An academic research project to gain insight into which nations produce the most cybercrime ranked the usual suspects of Russia, Ukraine, China and the United States in the top spots, but also found some relative surprises with Nigeria in fifth place and Romania at no. 6 and Brazil at no. 9.
Nations with high technology levels typically score quite high on the World Cybercrime Index (WCI), especially if those countries also have state-sponsored threat actors that overlap with cybercriminal groups. However, other nations dominated in one of the five areas, such as Nigeria scoring highest for scams and Romania scoring high in data and identity theft, according to the university research effort conducted by institutions academics in the UK, Australia and France.
Although cybersecurity experts have long associated different countries with different types of cybercrime – Russia with banking and ransomware and China with intellectual property theft and financial crimes, for example – this is the first time researchers were able to compare various countries based on specific attributes and approaches of cyber criminals, says Miranda Bruce, a postdoctoral researcher in sociology at the University of Oxford.
“If you look carefully at these five indices, you will get a deeper insight into each country’s character as a cybercrime hotspot,” he says. “Nigeria ranks first in the scam index, but ranks between 5th and 10th in the other four types of cybercrime. Clearly they are a significant producer of all types of cybercrime, but it is also clear that , as a country, are specialized.”
The researchers collected data from a survey of 92 cybercrime experts, asking them to pick the top five cybercrime-producing nations across five different crime categories: technical products and services; attacks and extortion; data and identity theft; rip-offs; and takings or money laundering. For each country, participants were asked to rate the impact of the crimes, the professionalism of the actors and their technical ability.
The top 15 nations ranked by their overall global cybercrime index. Source: PLOS One
In total, 97 different countries were named, according to cybercrime experts an article published by the group in the journal PLOS One.
WCI scores may not, however, distinguish between real cybercriminals residing in a nation and those mercenary groups that also conduct operations on behalf of their state sponsors, says Sean McNee, vice president of research and data at DomainTools, a domain security services.
“When evaluating cybercrime groups in places like Russia, China, Iran or North Korea, it is always difficult to determine whether groups operate solely on their own initiative or operate on behalf of a sponsoring nation-state,” McNee says. “This makes it more interesting to examine cybercrime actors in other countries, such as Nigeria, India and Brazil.”
Low technical score, high threat
Nigeria’s top marks in the scam category – in which researchers combined advance payment fraud, business email compromise and online auction fraud – highlight that a highly developed cybercrime ecosystem does not necessarily require a significant level of technical skills and infrastructure. While Nigeria has prioritized its cybersecurity capabilitiesthe country remains a bastion for email fraud, as demonstrated by the case of a Nigeria-based group running romance scams with a U.S. citizen, who was sentenced earlier this year.
Romania, which ranked sixth on the list, has a long history of hosting a cybercrime ecosystem, so its ranking comes as a bit of a surprise, says Chester Wisniewski, director and field CTO at the security firm Sophos IT.
“Romania has always had high cybercrime activity… probably due to its well-educated population, proximity and relations with neighboring cybercrime states such as Ukraine, Russia and Moldova,” he says. “Romania has cooperated in the fight against cybercrime, but I’m not sure they are very proactive in nature.”
The researchers plan to investigate how the World Cybercrime Index correlates with other characteristics of each nation – such as gross domestic product (GDP), income inequality, Internet penetration and corruption – and how cybercrime policies can influence their scores, Bruce of Oxford University. he says.
“There is still much to learn about how and why countries like Russia, China and the United States have become major cybercrime hotspots, but the countries that appear lower on the index will tell us more about the nuances of cybercrime “, he claims. “That is, the specific combination of factors that allow a region to become a thriving economic hub for cybercriminal activity. It is important to pay attention to these countries and regions in the coming years.”
Margins of improvement
Unfortunately, the data provides little useful information to advocates, although it could be useful to politicians and diplomats interested in influencing countries and gaining cooperation, says Sophos’ Wisniewski.
“If these statistics are accurate, only the countries listed are capable of addressing the problem of being a source country for cybercrime,” he says. “Many of those listed may not only be uninterested in reducing their rank, but may even be proud of it.”
The researchers conducted the survey in 2021, so unfortunately that means the rankings have aged and don’t include major changes in the cyber threat landscape, such as Russia’s invasion of Ukraine, the more recent rise in romance scams, and a increase in cryptocurrencies. scams from North Korea, says DomainTools’ McNee.
“This suggests that encouraging policies to boost technology sectors in these countries – turning cybercriminals into entrepreneurs – could have a net positive impact on the economy,” he says. “It may be more useful to monitor these trends in countries further downstream from the WCI to encourage such policies before a notable cybercrime industry takes hold.”