to 68.7 per cent.

“This is economically significant and implies that enforcement could have reduced the number of victims [computers attacked] by 96 per country per day,” the authors said.

They also found that the difference in the number of DDOS attack victims between enforcing and non-enforcing countries widened over time, and in non-enforcing countries the number actually increased due to spill-over effects. Enforcing countries that made reservations to the COC also did not experience a decline in attacks.

“A significant positive effect of one particular reservation – preserving stored computer data for other countries – is illuminating. It implies attackers are concerned about international co-operation. Any divergence in concepts or attitudes towards crime or political ideology across countries could be exploited by criminals to evade prosecution. Hence, it would help if countries can work closer together,” the authors said.

Otherwise, with a piecemeal approach rather than global enforcement, the deterrence effect on cybercrime would be ambiguous at best, they said.

The authors also found evidence that attackers in cyberspace are rational and perhaps could be restrained by economic measures, such as taxing software that may be used in cyber attacks or Internet services with dynamic IP addresses, or mandating the registration of visitors to Internet cafés.

“The growth of cybercrime is staggering and causes significant loss to the global economy, but the solution so far seems to be passive. Many technical counter-measures, such as advanced detection or security perimeters, are devised or tuned after new attacks have emerged.

“We hope this study can strengthen the confidence in the COC’s effectiveness, crystallise its merits due to international co-operation, and spur closer co-operation at the global scale,” the authors said.


Try different words


Thank you for your comments!