Building on screening theory, we examine how corporate social responsibility and irresponsibility (CSR/CSIR) influence firms’ likelihood of becoming cyberattack targets. We articulate two mechanisms: attackers use CSR as signals of resource and CSIR as indicators of moral value deficiency when screening potential targets. External cybercriminals, driven by instrumental motivations, rely on CSR for resource screening, while internal cybercriminals, led by expressive motivations, depend more on CSIR. We identify stock return and employees’ political ideology as two boundary conditions for CSR’s effects on external attacks and CSIR’s impact on internal attacks, respectively. Using cyberattacks targeting U.S. public firms, we find that CSR and CSIR increase firms’ likelihood of becoming targets. CSIR has stronger effects on internal cyberattacks, and stock return weakens CSR’s impact on external cyberattacks.
