It doesn't take long looking at the news to find the latest horror story about a major hack, data breach, or some other type of cyber-crime. Unfortunately, cyber-crime can be a very lucrative business for those who are able to get away with it, which incentivizes more morally dubious people to also try their hands at cyber-crime. Recently, a study was completed that found which countries most of these cybercriminals are coming from. So, let's take a look at the first "World Cybercrime Index."
Of course, the thing most people are interested in finding out is "Where is the most cybercrime coming from?" But first things first, how is this data being collected and compiled? As detailed in the research paper itself, it is difficult to find details on cybercriminals and their activities since they are much more inclined to keep those things hidden. The data used for this research paper was collected through an online anonymized survey sent to numerous industry professionals from all over the world. Significant effort was taken to eliminate as much potential bias from the survey results as possible. Additionally, this paper is focused on profit-driven cybercrime, intentionally excluding other motivations, such as state-sponsored cybercrime. Finally, based on the results of the survey, each country was assigned several World Cybercrime Index (WCI) scores: one for each category of cybercrime and one overall World Cybercrime Index score.
One of the first takeaways that can be seen from the paper is that a small number of countries make up a significant amount of cybercrimes. Specifically, a majority of cybercrimes were found to originate from Russia, Ukraine, China, the United States, Nigeria, and Romania. Russia has by far the highest WCI score at 58.39, Ukraine at 36.44, China at 27.86, the US at 25.01, Nigeria at 21.28, and Romania at 14.83. North Korea is the only other country with an overall WCI score greater than ten at 10.61. There are only twenty-four other countries with an overall WCI score greater than one.
However, it is not always the same type of cybercrime coming out of these countries, with each country tending to specialize in certain types. The paper identified five categories of cybercrime and labeled them as Technical products/services (such as creating malware and attacking programming vulnerabilities), Attacks and extortion (such as ransomware attacks), Data/identity theft (including phishing attacks and compromising accounts), Scams (such as advanced fee fraud and online auction fraud), and Cashing out/money laundering (such as credit card fraud and money mules). Countries like Russia, Ukraine, and China tend to perform more technical cybercrimes, such as developing malware and exploiting vulnerabilities in programming. Nigeria is much more focused on non-technical cyberattacks, primarily scams. The US and Romania fall in the middle due to the prevalence of both technical and non-technical cybercrimes, with the leading category for both countries being data/identity theft.
So, how can we use the information from this research paper to help in the fight against cybercrime? The data collected in this paper helps give us a better picture of what profit-driven cybercrime looks like worldwide. More specifically, we are able to identify that a majority of cybercrime comes from a relatively small number of places, as well as the fact that each of those places tends to specialize in certain types of cybercrime. While the consequences of cybercrime can reach anywhere, the causes tend to be much more localized, so it makes sense to promote more localized efforts to fight cybercrime. Only by working together to keep ourselves and each other safe will we be able to make progress towards dealing with cybercrime.