|
Does ransomware make investors “WannaCry”? On investors’ divergent reactions to ransomware hits and near misses
Schuetz, Sebastian
;
Chen, Yan
;
Förderer, Jens
;
Ma, Yusi
|
DOI:
|
https://doi.org/10.25300/MISQ/2024/18509
|
|
URL:
|
https://misq.umn.edu/does-ransomware-make-investor...
|
|
Additional URL:
|
https://www.researchgate.net/publication/393376439...
|
|
Document Type:
|
Article
|
|
Year of publication:
|
2025
|
|
The title of a journal, publication series:
|
Management Information Systems : MIS Quarterly
|
|
Volume:
|
49
|
|
Issue number:
|
3
|
|
Page range:
|
1153-1168
|
|
Place of publication:
|
Minneapolis, MN
|
|
Publishing house:
|
MISRC
|
|
ISSN:
|
0276-7783 , 2162-9730
|
|
Publication language:
|
English
|
|
Institution:
|
Business School > Lehrstuhl Wirtschaftsinformatik II (Förderer 2025-)
|
|
Subject:
|
004 Computer science, internet
|
|
Keywords (English):
|
Ransomware , event study , norm theory , near misses , Google trends , cumulative abnormal returns , operational disruptions
|
|
Abstract:
|
In recent years, ransomware has become one of the most dangerous cyber threats, with successful attacks causing severe operational disruptions and staggering damages. Rationally speaking, investors should react negatively to firms’ ransomware disclosures, but this may not always be the case. Based on norm theory, we describe a paradoxical phenomenon wherein investors exhibit negative reactions to ransomware hits (i.e., events that led to operational disruptions) but positive reactions to near misses (i.e., events in which operational disruptions were narrowly avoided). The positive reactions occur due to an outcome bias in which near-miss events—events that are objectively negative but less severe than expected—are viewed positively instead of negatively. We test these predictions by reporting on a novel investigation of stock market reactions to disclosures of ransomware hits vs. near misses. To do so, we assembled an unparalleled dataset of ransomware incidents disclosed by U.S. public firms. Using the event study method, we estimated abnormal stock market returns and found evidence in support of our predictions. First, in line with expectations, ransomware hits that led to the expected severe impact resulted in stock price drops of -4.40%. However, near misses, where disruptions were avoided, were rewarded with gains of 2.87%, confirming positive instead of negative reactions. This offers new insights into investors’ biased responses to certain cybersecurity incidents. These positive reactions, however, are a call for caution, because, albeit seemingly favorable, they mask underlying risks
|
 | Dieser Eintrag ist Teil der Universitätsbibliographie. |
 Search Authors in
BASE:
Schuetz, Sebastian
;
Chen, Yan
;
Förderer, Jens
;
Ma, Yusi
Google Scholar:
Schuetz, Sebastian
;
Chen, Yan
;
Förderer, Jens
;
Ma, Yusi
ORCID:
Schuetz, Sebastian ; Chen, Yan ; Förderer, Jens  ORCID: 0000-0002-3090-4559 ; Ma, Yusi
You have found an error? Please let us know about your desired correction here: E-Mail
Actions (login required)
 |
Show item |
|
