This study focuses on the stock market reaction to denial of service attacks against certain well‐known Internet firms in February 2000. Investors appear to have used several heuristics in deciding which firms were “similar” to those attacked, and thus predicted that they were also likely to be attacked. The primary heuristic employed appears to have been similarity in reliance on the Internet to conduct operating activities (i.e., the set of Internet firms). We find negative mean abnormal returns among Internet firms not actually attacked (i.e., information transfer). This occurred both within Internet industries in which some firms were attacked, and within Internet industries with no attacks. A secondary heuristic appears to have been that Internet firms similar in size to those attacked (i.e., relatively large) were more likely to be attacked. In contrast to all other Internet industries, providers of Internet security products and services experienced positive mean abnormal returns.

This content is only available via PDF.
You do not currently have access to this content.