Emerging Threats to Internet Security: Difference between revisions
No edit summary |
No edit summary |
||
(5 intermediate revisions by the same user not shown) | |||
Line 11: | Line 11: | ||
==Categorization== | ==Categorization== | ||
Issues: [[ | * Issues: [[Economics of Cybersecurity]]; [[Cybercrime]]; [[Government Networks (.gov)]]; [[Incentives]] | ||
==Key Words== | ==Key Words== | ||
[http://cyber.law.harvard.edu/cybersecurity/Glossary_of_Core_Ideas#Botnet Botnets] | [http://cyber.law.harvard.edu/cybersecurity/Glossary_of_Core_Ideas#Botnet Botnets], | ||
[http://cyber.law.harvard.edu/cybersecurity/Glossary_of_Core_Ideas#Crimeware Crimeware] | [http://cyber.law.harvard.edu/cybersecurity/Glossary_of_Core_Ideas#Crimeware Crimeware] | ||
[http://cyber.law.harvard.edu/cybersecurity/Glossary_of_Core_Ideas#Malware Malware], | |||
[http://cyber.law.harvard.edu/cybersecurity/Glossary_of_Core_Ideas#Social_Engineering Social Engineering] | |||
==Synopsis== | ==Synopsis== |
Latest revision as of 13:24, 18 June 2010
Full Title of Reference
Emerging Threats to Internet Security: Incentives, Externalities and Policy Implications
Full Citation
Michel van Eeten and Johannes M. Bauer, Emerging Threats to Internet Security: Incentives, Externalities and Policy Implications, (2010) Journal of Contingencies and Crisis Management, Vol. 17, No. 4 SSRN
Categorization
Key Words
Botnets, Crimeware Malware, Social Engineering
Synopsis
Somewhere around 10% of all machines connected to the Internet are thought to be infected with malicious software. This has allowed the emergence of so-called ‘botnets’– networks of sometimes millions of infected machines that are remotely controlled by malicious actors. Botnets are mostly used for criminal purposes, but they also enable large-scale failures that might even reach disastrous proportions. We explain the rise of botnets as the outcome of the incentive structures of market players and present new empirical evidence on these incentives. The resulting externalities require some form of voluntary or government-led collective action. Our findings have implications for the controversial debate on the appropriate policy measures, where two perspectives on cybersecurity fight for dominance: national security and law enforcement.