OECD Science, Technology and Industry Working Papers

ISSN :
1815-1965 (online)
DOI :
10.1787/18151965
Hide / Show Abstract
The OECD Directorate for Science, Technology and Innovation (STI) leads OECD research on the contribution of science, technology and industry to well-being and economic growth. STI Working Papers cover a broad range of topics including definition and measurement of science and technology indicators, global value chains, and research on policies to promote innovation. These technical or analytical working papers are prepared by staff or outside consultants to share early insights and elicit feedback.
 

Economics of Malware

Security Decisions, Incentives and Externalities You or your institution have access to this content

Click to Access: 
    http://oecd.metastore.ingenta.com/content/5kzk18bplrs5.pdf
  • PDF
  • http://www.keepeek.com/Digital-Asset-Management/oecd/science-and-technology/economics-of-malware_241440230621
  • READ
Author(s):
Michel J.G. van Eeten1, Johannes M. Bauer2
Author Affiliations
  • 1: Delft University of Technology, Netherlands

  • 2: Michigan State University, United States

Publication Date
29 May 2008
Bibliographic information
No:
2008/01
Pages
69
DOI
10.1787/241440230621

Hide / Show Abstract

Malicious software, or malware for short, has become a critical security threat to all who rely on the Internet for their daily business, whether they are large organisations or home users. While originating in criminal behaviour, the magnitude and impact of the malware threat are also influenced by the decisions and behaviour of legitimate market players such as Internet Service Providers (ISPs), software vendors, e-commerce companies, hardware manufacturers, registrars and, last but not least, end users. This working paper reports on qualitative empirical research into the incentives of market players when dealing with malware. The results indicate a number of market-based incentive mechanisms that contribute to enhanced security but also other instances in which decentralised actions may lead to sub-optimal outcomes - i.e. where significant externalities emerge.