IDEAS home Printed from
   My bibliography  Save this article

What the hack: Systematic risk contagion from cyber events


  • Corbet, Shaen
  • Gurdgiev, Constantin


This paper examines the impact of cybercrime and hacking events on equity market volatility across publicly traded corporations. The volatility influence of these cybercrime events is shown to be dependent on the number of clients exposed across all sectors and the type of the cyber security breach event, with significantly large volatility effects presented for companies who find themselves exposed to cybercrime in the form of hacking. Evidence is presented to suggest that corporations with large data breaches are punished substantially in the form of stock market volatility and significantly reduced abnormal stock returns. Companies with lower levels of market capitalisation are found to be most susceptible. In an environment where corporate data protection should be paramount, minor breaches appear to be relatively unpunished by the stock market. We also show that there is a growing importance in the contagion channel from cybersecurity breaches to markets volatility. Systematic weakness in the existent mechanisms for cybersecurity oversight and enforcement could be improved through the ring-fenced incentivisation of both current and ex-hackers. Their expertise is central to the identification of weak corporate cybersecurity practices.

Suggested Citation

  • Corbet, Shaen & Gurdgiev, Constantin, 2019. "What the hack: Systematic risk contagion from cyber events," International Review of Financial Analysis, Elsevier, vol. 65(C).
  • Handle: RePEc:eee:finana:v:65:y:2019:i:c:s1057521919300274
    DOI: 10.1016/j.irfa.2019.101386

    Download full text from publisher

    File URL:
    Download Restriction: Full text for ScienceDirect subscribers only

    File URL:
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    1. Anat Hovav & John D'Arcy, 2003. "The Impact of Denial‐of‐Service Attack Announcements on the Market Value of Firms," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 6(2), pages 97-121, September.
    2. Acemoglu, Daron & Malekian, Azarakhsh & Ozdaglar, Asu, 2016. "Network security and contagion," Journal of Economic Theory, Elsevier, vol. 166(C), pages 536-585.
    3. Nelson, Daniel B, 1991. "Conditional Heteroskedasticity in Asset Returns: A New Approach," Econometrica, Econometric Society, vol. 59(2), pages 347-370, March.
    4. Robert Engle, 2004. "Risk and Volatility: Econometric Models and Financial Practice," American Economic Review, American Economic Association, vol. 94(3), pages 405-420, June.
    5. Geoffrey Heal & Howard Kunreuther, 2004. "Interdependent Security: A General Model," NBER Working Papers 10706, National Bureau of Economic Research, Inc.
    6. Geoffrey Heal & Howard Kunreuther, 2007. "Modeling Interdependent Risks," Risk Analysis, John Wiley & Sons, vol. 27(3), pages 621-634, June.
    7. Ciner, Cetin & Gurdgiev, Constantin & Lucey, Brian M., 2013. "Hedges and safe havens: An examination of stocks, bonds, gold, oil and exchange rates," International Review of Financial Analysis, Elsevier, vol. 29(C), pages 202-211.
    8. Kraemer-Mbula, Erika & Tang, Puay & Rush, Howard, 2013. "The cybercrime ecosystem: Online innovation in the shadows?," Technological Forecasting and Social Change, Elsevier, vol. 80(3), pages 541-555.
    9. Baillie, Richard T & Bollerslev, Tim, 2002. "The Message in Daily Exchange Rates: A Conditional-Variance Tale," Journal of Business & Economic Statistics, American Statistical Association, vol. 20(1), pages 60-68, January.
    10. Bastiaan Overvest & Bas Straathof, 2015. "What drives cybercrime? Empirical evidence from DDoS attacks," CPB Discussion Paper 306.rdf, CPB Netherlands Bureau for Economic Policy Analysis.
    11. Dungey, Mardi & Gajurel, Dinesh, 2015. "Contagion and banking crisis – International evidence for 2007–2009," Journal of Banking & Finance, Elsevier, vol. 60(C), pages 271-283.
    12. Camerer, Colin & Loewenstein, George & Weber, Martin, 1989. "The Curse of Knowledge in Economic Settings: An Experimental Analysis," Journal of Political Economy, University of Chicago Press, vol. 97(5), pages 1232-1254, October.
    13. Kevin M. Gatzlaff & Kathleen A. McCullough, 2010. "The Effect of Data Breaches on Shareholder Wealth," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 13(1), pages 61-83, March.
    Full references (including those not matched with items on IDEAS)


    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.

    Cited by:

    1. Akyildirim, Erdinc & Corbet, Shaen & O'Connell, John F. & Sensoy, Ahmet, 2021. "The influence of aviation disasters on engine manufacturers: An analysis of financial and reputational contagion risks," International Review of Financial Analysis, Elsevier, vol. 74(C).
    2. Corbet, Shaen & Goodell, John W., 2022. "The reputational contagion effects of ransomware attacks," Finance Research Letters, Elsevier, vol. 47(PB).
    3. Nadine Gatzert & Madeline Schubert, 2022. "Cyber risk management in the US banking and insurance industry: A textual and empirical analysis of determinants and value," Journal of Risk & Insurance, The American Risk and Insurance Association, vol. 89(3), pages 725-763, September.
    4. Mazaher Kianpour & Stewart J. Kowalski & Harald Øverby, 2021. "Systematically Understanding Cybersecurity Economics: A Survey," Sustainability, MDPI, vol. 13(24), pages 1-28, December.
    5. Tosun, Onur Kemal, 2021. "Cyber-attacks and stock market activity," International Review of Financial Analysis, Elsevier, vol. 76(C).
    6. Daniel Castillo & Joseph Falzon, 2018. "An Analysis of the Impact of WannaCry Cyberattack on Cybersecurity Stock Returns," Review of Economics & Finance, Better Advances Press, Canada, vol. 13, pages 93-100, August.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Torben G. Andersen & Tim Bollerslev & Per Frederiksen & Morten Ørregaard Nielsen, 2010. "Continuous-time models, realized volatilities, and testable distributional implications for daily stock returns," Journal of Applied Econometrics, John Wiley & Sons, Ltd., vol. 25(2), pages 233-261.
    2. Ataurima Arellano, Miguel & Rodríguez, Gabriel, 2020. "Empirical modeling of high-income and emerging stock and Forex market return volatility using Markov-switching GARCH models," The North American Journal of Economics and Finance, Elsevier, vol. 52(C).
    3. Dongweí Su, 2003. "Risk, Return and Regulation in Chinese Stock Markets," World Scientific Book Chapters, in: Chinese Stock Markets A Research Handbook, chapter 3, pages 75-122, World Scientific Publishing Co. Pte. Ltd..
    4. Ardia, David & Hoogerheide, Lennart F., 2010. "Efficient Bayesian estimation and combination of GARCH-type models," MPRA Paper 22919, University Library of Munich, Germany.
    5. Bauer, Rob M M J & Nieuwland, Frederick G M C & Verschoor, Willem F C, 1994. "German Stock Market Dynamics," Empirical Economics, Springer, vol. 19(3), pages 397-418.
    6. Baur, Dirk G. & Smales, Lee A., 2020. "Hedging geopolitical risk with precious metals," Journal of Banking & Finance, Elsevier, vol. 117(C).
    7. G Sandmann & Siem Jan Koopman, 1996. "Maximum Likelihood Estimation of Stochastic Volatility Models," FMG Discussion Papers dp248, Financial Markets Group.
    8. Wei Liu & Bruce Morley, 2009. "Volatility Forecasting in the Hang Seng Index using the GARCH Approach," Asia-Pacific Financial Markets, Springer;Japanese Association of Financial Economics and Engineering, vol. 16(1), pages 51-63, March.
    9. Michael McShane & Trung Nguyen, 2020. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 580-615, October.
    10. Arthur M. Berd & Robert F. Engle & Artem Voronov, 2010. "The Underlying Dynamics of Credit Correlations," Papers 1001.0786,
    11. Marcin Chlebus, 2016. "Can Lognormal, Weibull or Gamma Distributions Improve the EWS-GARCH Value-at-Risk Forecasts?," FindEcon Chapters: Forecasting Financial Markets and Economic Decision-Making, in: Magdalena Osińska (ed.), Statistical Review, vol. 63, 2016, 3, edition 1, volume 63, chapter 4, pages 329-350, University of Lodz.
    12. Ghysels, E. & Harvey, A. & Renault, E., 1995. "Stochastic Volatility," Papers 95.400, Toulouse - GREMAQ.
    13. Oliver Linton & Douglas Steigerwald, 2000. "Adaptive testing in arch models," Econometric Reviews, Taylor & Francis Journals, vol. 19(2), pages 145-174.
    14. Kanungo, Rama Prasad, 2021. "Uncertainty of M&As under asymmetric estimation," Journal of Business Research, Elsevier, vol. 122(C), pages 774-793.
    15. KIMURA Yosuke, 2017. "Heterogeneous Investor Behaviors and Market Volatility in the Tokyo Stock Exchange," Discussion papers 17003, Research Institute of Economy, Trade and Industry (RIETI).
    16. Stanisław Wanat & Sławomir Śmiech & Monika Papież, 2016. "In Search Of Hedges And Safe Havens In Global Financial Markets," Statistics in Transition New Series, Polish Statistical Association, vol. 17(3), pages 557-574, September.
    17. Teräsvirta, Timo, 2006. "An introduction to univariate GARCH models," SSE/EFI Working Paper Series in Economics and Finance 646, Stockholm School of Economics.
    18. Andersen, Torben G. & Bollerslev, Tim & Christoffersen, Peter F. & Diebold, Francis X., 2013. "Financial Risk Measurement for Financial Risk Management," Handbook of the Economics of Finance, in: G.M. Constantinides & M. Harris & R. M. Stulz (ed.), Handbook of the Economics of Finance, volume 2, chapter 0, pages 1127-1220, Elsevier.
    19. Shinichi Kamiya & Jun-Koo Kang & Jungmin Kim & Andreas Milidonis & René M. Stulz, 2018. "What is the Impact of Successful Cyberattacks on Target Firms?," NBER Working Papers 24409, National Bureau of Economic Research, Inc.
    20. Chiara Pederzoli, 2006. "Stochastic Volatility and GARCH: a Comparison Based on UK Stock Data," The European Journal of Finance, Taylor & Francis Journals, vol. 12(1), pages 41-59.

    More about this item


    EGARCH; Financial markets; Cybercrime; Regulation;
    All these keywords.

    JEL classification:

    • G15 - Financial Economics - - General Financial Markets - - - International Financial Markets
    • G32 - Financial Economics - - Corporate Finance and Governance - - - Financing Policy; Financial Risk and Risk Management; Capital and Ownership Structure; Value of Firms; Goodwill
    • G38 - Financial Economics - - Corporate Finance and Governance - - - Government Policy and Regulation


    Access and download statistics


    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:finana:v:65:y:2019:i:c:s1057521919300274. See general information about how to correct material in RePEc.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: . General contact details of provider: .

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service hosted by the Research Division of the Federal Reserve Bank of St. Louis . RePEc uses bibliographic data supplied by the respective publishers.