You are here: Home / Papers / OECD Science, Technology and Industry Working Papers / Economics of Malware
- 1815-1965 (online)
The OECD Directorate for Science, Technology and Innovation (STI) leads OECD research on the contribution of science, technology and industry to well-being and economic growth. STI Working Papers cover a broad range of topics including definition and measurement of science and technology indicators, global value chains, and research on policies to promote innovation. These technical or analytical working papers are prepared by staff or outside consultants to share early insights and elicit feedback.
Economics of Malware
Security Decisions, Incentives and Externalities
Click to Access:
- Michel J. G. van Eeten1, Johannes M. Bauer2
- Author Affiliations
- 1: Delft University of Technology, Netherlands
- 2: Michigan State University, United States
- 29 May 2008
- Bibliographic information
Malicious software, or malware for short, has become a critical security threat to all who rely on the Internet for their daily business, whether they are large organisations or home users. While originating in criminal behaviour, the magnitude and impact of the malware threat are also influenced by the decisions and behaviour of legitimate market players such as Internet Service Providers (ISPs), software vendors, e-commerce companies, hardware manufacturers, registrars and, last but not least, end users. This working paper reports on qualitative empirical research into the incentives of market players when dealing with malware. The results indicate a number of market-based incentive mechanisms that contribute to enhanced security but also other instances in which decentralised actions may lead to sub-optimal outcomes - i.e. where significant externalities emerge.