Malware and market share

This paper presents a game theoretic analysis of the relationship between an information technology platform’s market share, its level of security, and the extent to which malware creators (hackers) target a platform in order to proliferate via the platform’s network externalities. In equilibrium, a platform’s market share is shown to be the square root of the ratio of its competitor’s vulnerability to its own vulnerability. This implies that in order to maintain market share, platform leaders must make increasing investments in cybersecurity, thereby decreasing the platform’s vulnerability. Introduction Malware, a term that combines malicious with software, refers to a computer infection program designed to compromise, damage, or infiltrate a computer, server or network without the user’s knowledge or consent, often for profitable gain. Examples of self-replicating malware include viruses and worms. The potential for malware has been recognized since the dawn of personal computing itself. Hiltzik (1999) recounts a 1978 episode at Xerox’s revolutionary PARC research facility where an employee created a worm whose code became corrupted and caused scores of desktop computers connected to PARC’s Ethernet to repeatedly crash. According to a joint study by International Data Corporation and National Singapore University, for 2014 the annual cost of malware was expected to be over $491 billion a year (Robinson 2014). In addition, consumers would spend 1.2 billion hours dealing with the aftereffects of malware. The direct cost alone would rank malware as the 26 largest country in the world in terms of GDP. In such a high stakes environment it is necessary to understand the strategic incentives facing those who provide security for information technology platforms (e.g., PCs, tablets, smartphones), users who select this technology, and malware that targets users through platforms. As the famous bank robber Willie Sutton reportedly explained, he robbed banks, “because that’s where the money is.” Similarly, hackers write malware to target where users are, and this is determined by the market share of a platform. Everything else held equal, hackers prefer a platform with a larger installed base (Honeynet Project 2004). This paper provides a game theoretic characterization of the relationship between market share, quality (security) of a platform, and the relative degree to which malware creators (hackers) target a platform. Two of the three of these variables: market share and the distribution of malware across platforms, are 11 The use of the term “platform” is widespread in the literature on the economics of two-sided markets, where a platform allows distinct user groups to interface, thereby providing each other with network benefits, often based on economies of scale. Technological devices or systems are quintessential examples of economic platforms because they create network externalities by matching users and application providers.