- Ukraine is ranked second, followed by China, the US, Nigeria and Romania.
- The data was gathered through a survey of 92 leading cybercrime experts from around the world who are involved in cybercrime intelligence gathering and investigations.
- The study will enable the public and private sectors to focus their resources on key cybercrime hubs and spend less time and funds on cybercrime countermeasures in countries where the problem is not as significant.
Russia houses the greatest cybercriminal threat, followed by Ukraine, China, the US, Nigeria and Romania, according to a team of researchers that have compiled the first ever ‘World Cybercrime Index’.
Although the geography of cybercrime attacks has been documented, the geography of cybercrime offenders – and the corresponding level of “cybercriminality” present within each country – is largely unknown.
The data collection for this project, following three years of intensive research, was carried out as part of a partnership between the Department of Sociology, University of Oxford and UNSW Canberra Cyber and funded by CrimGov, a European Union-supported project based at the University of Oxford and Sciences Po, designed to introduce and validate a new framework for the study of organised crime.
The index shows that a relatively small number of countries house the greatest cybercriminal threat.
Iran is ranked eleventh while the UAE is ranked twenty-fourth and Pakistan at forty-fourth.
The data was gathered through a survey of 92 leading cybercrime experts from around the world who are involved in cybercrime intelligence gathering and investigations.
Countermeasures
Where the cybercriminals live is not necessarily where the cyberattacks are coming from. An offender from Romania can control zombies in a botnet, mostly located in the United States, from which to send spam to countries all over the world, with links contained in them to phishing sites located in China. The cybercriminal’s reach is not limited by national borders.
As cybercriminals often employ proxy services to hide their IP addresses, carry out attacks across national boundaries, collaborate with partners around the world, and draw on infrastructure based in different countries, superficial measures do not capture the true geographical distribution of these offenders.
The survey asked the experts to consider five major categories of cybercrime, nominate the countries that they consider to be the most significant sources of each of these types of cybercrime, and then rank each country according to the impact, professionalism, and technical skill of its cybercriminals.
Dr Miranda Bruce from the University of Oxford and UNSW Canberra and Co-author of the study said the study will enable the public and private sectors to focus their resources on key cybercrime hubs and spend less time and funds on cybercrime countermeasures in countries where the problem is not as significant.
Monitoring emergence of new hotspots
“The research that underpins the Index will help remove the veil of anonymity around cybercriminal offenders, and hope that it will aid the fight against the growing threat of profit-driven cybercrime,” Bruce said.
“We now have a deeper understanding of the geography of cybercrime, and how different countries specialise in different types of cybercrime.”
“By continuing to collect this data, we’ll be able to monitor the emergence of any new hotspots and it is possible that early interventions could be made in at-risk countries before a serious cybercrime problem even develops.”
Jonathan Lusthaus, Associate Professor from the University of Oxford’s Department of Sociology and Oxford School of Global and Area Studies and Co-author of the study, said that cybercrime has largely been an invisible phenomenon because offenders often mask their physical locations by hiding behind fake profiles and technical protections.
“Due to the illicit and anonymous nature of their activities, cybercriminals cannot be easily accessed or reliably surveyed. They are actively hiding. If you try to use technical data to map their location, you will also fail, as cybercriminals bounce their attacks around internet infrastructure across the world. The best means we have to draw a picture of where these offenders are located is to survey those whose job it is to track these people,” Dr Lusthaus said.
The World Cybercrime Index is the first step in a broader aim to understand the local dimensions of cybercrime production across the world, Professor Federico Varese from Sciences Po in France and Co-author of the study, said.
“We are hoping to expand the study so that we can determine whether national characteristics like educational attainment, internet penetration, GDP or levels of corruption are associated with cybercrime. Many people think that cybercrime is global and fluid, but this study supports the view that, much like forms of organised crime, it is embedded within particular contexts,” Varese said.