International trade and cyber conflict: Decomposing the effect of trade on state-sponsored cyber attacks

Abstract

A state’s decision to engage in cyber operations has important implications for its trade. Successful cyber espionage could yield valuable trade secrets that could boost domestic production and spur economic growth. On the other hand, uncovered cyber operations could invite devastating sanctions that retard economic development. In spite of this, the nexus between trade and cyber attacks has received little attention in the literature. In this article, I explore how a state’s trade relations affect its propensity to engage in cyber attacks. I develop a theoretical framework that links the composition of a state’s trade to its deficit in proprietary information relative to other states. I decompose trade into its inter- and intra-industry components and show that while inter-industry trade is associated with higher incidence of state-sponsored cyber attacks, intra-industry trade has the opposite effect. I also show that these effects are non-monotonic, varying by the share of inter- or intra-industry trade in total trade. The results also show that states that have a heavy concentration of high-tech industries such as aerospace, computers, and pharmaceuticals have a higher propensity to engage in cyber espionage operations. These results are robust to a variety of controls and specifications.

Keywords

cyber attacks cyber conflict cyber espionage international trade state-sponsored intra-industry trade

Introduction

The existing literature shows that the possession of corporate proprietary information (or ‘trade secrets’) is often critical in enabling firms to produce and export goods that their competitors cannot produce or produce to the same quality standards (Ettredge, Guo & Li, 2018). This gives such firms an economic and competitive advantage over their market rivals. By the same token, countries that concentrate a lot of firms with proprietary information are able to produce and export goods that other states cannot. This increases the global market share of these countries for the goods concerned (Hauswald & Marquez, 2006; Yazdanifard & Nia, 2011) and offers important economic, strategic and coercive leverage over states that import or are dependent on these goods. This gives dependent countries an important motive to access this proprietary information, frequently via cyber attacks.¹ In this vein, successful cyber espionage operations could be incredibly beneficial to a state’s trade. Apart from enabling the production of more advanced goods, information obtained via successful cyber espionage could potentially shift profits from foreign to domestic firms and thus serves as a form of strategic trade policy (Whitney & Gaisford, 1996). An example of this is the US firm SolarWorld, who reportedly lost $120 million in revenue when Chinese solar panel manufacturers developed competing products based on trade secrets stolen during a cyber attack in 2012 (Roselund, 2017).

However, cyber operations could also backfire with potentially devastating effects on trade if they come to light. Uncovered cyber espionage activities can sour relations between trade partners, increasing the probability of confrontation and punitive measures such as sanctions. An example of this is the economic sanctions the USA imposed on five Russian companies for contributing to the cyber operations of various Russian intelligence agencies. The sanctions prohibit these firms from any transactions involving the US financial system and also bar US companies from doing business with them (Chiacu, 2018). Another example is the trade sanctions imposed by the United States on North Korea’s Korea Tangun Trading Corporation in response to a cyber attack against Sony Pictures Entertainment in 2015. The Korea Tangun Trading Corporation is primarily responsible for the procurement of commodities and technologies and is critical to North Korea’s nuclear and ballistic missile programs (BBC, 2015).

The trade consequences of cyber operations are thus of grave importance. Yet, the nexus between international trade and state-sponsored cyber attacks has received very little attention in the existing literature. In this article, I aim to help address this gap by shedding light on how a state’s trade affects its propensity to launch cyber attacks against other states. I develop a theoretical framework that links the composition of a state’s trade to its deficit in proprietary information relative to its trading partners. I argue that states who largely engage in inter-industry trade have a bigger information deficit than those primarily engaged in intra-industry trade. Since proprietary information is a major driver for cyber attacks, we expect that inter-industry traders have a higher propensity to engage in cyber attacks than intra-industry traders.

Decomposing trade into its inter- and intra-industry components, I demonstrate that while inter-industry trade is associated with higher incidence of state-sponsored cyber attacks, increased intra-industry trade has the opposite effect. I also show that the amplifying effect of inter-industry trade on cyber attacks is weakest at low levels of inter-industry trade but strengthens as the share of inter-industry trade increases. Similarly, the drive to engage in state-sponsored cyber attacks is strongest at low-levels of intra-industry trade but weakens as the fraction of intra-industry trade increases. In this way, I demonstrate for the first time that the effect of international trade on state-sponsored cyber attacks is non-monotonic, varying according to the specific share of inter- or intra-industry trade. The results also show that states that have a heavy concentration of high-tech industries such as aerospace, computers, and pharmaceuticals have a higher propensity to engage in cyber espionage operations. These results are robust to a variety of controls and specifications.

In the sections that follow, I discuss state-sponsored cyber attacks and the links between corporate proprietary information and cyber attacks. I also explain how inter- and intra-industry trade affect state propensity for cyber attacks. I then present the analytical framework. Results and conclusions follow.

State-sponsored cyber attacks

State-sponsored cyber attacks refer to computer-enabled illegal, criminal or disruptive activities that are legally attributable to a government or state-affiliated agency. The past few years have seen a marked increase in incidents of state-sponsored cyber attacks (Valeriano & Maness, 2014). Although technological advancements have spurred improvements in the attribution of cyber attacks, the difficulty of attributing attacks in a way that is independently verifiable offers cover to attacker states and encourages the use of cyber attacks (Lindsay, 2015; Rid & Buchanan, 2015).

Although the literature examining state-sponsored cyber attacks is comparatively small, we can categorize them into three broad branches. The first branch focuses on the military drivers of state-sponsored cyber operations. This literature is primarily informed by long-running debates in the cyber conflict literature about the nexus between cyber attacks and militarized conflict among rival states. The focus is on the potential for cyber attacks to change the power dynamics between states. Some analysts focus on the potential for cyber attacks to serve as substitutes for conventional interstate armed conflict (e.g. Martin, 2001; Ryu, Kim & Um, 2009). These analysts emphasize the opportunities cyber conflict presents for militarily weak states to shift the balance of power in their favor. For example, society’s increasing reliance on technology creates exploitable vulnerabilities that have the potential to change the character and conduct of combat operations during interstate armed conflict. Small militarily weak states can exploit these vulnerabilities to frustrate and hurt militarily strong states who might otherwise be immune to territorial onslaught.

Other analysts take a different view, emphasizing the potential of cyber operations to act not as a substitute but a useful complement to conventional interstate armed conflict (e.g. Gartzke, 2013; Lindsay, 2013; Valeriano & Maness, 2014). These analysts argue that cyber attacks are useful for warfare purposes only to the extent that they can be integrated into existing terrestrial military and combat strategies. These analysts also highlight the difficulty of leveraging cyber weapons for offensive purposes due to the inherent difficulty of developing effective cyber weapons. Moreover, the use of cyber attacks as a tool for conflict has not developed to the extent of allowing aggressors to accomplish what would be achieved with the use of terrestrial military violence (Valeriano & Maness, 2014). In this framework, the states that are most capable of wielding cyber weapons for offense are those that are already militarily strong in conventional warfare. Cyber weapons thus do not offer much opportunity for any substantial change in power dynamics between militarily weak and strong states in the conflict arena.

The second branch of the literature focuses on the political and strategic drivers for interstate cyber operations (e.g. Denning, 2001; Iasiello, 2013; Matusitz, 2005; Tereshchenko, 2012). Analysts here emphasize the potential for cyber weapons to be useful in states’ efforts to balance against other states and to seek retribution for past grievances. The United States, for instance, has been a dominant global force economically, militarily, and politically since the end of the Cold War. In pursuit of its continued dominance, the United States has adopted a proactive foreign policy, particularly in the years following the 9/11 terrorist attacks (Oliver, 2007; Scott, 2009). In addition to its efforts to contain terrorist threats, it has tried to rescue troubled states, intervening militarily in Libya, Somalia, and Haiti, among others. It has attempted to defend human rights round the world, suppressing undesirable nationalist movements and sanctioning repressive regimes. It has also attempted to restrain so-called rogue states such as Iraq under Saddam Hussein and has sought to discourage the spread of nuclear weapons, leading to constant tensions with North Korea and Iran.²

The United States has faced considerable pushback from its rivals for its activist agenda. Evidence suggests that rival states like North Korea and Iran have taken advantage of rapid advancements in computer systems and cyber technology to launch cyber attacks against the USA for its activist foreign policy. For instance, following a suspected chemical weapons attack on civilians near Damascus in April 2018, the United States threatened military action against the Assad regime in Syria. In the months following this threat, intelligence analysts observed an uptick in cyber attacks aimed at the USA and other Western states. Analysts have attributed these attacks to a state-supported hacker collective known as the Syrian Electronic Army that has been linked to attacks on Western media outlets (Bishop & Kharpal, 2014).

The third branch of the literature focuses on the economic incentives for interstate cyber operations (e.g. Brenner & Crescenzi, 2006; Fidler, 2013; Pelican, 2011; Van Arnam, 2001). This is the branch of the literature that this article most directly contributes to. The focus here is on the potential benefits that states can derive from information gleaned from cyber espionage operations against rival states. Espionage here refers to efforts by governments to acquire protected or classified information from another entity (e.g. a foreign government, corporation, group, etc.) (Lotrionte, 2014). Such operations are particularly likely where an information gap exists between countries.

An information gap exists between states when one of them possess information that the other state finds valuable. Examples of such information include details on the other state’s military capabilities, diplomatic activities, and economic plans (Lotrionte, 2014). The drive to acquire such information is an important motive for interstate espionage (Brenner & Crescenzi, 2006). For instance, US intelligence agencies conduct counter-intelligence operations on issues such as trade negotiations and corrupt business practices by foreign agents. Policymakers can use this information for strategic decisionmaking such as what position to take in trade negotiation or whether to raise interest rates or not (Pelican, 2011). Other intelligence agencies are adept at collecting specific types of intelligence. Chinese intelligence agencies, for example, have a reputation for gathering economic intelligence (Eftimiades, 2017; Lewis, 2009).

Trade secrets and cyber operations

One information gap that matters a great deal for interstate economic relations is that relating to the possession of corporate proprietary information. Trade secrets include assets such as patterns, formulas, production techniques, and procedures that are not in the public domain. The existing literature shows that the possession of proprietary information is often critical to the dominance of domestic firms over their foreign rivals (Ettredge, Guo & Li, 2018). Examples of trade secrets include technical designs for Boeing’s Max 737 airplane’s ventilation system and Google’s proprietary search algorithm, which has helped it achieve dominance over the Internet. Firms that possess proprietary information are able to produce and export goods that their foreign competitors cannot. This gives these firms an economic advantage over their rivals both domestically and overseas and gives rival firms an incentive to attempt to acquire this information, particularly those with the capacity to deploy it in their own production.

In a similar vein, countries that concentrate a lot of firms that possess proprietary information are able to produce and export goods that their trading partners cannot produce (or produce to the same quality standards). This increases the global market share of these countries for the goods concerned. In addition, such countries can leverage their ability to supply these goods to increase their economic power and dominance over their trading partners (Akoto, Peterson & Thies, 2020). States that import and are thus dependent on others for these goods have an incentive to limit their dependence on these countries by producing these goods domestically, which requires access to proprietary information that is held by foreign firms. States therefore have an incentive to acquire this information.

Given this, states are likely to turn to cyber espionage because among the possible options, it presents the least risk. First, the appropriation of trade secrets is greatly facilitated by advances in modern computing technology. Hackers can now remotely access information in ways that were unimaginable just a decade or two ago. An enterprising hacker with a simple laptop and an internet connection can remotely copy terabytes of confidential information within minutes, with very little risk of detection. Second, cyber espionage that turns up trade secrets lowers the fixed costs associated with research and development for domestic firms that end up with this information. This could spur improvements in the productivity of these firms and enhance their competitiveness on world markets. Some analysts contend, for instance, that the information gleaned from Chinese cyber espionage activities has been instrumental in improving the global competitiveness of beneficiary Chinese firms (Klimburg, 2011; Roselund, 2017). This lowers the cost of doing business for such firms and could be pivotal in keeping them profitable and operational. In addition, proprietary information obtained via espionage reduces the need for states to invest in research and development programs, increasing their international competitiveness at the expense of attacked states (Lotrionte, 2014).

The information gap between states, evidenced by the drive to obtain corporate proprietary information, is thus an important motive for interstate cyber operations. However, despite the low barriers to entry, there are relatively few states that engage in such operations. Some analysts suggest that this is because it is relatively difficult for states to profit from pilfered trade secrets and cyber technology (Gilli & Gilli, 2019). Countries must have the necessary technical skills and competencies to successfully execute cyber espionage operations. Indeed, one of the ways analysts identify whether state actors are behind certain cyber breaches is by examining the level of sophistication of these attacks. Even once the information has been successfully exfiltrated, the state must have the necessary resources and infrastructure to exploit the information. Many countries lack such capabilities. The number of countries that engage in cyber espionage would thus be relatively limited. Existing evidence lends support to this. Work by Valeriano & Maness (2014) shows that few states engage in cyber operations against other states. Moreover, most reported incidents tend to involve the same set of countries (USA, Russia, China, Iran, North Korea, and a few others). In the next section, I discuss how the composition of trade conditions these espionage efforts.

How trade composition matters

We can infer the information gap that exists between states as it relates to their possession and use of corporate proprietary information by observing the composition of states’ trade. Classic models of trade are based on the principle of comparative advantage, founded on David Ricardo’s (1913) proposal that states benefit from specializing in the production of goods they are efficient at producing and trading them for other goods produced elsewhere by the same principle of efficiency maximization. The Heckscher-Ohlin (HO) model extends this basic argument to include three factors of production – land, labor, and capital – that endow states with their comparative advantage (Ohlin, 1935). A classic example of this is when France exports wine to Britain and imports British cloth.

Such trade was characteristic of what has become known as the ‘first wave of globalization’ (Harley, 1996). International trade during the first wave of globalization which started in the mid-19th century was primarily driven by comparative advantage, resulting in strong inter-industry (exchange of one type of good for another) trade patterns. For instance, the USA and Europe largely imported agricultural commodities, minerals, and other raw materials from developing countries and exported manufactured goods like textiles, railroad materials, and industrial goods in return (Madeira, 2016). Trade was therefore largely between industries.

However, the nature of international trade has changed over time. Since the end of World War II, trade has increasingly shifted from inter- to intra-industry. This intra-industry trade (IIT) has expanded rapidly in the last few decades, now accounting for the bulk of international trade (Alt et al., 1996; Milner, 1999). Intra-industry trade involves the exchange of goods of comparable quality that perform the same function but which are differentiated by brands (horizontal IIT). This type of trade is driven by differences in consumer taste and preferences across states (Krugman, 1979). One example is German exports of Volkswagen SUVs in exchange for US-made Ford SUVs of comparable quality. Such trade is most common among countries that have comparable economic development and similar factor prices (Fontagné, Freudenberg & Péridy, 1998; Markusen & Venables, 1998).

Intra-industry trade also involves the exchange of similar goods that are differentiated by quality (vertical IIT). An example of such trade is the case where China exports low-quality women’s shoes to Italy while importing similar but higher-quality shoes in return. This type of intra-industry trade is often driven by the desire of firms (particularly multinational firms) to take advantage of lower tariffs and transport costs by situating the various stages of production in different countries (Greenaway, Hine & Milner, 1995). The drive to minimize costs gives firms an incentive to specialize production in countries according to relative factor prices. The relative abundance of capital in developed countries means that it is cost-efficient to produce capital-intensive goods in developed countries and to produce less capital-intensive (or more labor-intensive) goods in the developing world. Prior research supports these assertions, showing that vertical intra-industry trade often occurs between developed and developing countries (Fontagn´e, Freudenberg & P´eridy, 1998; Manger, 2012).

Based on these considerations, we expect that the composition of a state’s trade should matter for its cyber attack propensity. As highlighted previously, inter-industry trade involves the exchange of distinct commodities of goods between countries. A high inter-industry trade is thus indicative of a state that imports goods that it does not have the capacity or knowledge to produce itself. This suggests that such countries have a proprietary information deficit relative to their trading partners. This puts these countries at an economic and coercive disadvantage relative to their trading partners and provides an incentive to stage cyber operations to acquire this information. Consequently, we would expect that countries with a high proportion of inter-industry trade (as a share of their total trade) are more likely to engage in cyber operations against other states. In addition, we would expect that this drive to engage in cyber espionage would be greater when the fraction of inter-industry trade is high and become weaker as the information gap closes, that is, as trade becomes less inter-industry.

The Iranian case serves as a useful illustration of this. Data from the Observatory of Economic Complexity (OEC) shows that in 2017, Iran exported approximately $53 billion worth of goods to its trading partners against imports of $49 billion, making Iran the 46th largest export economy in the world (Observatory of Economic Complexity, 2019). Although it is primarily known for its crude oil exports, Iran also exports significant quantities of manufactured products including gas turbines, centrifuges, medical equipment, vehicle parts, firearms, weapons parts, and accessories. These are exported to a variety of countries across the world including China, India, South Korea, Italy, and Japan. Iran’s major imports are cars, chemical products, and household electronics from trading partners including Germany, China, Turkey, and India. Trade data from UN COMTRADE thus shows that over 90% of Iran’s annual trade is inter-industry (United Nations, 2018).

Alongside its trade activities, Iran is a very active player in the state-sponsored cyber operations arena. In March 2018, the United States government charged and sanctioned several Iranian individuals for hacking hundreds of US firms to steal proprietary information. These individuals were all affiliated with Iran’s Mabna Institute, an organization known to be contracted by the Iranian government and private sector firms within Iran to hack foreign rivals (Volz, 2018). The indictment shows that cyber attacks that began in 2013 and that were conducted by hackers affiliated with the Mabna Institute reportedly pilfered more than 31 terabytes of trade secrets, intellectual property, and academic data from 144 US universities and 36 private firms including 11 technology companies, an industrial machinery firm, and a biotechnology company.

These highly sophisticated attacks involved extensive research on academics, company employees, and executives who were then targeted with personalized emails tailored to their academic interests, publications, and job functions. Links embedded in these emails would direct those who clicked on them to bogus websites where their log-in details were collected. With these compromised accounts, hackers were able to steal reams of confidential information, academic data, and proprietary information related to product designs, experimental protocols, and client lists. This information was then passed on to Iranian competitor firms and to Iran’s Revolutionary Guard and other government intelligence agencies or auctioned off on the dark web to other malicious actors (Volz, 2018). Pakistan and Syria are other countries with high inter-industry trade that also exhibit high state-sponsored cyber espionage activity.

In contrast, we would expect intra-industry trade to indicate a reduced propensity for a state to use cyber operations. Under intra-industry trade, countries exchange the same goods or goods of comparable quality. This suggests that countries possess similar production techniques, manufacturing capacity, and skilled workforce. That is, high intra-industry trade countries possess the same or similar amount of corporate proprietary information as their trading partners that is leveraged to produce its manufactured products. Consequently, the information gap between countries engaged in intra-industry trade is lower than the case for those engaged in inter-industry trade. We therefore expect that states whose trade is dominated by intra-industry trade are less likely to use cyber espionage operations against other states. Additionally, we would expect that the drive to use cyber operations would be greatest at low levels of intra-industry and decrease as the information gap between the state and its trading partners decrease, that is, as trade becomes more intra-industry.

We can illustrate this with the case of Canada. Data from the OEC shows that in 2017, Canada exported $377 billion worth of goods overseas against imports of $326 billion (Observatory of Economic Complexity, 2019). This makes Canada the 12th largest export economy in the world. In addition to crude oil, Canada’s main exports are cars, vehicle parts, and gas turbines which it exports to the United States, China, Japan, and Mexico. Its major imports are cars, vehicle parts, and delivery trucks, which it sources from the United States, China, Germany, and Mexico. Its trade is therefore highly intra-industry. A frequent target of cyber attacks, Canada has so far refrained from the use of state-sponsored cyber operations although it has the necessary technical capacity and skill base to mount relatively sophisticated cyber operations should it choose to do so. France, Germany, and the UK are other countries with high levels of intra-industry trade that exhibit remarkably low levels of state-sponsored cyber espionage operations. I test the propositions laid out in this section empirically in the next section.

Analytical framework

I test the argument that a state’s engagement in cyber espionage operations is influenced by the composition of its trade, which is indicative of the proprietary information gap between it and its trading partners. I argue that states who largely engage in inter-industry trade have a bigger information deficit than those primarily engaged in intra-industry trade. Consequently, we expect that inter-industry traders will have a higher propensity to engage in cyber attacks than intra-industry traders. Additionally, we expect this effect to vary as the fraction of inter- or intra-industry trade changes. I test these propositions for a global sample of 24 countries, limited by data availability on key variables, over the period 2000–16.³

Capturing cyber espionage

To capture state cyber espionage operations, I draw on the Dyadic Cyber Incident and Campaign Dataset (DCID) version 1.5 compiled by Maness, Valeriano & Jensen (2019). The DCID dataset is one of the most comprehensive datasets available that capture interstate cyber operations. Maness, Valeriano & Jensen (2019) focus on cyber incidents between interstate rivals, drawing on findings in the literature that show that the majority of state-sponsored cyber attacks are typically aimed at rival states. This helps simplify the complicated process of identifying cyber attacks. The DCID dataset identifies suspected attackers and their state sponsors on the basis of published news and cyber security reports about the incidents, particularly if the attacker’s tools, procedures, and techniques conform to what is known about a state’s preferred methods of intrusion. They also institute a time lag in the data collection effort to allow for changes in reported attribution of attacks.

To capture incidents of state-sponsored cyber espionage, I create a dichotomous variable – Cyber espionage. This variable is coded 1 (0 otherwise) if a state engages in short- or long-term espionage operations in a given year as coded by Maness, Valeriano & Jensen (2019). This variable thus captures all instances of espionage operations aimed at extracting information for immediate, short-term advantage (for example Russia stealing information on US trade negotiating position) as well as operations that confer longer-term advantage (e.g. China’s theft of Lockheed Martin’s F-35 plans).⁴

Capturing trade

I employ trade data disaggregated to the commodity level using the Standard International Trade Classification (SITC) level 5, the most detailed level of disaggregation under the SITC convention. SITC trade data come from UN COMTRADE (2018). I disaggregate a state’s trade into the fraction accounted for by inter-and intra-industry trade. Following standard convention, trade is classified as inter-industry if a country only imports (exports) a particular commodity without exporting (importing) it. Following Manger (2012), I also classify trade as inter-industry if a state engages in two-way trade of a commodity but the value of the smaller flow is less than 10% of the larger one. Such trade is likely based on comparative advantage differences between the country and its trade partners. The 10% cutoff eliminates trades that are not a structural feature of bilateral trade and helps us avoid overstating the value of intra-industry trade.⁵ I then express inter- and intra-industry trade as a fraction of each state’s total trade.

Controls

I control for a number of possible confounding factors. To engage in cyber operations, states must have the capacity to launch cyber attacks. This requires the presence of sophisticated computer networks and infrastructure in the attacker country. Attacks are also more likely when there is reliable access to the internet. Both of these are more likely in relatively wealthy developed states. To account for these factors I include controls for GDP and GDP per capita. Data on GDP and per capita income come from the World Bank’s World Development Indicators database (World Bank, 2018). I also include a control for the fraction of the population in each state that has access to the Internet. Data on Internet access come from the World Development Indicators database (World Bank, 2018).

As highlighted earlier, countries are particularly likely to engage in cyber espionage operations if they possess the capacity to productively employ the pilfered information. To account for this, I control for the productive capacity of each state’s economy by drawing on the Economic Complexity Index (ECI) from the MIT’s Observatory of Economic Complexity (2019). This index is calculated based on the methodology described in Hidalgo & Hausmann (2009) and captures the underlying sophistication of each country’s economic productive capacity.

State-sponsored cyber espionage operations may also be influenced by a country’s foreign policy preferences and its orientation towards the global hegemonic status quo. Countries like China and Russia that aim to challenge US global dominance may be more inclined to use cyber operations for instance. To capture foreign policy preferences, I use the Idealpoint index developed by Bailey, Strezhnev & Voeten (2017). Their index draws on a state’s voting record in the UN General Assembly to make inferences about its general foreign policy preferences, in relation to that of the United States. Higher values of this index indicate greater alignment with US foreign policy preferences.

Cyber attacks are also more likely to originate from non-democratic or authoritarian states where cyber laws are weak and can be flouted with impunity by the state or private malicious actors. To account for this, I include the Polity IV scores for the attacker state in all estimated models. Polity scores measure how politically competitive a polity is and range from –10 for full autocracies to +10 for fully democratic states. Polity data come from Marshall & Jaggers (2016). Cyber attacks are also more likely when the states involved are in an armed conflict. In such cases, cyber attacks may just be an alternate form of warfare pursued by the attacker state against the target. To account for this, I include a dichotomous variable coded 1 (0 otherwise) for years in which the relevant country is engaged in an interstate armed conflict. Conflict data come from the UCDP/PRIO Armed Conflict Dataset (Gleditsch et al., 2002; Pettersson, Högbladh & Öberg, 2019). Online appendix Table I has descriptive statistics for selected variables.

Analysis

Our theoretical framework suggests a non-monotonic effect of our explanatory variables on our dependent variable. That is, the drive to engage in cyber attacks should be weaker for low levels of inter-industry trade and increase as the fraction of inter-industry trade increases. Correspondingly, the drive to use cyber operations should be stronger at lower levels of intra-industry trade and decrease as the fraction of intra-industry trade increases. To capture this non-linearity, I estimate natural cubic spline models. A spline model is a non-parametric regression approach that divides the data into discrete bins, fitting a separate polynomial regression to each bin. These separate fits are then ‘splined’ together to smoothly interpolate between the bins. This allows us to capture the dynamic effects of increasing values of inter- and intra-industry trade on a state’s propensity to use cyber attacks.

Within this framework, I estimate baseline panel logistic regression models. In addition, I estimate mixed-effects models to account for the various idiosyncratic factors that influence whether a country engages in cyber operations or not. For instance, Russia has a long-established history of state-sponsored cyber operations against other states and so may engage in cyber operations with relative ease. On the other hand, the United Kingdom is relatively restrained in its use of cyber operations although it has the requisite capacity to be much more aggressive. It is difficult to capture these country-specific tendencies to engage in cyber operations with any one set of controls. Also, the time-series cross-sectional structure of the dataset means that state-year observations are likely interdependent. The mixed-effects models, which include controls for both year and state fixed effects, help account for potential omitted variable biases, temporal trends, and interdependencies inherent in the structure of our dataset. Cyber attacks are also relatively rare, so in addition to these models I estimate rare events logistic models to account for the relative rarity of cyber attacks. These additional models serve as an important check on the robustness of the baseline logistic models.

Results

I start by examining how inter-industry trade affects states’ propensity to use cyber attacks. The results of this analysis are presented in Table I (Models 1–3). Model 1 is the baseline logistic model while Models 2 and 3 are the mixed-effects and rare events models, respectively. I lag inter-industry trade by one year to avoid possible simultaneity bias. All three splines of inter-industry trade indicate a positive effect of increased inter-industry trade on cyber espionage propensity, indicating that states whose trade is largely inter-industry are likely to engage in cyber operations. This is consistent across all the estimated models and is in line with our theoretical expectations. I re-estimate these models using an alternate threshold for the classification of trade as inter-industry. Recall that for the main analysis, trade is classified as inter-industry if there is only one-way trade of a commodity or if trade is two-way but the value of the smaller flow is less than 10% of the larger one. This 10% cutoff eliminates trades that are not a structural feature of bilateral trade. To ensure that the results are not dependent on this cutoff threshold, I reclassify inter-industry trade using a 15% cutoff, that is, if the value of the smaller flow is less than 15% of the larger one. The results of using this alternate measure of inter-industry trade are also presented in

Table I.

Inter-industry trade and cyber espionage propensity

	DV: Cyber espionage
	Logistic	Generalized linear mixed-effects	Rare events logistic	Logistic	Generalized linear mixed-effects	Rare events logistic
	Model 1	Model 2	Model 3	Model 4	Model 5	Model 6
Inter-industry trade spline 1 _t −1	1.96∗	1.37	1.84†
Inter-industry trade spline 1 _t −1	(0.07, 3.85)	(−0.65, 3.38)	(−0.05, 3.73)
Inter-industry trade spline 2 _t −1	10.41∗∗	9.93∗∗	9.76∗∗
Inter-industry trade spline 2 _t −1	(4.81, 16.00)	(3.99, 15.86)	(4.16, 15.35)
Inter-industry trade spline 3 _t −1	2.61∗	2.72∗	2.45∗
Inter-industry trade spline 3 _t −1	(0.34, 4.87)	(0.32, 5.12)	(0.18, 4.71)
Alt.inter-industry trade spline 1 _t −1				2.68∗∗	2.02†	2.49∗
				(0.71, 4.66)	(−0.07, 4.10)	(0.52, 4.47)
Alt.inter-industry trade spline 2 _t −1				10.76∗∗	9.97∗∗	9.99∗∗
Alt.inter-industry trade spline 2 _t −1				(4.47, 17.05)	(3.52, 16.43)	(3.69, 16.28)
Alt.inter-industry trade spline 3 _t −1				2.92∗	2.99∗	2.72∗
Alt.inter-industry trade spline 3 _t −1				(0.63, 5.22)	(0.55, 5.42)	(0.43, 5.02)
Internet access	0.04∗	0.01	0.03∗	0.04∗	0.01	0.03∗
Internet access	(0.01, 0.07)	(−0.03, 0.05)	(0.003, 0.06)	(0.01, 0.07)	(−0.03, 0.05)	(0.003, 0.06)
log(GDP)	1.04∗∗	1.08∗∗	0.96∗∗	1.02∗∗	1.06∗∗	0.95∗∗
log(GDP)	(0.69, 1.38)	(0.69, 1.47)	(0.62, 1.31)	(0.69, 1.36)	(0.68, 1.44)	(0.61, 1.29)
log(GDPpc)	−1.22∗∗	−1.18∗∗	−1.14∗∗	−1.19∗∗	−1.16∗∗	−1.11∗∗
log(GDPpc)	(−1.96, −0.49)	(−2.04, −0.31)	(−1.87, −0.41)	(−1.92, −0.47)	(−2.02, −0.31)	(−1.83, −0.39)
Polity	−0.10∗∗	−0.11∗∗	−0.09∗	−0.09∗	−0.10∗	−0.09∗
Polity	(−0.18, −0.03)	(−0.20, −0.03)	(−0.17, −0.02)	(−0.17, −0.02)	(−0.19, −0.02)	(−0.16, −0.01)
Conflict	−1.58	−1.73	−1.09	−1.65	−1.72	−1.17
Conflict	(−3.89, 0.72)	(−4.27, 0.80)	(−3.40, 1.21)	(−3.96, 0.66)	(−4.21, 0.77)	(−3.47, 1.14)
Idealpoint	1.20∗∗	1.40∗∗	1.12∗∗	1.11∗∗	1.31∗∗	1.04∗∗
Idealpoint	(0.58, 1.81)	(0.74, 2.06)	(0.50, 1.74)	(0.52, 1.70)	(0.68, 1.95)	(0.45, 1.63)
Eco. complexity	−1.49∗	−1.02	−1.38†	−1.39∗	−0.90	−1.29†
Eco. complexity	(−2.89, −0.08)	(−2.63, 0.59)	(−2.79, 0.02)	(−2.77, −0.000)	(−2.50, 0.69)	(−2.68, 0.09)
Constant	−22.97∗∗	−23.85∗∗	−21.33∗∗	−23.35∗∗	−23.76∗∗	−21.64∗∗
Constant	(−32.52, −13.41)	(−34.51, −13.19)	(−30.89, −11.77)	(−32.96, −13.75)	(−34.35, −13.17)	(−31.25, −12.04)
N	279	279	279	279	279	279
Log likelihood	−109.01	−102.17	−109.01	−109.02	−102.47	−109.02
AIC	240.01	230.35	240.01	240.05	230.95	240.05
BIC		277.55			278.16

Coefficients with 95% confidence intervals in parentheses. † p < 0.1, * p < 0.05, ** p < 0.01.

Figure 1.

Substantive effects of inter- and intra-industry trade on cyber espionage

Table I (Models 4–6). Model 4 is the baseline logistic model while Models 5 and 6 are the mixed-effects and rare events models, respectively. The results here are consistent with those obtained previously – increased share of inter-industry trade is associated with a higher propensity to engage in cyber attacks.

The cubic spline nature of our inter-industry trade coefficients complicate their direct interpretation, so to ease this I estimate predicted probabilities of cyber attacks for varying levels of inter-industry trade. This gives us a visual representation of the dynamic effects of changing inter-industry trade on cyber propensity. For these analyses all other variables are held at their mean levels. The results are presented in the top panel of Figure 1. The analysis shows that while increases in the share of inter-industry trade are associated with an increased probability of cyber operations, the strength of this association varies as the fraction of inter-industry trade changes. The association between inter-industry trade and cyber espionage is weak at low levels of inter-industry trade but becomes significantly stronger as trade becomes more inter-industry. This is consistent across all the estimated models and supports our theoretical expectations that the effect of inter-industry trade on cyber operations is non-monotonic.

I repeat the analysis for intra-industry trade. The results are presented in Table II (Models 1–3). Model 1 is the baseline logistic model while Models 2 and 3 are the mixed-effects and rare events models, respectively. As before, I lag intra-industry trade by a year to avoid possible simultaneity bias. The results indicate that increased intra-industry trade has a generally negative effect on the propensity to engage in cyber espionage. This is consistent across all the estimated models and comports with our theoretical expectations. Again, I re-estimate these models using a 15% threshold for intra-industry trade. That is, two-way trade in a commodity is classified as intra-industry only if the value of the smaller flow is greater than 15% of the larger one. This allows us to determine how robust the results are to changes in the trade cut-off threshold. The results are presented in Table II (Models 4–6). Model 4 is the baseline logistic model while Models 5 and 6 are the mixed-effects and rare events models, respectively. The results remain unchanged, confirming that increased intra-industry trade is associated with a decreased propensity of state-sponsored cyber espionage.

To ease the interpretation of the estimated coefficients, I estimate predicted effects of varying levels of intra-industry trade on cyber espionage propensity. All other variables are held at their mean levels. The results of this analysis are presented in the bottom panel of Figure 1. The analysis shows that while increased intra-industry trade is generally associated with a reduced propensity to engage in cyber operations, the magnitude of this effect differs for different levels of intra-industry trade. That is, the drive to engage in cyber attacks is strongest at lower levels of intra-industry trade and decreases as the fraction of intra- industry trade increases. This is consistent with our theoretical predictions and confirms that the effect of intra-industry trade on cyber attacks is indeed non-monotonic.

Figure 2 presents plots of the results of using alternate measures for both inter- and intra-industry trade. These results are consistent with those obtained earlier and indicate that the effects of trade on cyber attacks is robust to changes in the cutoff thresholds for inter- and intra-industry trade. I also re-estimate the models for cyber espionage attempts but this time focusing specifically on attacks directed towards private sector entities. The results, presented in Online appendix Tables III and IV, remain substantively unchanged.

In addition, states engaged in interstate conflict may be particularly likely to use cyber attacks, as highlighted earlier. The current analysis already includes a control for years in which a state is engaged in an ongoing interstate conflict. To ensure the robustness of the results to ongoing conflict dynamics, I add an additional control for interstate conflict – the number of militarized interstate disputes the state is part of. These data comes from the Correlates of War Militarized Interstate Disputes dataset (v4.3) (Maoz et al., 2019; Palmer et al., 2020). The results, presented in Online appendix Tables V and VI,

Table II.

Intra-industry trade and cyber espionage propensity

	DV: Cyber espionage
	Logistic	Generalized linear mixed-effects	Rare events logistic	Logistic	Generalized linear mixed-effects	Rare events logistic
	Model 1	Model 2	Model 3	Model 4	Model 5	Model 6
Intra-industry trade spline 1 _t −1	0.80	0.80	0.74
Intra-industry trade spline 1 _t −1	(−1.47, 3.06)	(−1.64, 3.24)	(−1.52, 3.00)
Intra-industry trade spline 2 _t −1	−5.31∗	−5.94∗	−4.98∗
Intra-industry trade spline 2 _t −1	(−9.62, −1.00)	(−10.51, −1.37)	(−9.29, −0.67)
Intra-industry trade spline 3 _t −1	−4.86∗∗	−4.51∗∗	−4.56∗∗
Intra-industry trade spline 3 _t −1	(−7.48, −2.25)	(−7.27, −1.75)	(−7.18, −1.94)
Alt.intra-industry trade spline 1 _t −1				0.26	0.22	0.23
Alt.intra-industry trade spline 1 _t −1				(−2.07, 2.58)	(−2.27, 2.71)	(−2.10, 2.56)
Alt.intra-industry trade spline 2 _t −1				−5.45∗	−5.97∗	−5.08∗
Alt.intra-industry trade spline 2 _t −1				(−9.84, −1.07)	(−10.60, −1.33)	(−9.46, −0.69)
Alt.intra-industry trade spline 3 _t −1				−5.34∗∗	−4.84∗∗	−4.96∗∗
Alt.intra-industry trade spline 3 _t −1				(−8.25, −2.43)	(−7.83, −1.86)	(−7.87, −2.05)
Internet access	0.04∗	0.01	0.03∗	0.04∗	0.01	0.03∗
Internet access	(0.01, 0.07)	(−0.03, 0.05)	(0.003, 0.06)	(0.01, 0.07)	(−0.03, 0.05)	(0.003, 0.06)
log(GDP)	1.04∗∗	1.08∗∗	0.96∗∗	1.02∗∗	1.06∗∗	0.95∗∗
log(GDP)	(0.69, 1.38)	(0.69, 1.47)	(0.62, 1.31)	(0.69, 1.36)	(0.68, 1.44)	(0.61, 1.29)
log(GDPpc)	−1.22∗∗	−1.18∗∗	−1.14∗∗	−1.19∗∗	−1.16∗∗	−1.11∗∗
log(GDPpc)	(−1.96, −0.49)	(−2.04, −0.31)	(−1.87, −0.41)	(−1.92, −0.47)	(−2.02, −0.31)	(−1.83, −0.39)
Polity	−0.10∗∗	−0.11∗∗	−0.09∗	−0.09∗	−0.10∗	−0.09∗
Polity	(−0.18, −0.03)	(−0.20, −0.03)	(−0.17, −0.02)	(−0.17, −0.02)	(−0.19, −0.02)	(−0.16, −0.01)
Conflict	−1.58	−1.73	−1.09	−1.65	−1.72	−1.17
Conflict	(−3.89, 0.72)	(−4.27, 0.80)	(−3.40, 1.21)	(−3.96, 0.66)	(−4.21, 0.77)	(−3.47, 1.14)
Idealpoint	1.20∗∗	1.40∗∗	1.12∗∗	1.11∗∗	1.31∗∗	1.04∗∗
Idealpoint	(0.58, 1.81)	(0.74, 2.06)	(0.50, 1.74)	(0.52, 1.70)	(0.68, 1.95)	(0.45, 1.63)
Eco. complexity	−1.49∗	−1.02	−1.38†	−1.39∗	−0.90	−1.29†
Eco. complexity	(−2.89, −0.08)	(−2.63, 0.59)	(−2.79, 0.02)	(−2.77, −0.000)	(−2.50, 0.69)	(−2.68, 0.09)
Constant	−17.03∗∗	−17.94∗∗	−15.76∗∗	−17.08∗∗	−17.67∗∗	−15.81∗∗
Constant	(−25.86, −8.19)	(−27.70, −8.17)	(−24.60, −6.92)	(−25.86, −8.30)	(−27.33, −8.01)	(−24.59, −7.03)
N	279	279	279	279	279	279
Log likelihood	−109.01	−102.17	−109.01	−109.02	−102.47	−109.02
AIC	240.01	230.35	240.01	240.05	230.95	240.05
BIC		277.55			278.16

Coefficients with 95% confidence intervals in parentheses. † p < 0.1, * p < 0.05, ** p < 0.01.

Figure 2.

Substantive effects of alternative measures of inter- and intra-industry trade on cyber espionage

remain robust to the inclusion of this additional control for interstate conflict.

To ensure that our results are not an artifact of Maness, Valeriano & Jensen’s (2019) coding of cyber espionage, I create an alternate dependent variable – Alt.cyber espionage – to capture incidents of interstate cyber espionage. This variable is based on the method of cyber attack. The anecdotal evidence shows that most incidents of cyber espionage involve intrusion attempts, where trojans, trapdoors, backdoors, and spear-phishing techniques are used. Cyber espionage also frequently involves infiltration attempts, where malware with specific and targeted payloads are employed. Consequently, the Alt.cyber espionage is coded 1 (0 otherwise) for all cyber attacks that involve either intrusion or infiltration attempts. Data on method of attack come from Maness, Valeriano & Jensen (2019). I re-estimate all models using this alternate dependent variable and present the results in Online appendix Tables VII and VIII. The results remain substantively unchanged.

Our results are thus consistent with our theoretical framework, which suggests that information deficits between states are an important driver of state-sponsored espionage operations. This has implications at the industry level. The value of cyber espionage information likely varies across industries. For instance, certain domestic firms such as those in the computer and technology sectors stand to gain more from cyber espionage than firms in other sectors such as beverage and food processing. Consequently, one way to increase confidence in our results is by examining the industry-level effects of exports on a state’s propensity to engage in cyber espionage. If our theoretical framework is correct, then states that have a heavy concentration of high-tech industries such as aerospace, computers, and pharmaceuticals should have a higher propensity to engage in cyber espionage operations.

To test this, I draw on industry export data from the World Bank’s World Development Indicators database (World Bank, 2018). I obtain data on the fraction of a country’s manufactured exports that is composed of exports from high-tech industries (i.e. aerospace, computers, pharmaceuticals, scientific instruments, and

Figure 3.

High-tech exports and state-sponsored cyber operations

electrical machinery). I regress this against the state’s cyber espionage operations, controlling for the confounders highlighted earlier. The results are presented in Online appendix Table IX. The analysis shows that increased exports from the high-tech sector (as a fraction of manufactured exports) are positively correlated with increased state-sponsored cyber espionage activity. This is presented graphically in Figure 3. This confirms the robustness of our theoretical reasoning.

Conclusion

My objective in this article is to demonstrate that the composition of a state’s trade, indicative of the state’s proprietary information deficit, is an important but overlooked determinant of state-sponsored cyber attacks. I develop a theoretical framework that proposes that because inter-industry traders have a bigger proprietary information deficit, they are more likely to engage in cyber espionage than intra-industry traders. I test this proposition for a global sample of countries and find robust empirical support. This is important because it demonstrates for the first time that the composition of a state’s trade is an important indicator of its propensity to engage in targeted cyber operations. This study also contributes to an emerging branch of the cyber politics literature that seeks to take a quantitative approach to the study of state-level cyber activities, complementing the more established qualitative approaches.

The results have important implications. For one, current scholarship on the state-level drivers of cyber attacks focus heavily on geopolitical motives, particularly interstate rivalries. This narrow focus on geopolitical factors limits our efforts to gain a fuller understanding of what drives state-sponsored cyber attacks and truncates possible options for countering it. By demonstrating the importance of information deficits embodied in trade relations as an important driver of state-sponsored cyber attacks, this article helps expand the range of factors thought to motivate cyber attacks.

This article also contributes to an emerging branch of the trade literature that aims to account for the diverging effects of trade on conflict propensity once its composition is taken into account (e.g. Akoto, Peterson & Thies, 2020; Madeira, 2016; Manger, 2012). To the extent that cyber espionage operations are interpreted as an act of aggression, the results here demonstrate that trade can have both an aggravating and a pacifying effect on interstate cyber conflict. This conclusion lends support to findings elsewhere in the literature that suggest that while inter-industry trade exacerbates the potential for interstate conflict, intra-industry trade tends to dampen conflict propensity (e.g. Akoto, Peterson & Thies, 2020; Thies & Peterson, 2015).

For future scholars, important questions remain to be explored. The present study focuses on the dynamics of what drives attacker states to launch cyber attacks, but it might also be interesting to explore these issues from the target state perspective. Particularly, one could explore the relative risk differences between information rich and information deficient states in terms of the probability of being hit with a cyber attack by trade partners. It might also be fruitful to explore which particular entities in the targeted state are most likely to be hit with cyber attacks. Intuitively, one would expect that firms that export the most goods get targeted but since geopolitical factors also matter for cyber attacks, it is possible that active exporters with close links to the government may be particularly at risk. Unpacking these firm-level dynamics presents a potentially rich research avenue for future scholars.

Footnotes

Replication data

The dataset and replication files, along with the Online appendix, are available at http://www.prio.org/jpr/datasets and the authors’ website .

Acknowledgements

Appreciation to Rob Caroll, Henrique Estides Delgado, Jack Donnelly, Bailee Donohue, Lewis Griffith, Tobias Heinrich, Timothy Peterson, Evangeline Reynolds, and Wilhelm M Vosse for comments and conversations on earlier iterations of this (and a related) article that significantly improved the final manuscript. Thanks also to the editor, anonymous referees, and seminar participants at the University of South Carolina, University of Denver, Fordham University, and One Earth Future Research for helpful comments.

ORCID iD

William Akoto

Notes

References

Akoto

William

Peterson

Timothy M

Thies

Cameron G

(2020) Trade composition and acquiescence to sanction threats. Political Research Quarterly 73(3): 526–539.

Alt

James E

Frieden

Jeffry

Gilligan

Michael J

Rodrik

Dani

Rogowski

Ronald

(1996) The political economy of international trade: Enduring puzzles and an agenda for inquiry. Comparative Political Studies 29(6): 689–717.

Bailey

Michael A

Strezhnev

Anton

Voeten

Erik

(2017) Estimating dynamic state preferences from United Nations voting data. Journal of Conflict Resolution 61(2): 430–456.

BBC (2015) Sony cyber-attack: North Korea faces new US sanctions (https://bbc.in/37HPnKF).

Bishop

Katrina

Kharpal

Arjun

(2014) Global websites hacked by Syrian Electronic Army (https://cnb.cx/2Xlof11).

Brenner

Susan W

Crescenzi

Anthony C

(2006) State-sponsored crime: The futility of the economic espionage act. Houston Journal of International Law 28(2): 389–465.

Chiacu

Doina

(2018) US sanctions Russians over military, intelligence hacking (https://reut.rs/3chCBU0).

Denning

Dorothy E

(2001) Activism, hacktivism, and cyberterrorism: The internet as a tool for influencing foreign policy. In: Arguilla

John

Ronfeldt

David

(eds) Networks and Netwars: The Future of Terror, Crime, and Militancy. Santa Monica, CA: National Defense Research Institute (RAND), 239–254.

Eftimiades

Nicholas

(2017) Chinese Intelligence Operations. Ilford: Frank Cass.

10.

Ettredge

Michael

Guo

Feng

Yijun

(2018) Trade secrets and cyber security breaches. Journal of Accounting and Public Policy 37(6): 564–585.

11.

Fidler

David P

(2013) Economic cyber espionage and international law: Controversies involving government acquisition of trade secrets through cyber technologies. ASIL Insights 17(10) (https://bit.ly/351qOcd).

12.

Fontagné

Lionel

Freudenberg

Michael

P´eridy

Nicolas

(1998) Intra-industry trade and the single market: Quality matters. London: Centre for Economic Policy Research (https://bit.ly/2QScTgo).

13.

Gartzke

Erik

(2013) The myth of cyberwar: Bringing war in cyberspace back down to earth. International Security 38(2): 41–73.

14.

Gilli

Andrea

Gilli

Mauro

(2019) Why China has not caught up yet: Military-technological superiority and the limits of imitation, reverse engineering, and cyber espionage. International Security 43(3): 141–189.

15.

Gleditsch

Nils Petter

Wallensteen

Peter

Eriksson

Mikael

Sollenberg

Margareta

Strand

Håvard

(2002) Armed conflict 1946–2001: A new dataset. Journal of Peace Research 39(5): 615–637.

16.

Greenaway

David

Hine

Robert

Milner

Chris

(1995) Vertical and horizontal intra-industry trade: A cross industry analysis for the United Kingdom. Economic Journal 105(433): 1505–1518.

17.

Harley

Knick

(1996) The Integration of the World Economy, 1850–1914. London: Edward Elgar.

18.

Hauswald

Robert

Marquez

Robert

(2006) Competition and strategic information acquisition in credit markets. Review of Financial Studies 19(3): 967–1000.

19.

Helfand

Benjamin

(2019) The Trump administration and international law. George Washington International Law Review 51(3): 591–594.

20.

Hidalgo

César A

Hausmann

Ricardo

(2009) The building blocks of economic complexity. Proceedings of the National Academy of Sciences 106(26): 10570–10575.

21.

Iasiello

Emilio

(2013) Cyber attack: A dull tool to shape foreign policy. In: 5th International Conference on Cyber Conflict (CYCON 2013), 1–18 (https://bit.ly/350lsxV).

22.

Klimburg

Alexander

(2011) Mobilising cyber power. Survival 53(1): 41–60.

23.

Krugman

Paul R

(1979) Increasing returns, monopolistic competition, and international trade. Journal of International Economics 9(4): 469–479.

24.

Lewis

Jonathan Eric

(2009) The economic espionage act and the threat of Chinese espionage in the United States. Chicago-Kent Journal of Intellectual Property 8(2): 189–235.

25.

Lindsay

Jon R

(2013) Stuxnet and the limits of cyber warfare. Security Studies 22(3): 365–404.

26.

Lindsay

Jon R

(2015) Tipping the scales: The attribution problem and the feasibility of deterrence against cyberattack. Journal of Cybersecurity 1(1): 53–67.

27.

Lotrionte

Catherine

(2014) Countering state-sponsored cyber economic espionage under international law. North Carolina Journal of International Law and Commercial Regulation 40(2): 443–541.

28.

Madeira

Mary Anne

(2016) New trade, new politics: Intra-industry trade and domestic political coalitions. Review of International Political Economy 23(4): 677–711.

29.

Maness

Ryan C

Valeriano

Brandon

Jensen

Benjamin

(2019) Dyadic Cyber Incident and Campaign dataset. Version 1.5 (https://bit.ly/2F6UABm).

30.

Manger

Mark S

(2012) Vertical trade specialization and the formation of North-South PTAs. World Politics 64(4): 622–658.

31.

Maoz

Zeev

Johnson

Paul L

Kaplan

Jasper

Ogunkoya

Fiona

Shreve

Aaron P

(2019) The Dyadic Militarized Interstate Disputes (MIDs) dataset: Logic, characteristics, and comparisons to alternative datasets. Journal of Conflict Resolution 63(3): 811–835.

32.

Markusen

James R

Venables

Anthony J

(1998) Multinational firms and the new trade theory. Journal of International Economics 46(2): 183–203.

33.

Marshall

Monty G

Jaggers

Keith

(2016) Polity IV project: Political regime characteristics and regime transitions, 1800–2015 (http://www.systemicpeace.org/inscrdata.html).

34.

Martin

Robert A

(2001) Managing vulnerabilities in networked systems. Computer 34(11): 32–38.

35.

Matusitz

Jonathan

(2005) Cyberterrorism: How can American foreign policy be strengthened in the information age? American Foreign Policy Interests 27(2): 137–147.

36.

Milner

Helen V

(1999) The political economy of international trade. Annual Review of Political Science 2(1): 91–114.

37.

Observatory of Economic Complexity (2019) Economic complexity rankings (https://legacy.oec.world/en/resources/data/).

38.

Ohlin

Bertil

(1935) Interregional and International Trade. Cambridge, MA: Harvard University Press.

39.

Oliva

Mara

Shanahan

Mark

(2018) The Trump Presidency: From Campaign Trail to World Stage. Cham: Springer Nature.

40.

Oliver

James K

(2007) US foreign policy after 9/11: Context and prospect. In: Miller

Mark J

Stefanova

Boyka

(eds) The War On Terror in Comparative Perspective: US Security and Foreign Policy after 9/11. London: Palgrave Macmillan, 19–45.

41.

Palmer

Glenn

D’Orazio

Vito

Kenwick

Michael R

McManus

Roseanne W

(2020) Updating the militarized interstate dispute data: A response to Gibler, Miller, and Little. International Studies Quarterly 64(2): 469–475.

42.

Pelican

Luke

(2011) Peacetime cyber-espionage: A dangerous but necessary game. CommLaw Conspectus: Journal of Communications Law and Technology Policy 20(1): 363–390.

43.

Pettersson

Therése

Högbladh

Stina

Öberg

Magnus

(2019) Organized violence, 1989–2018 and peace agreements. Journal of Peace Research 56(4): 589–603.

44.

Ricardo

David

(1913) Principles of Political Economy and Taxation. London: George Bell & Sons.

45.

Rid

Thomas

Buchanan

Ben

(2015) Attributing cyber attacks. Journal of Strategic Studies 38(1–2): 4–37.

46.

Roselund

Christian

(2017) Solarworld testifies on Chinese IP theft (https://bit.ly/3lN8LfV).

47.

Ryu

Dae Hyun

Kim

Hyung Jun

Keehong

(2009) Reducing security vulnerabilities for critical infrastructure. Journal of Loss Prevention in the Process Industries 22(6): 1020–1024.

48.

Scott

Catherine V

(2009) Imagining terror in an era of globalization: US foreign policy and the construction of terrorism after 9/11. Perspectives on Politics 7(3): 579–590.

49.

Tereshchenko

Natalia

(2012) US foreign policy challenges of non-state actors’ cyber terrorism against critical infrastructure. International Journal of Cyber Warfare and Terrorism 2(4): 28–48.

50.

Thies

Cameron

Peterson

Timothy M

(2015) Intra-Industry Trade: Cooperation and Conflict in the Global Political Economy. Stanford, CA: Stanford University Press.

51.

United Nations (2018) United Nations Commodity Trade Statistics database (COMTRADE) (http://comtrade.un.org).

52.

Valeriano

Brandon

Maness

Ryan C

(2014) The dynamics of cyber conflict between rival antagonists, 2001–11. Journal of Peace Research 51(3): 347–360.

53.

Van Arnam

Robert C

(2001) Business war: Economic espionage in the United States and the European Union and the need for greater trade secret protection. North Carolina Journal of International Law and Commercial Regulation 27(1): 95–139.

54.

Volz

Dustin

(2018) US charges, sanctions Iranians for global cyber attacks on behalf of Tehran (https://reut.rs/2ETVHVu).

55.

Whitney

Merrill E

Gaisford

James D

(1996) Economic espionage as strategic trade policy. Canadian Journal of Economics 29(2): 627–632.

56.

World Bank (2018) World Development Indicators (https://bit.ly/3gSIgSN).

57.

Yazdanifard

Rashad

Nia

Maryam Esmaeili

(2011) The impact of new intellectual capital on a firm’s market share value. In: International Conference on Sociality and Economics Development Volume 10. Singapore: IACSIT Press.