Cybercrime , Fraud Management & Cybercrime
Russia Tops Global Cybercrime Index, New Study Reveals
Russia, Ukraine, China and US All Top 'First-Ever World Cybercrime Index'Russia is the most significant source of global cybercrime and serves as the top hub for digital threat actors worldwide, according to the newly released World Cybercrime Index.
See Also: OnDemand | Code Red: How KnowBe4 Exposed a North Korean IT Infiltration
The researchers behind the index, published Wednesday in the journal Plos One, said their study provides the first-ever definitive ranking of international cybercrime hotspots at a national level. The report reveals that the majority of global cyberthreat actors operate from a relatively small number of countries. Russia leads the list, followed by Ukraine, China, the United States, Nigeria and Romania.
The researchers spent three years collecting interviews from nearly 100 cybercriminal experts across all major geographical regions. Respondents made their rankings based on the impact of each country's cybercrime activity, as well as the professionalism and technical skill of its threat actors.
The index considers five types of cybercrime: technical products and services, attacks and extortion, data and identity theft, money laundering and scams. Other countries at the top of the list include North Korea, United Kingdom, Brazil, India, Iran, Belarus, Ghana and South Africa.
Miranda Bruce, researcher for the University of Oxford and co-author of the report, said the index enables public and private entities to better target their resources and countermeasures against cybercrime and removes "the veil of anonymity around cybercriminal offenders."
"We hope that [the index] will aid the fight against the growing threat of profit-driven cybercrime," Bruce said in a press release, adding: "We now have a deeper understanding of the geography of cybercrime and how different countries specialize in different types of cybercrime."
Respondents said Russia was the most significant threat for attacks on technical products and services, such as malware coding, botnet access or breaching compromised systems.
Ukraine appeared to excel in technical product cybercrimes as well as data and identity theft, such as phishing campaigns. The U.S. and Romania were identified as hot spots for phishing attacks, and Nigeria scored the highest on the list for scam-based cybercrimes.
"Cybercrime is not universally distributed," the report says. "Certain countries are cybercrime hubs, while many others are not associated with cybercriminality in a serious way."
U.S. cyber authorities have released a wide-range of guidance in recent years around Russian state-sponsored cyber operations, warning that Kremlin-affiliated actors have targeted critical infrastructure sectors across the country with increasingly sophisticated methods.
The Kremlin has also accused the U.S. and hackers who support Ukraine of leading a campaign of "cyber aggression" against Russian critical infrastructure.
The authors of the report plan to expand the study to determine whether certain national characteristics such as education or income level contribute to cybercrime levels. Bruce said researchers should continue to collect geographical data on cybercrime "to monitor the emergence of any new hot spots" and conduct early interventions "in at-risk countries before a serious cybercrime problem even develops."