Most cybercriminal threats are concentrated in a handful of countries, with Russia at the top of the ranking, ahead of Ukraine, China, the US, Nigeria, and Romania.
This is stated in the first ‘World Cybercrime Index’, developed by five researchers led by the University of Oxford (UK) and published in the journal ‘PLOS ONE’.
Cybercrimes cost hundreds of millions and perhaps billions of euros, but locating where criminals tend to operate poses challenges because they often use strategies to mask their locations and legal documents capture a limited number of cases that may not be globally representative.
To help clarify this issue, the study authors surveyed leading cybercrime experts about the geographical distribution of cybercriminal threats. They developed and refined the survey through expert focus groups and pilot surveys before widely distributing it in 2021.
A total of 92 prominent cybercrime experts from around the world completed the survey, naming the countries they believed were the major centers of five categories of cybercrimes: technical products or services, attacks and extortion, data or identity theft, scams, and money laundering or theft.
Six countries
The survey results show that cybercriminal threats are concentrated in a small number of countries. Russia tops the ranking (with 58.39 points out of 100), followed by Ukraine (36.44), China (27.86), the US (25.01), Nigeria (21.28), Romania (14.83), North Korea (10.61), the UK (9.01), Brazil (8.93), and India (6.13).
Different countries were more often associated with different categories. For example, cybercrimes related to technical products or services were the main category in China, data or identity theft in the US, and attacks and extortion in Iran.
“Profit-motivated cybercrime, often seen as a fluid and global type of organized crime, actually has a strong local dimension. The World Cybercrime Index shows that 97 countries are important centers of cybercrime, but most cybercrime occurs in only six of them,” the authors indicate.
Miranda Bruce, from the University of Oxford, pointed out that the study will allow the public and private sectors to focus their resources on key cybercrime centers and spend less time and funds on countermeasures against cybercrime in countries where the problem is not as significant.
“We now have a deeper understanding of the geography of cybercrime and how different countries specialize in different types of cybercrime,” she says.
