Russia, Ukraine and China are home to the biggest cybercrime threats, according to the inaugural World Cybercrime Index (WCI).
This first global cybercrime ranking is the result of the work of an international team of academic researchers who surveyed 92 leading cybercrime experts and analyzed the results using scientific methodology.
The research project for the Global Cybercrime Index lasted four years.
The scientific article that supports the Index, entitled Mapping the global geography of cybercrime with the Global Cybercrime Indexwas in the PLOS ONE review published on April 10, 2024.
Five types of cybercrime
The survey asked the 92 experts to examine five types of financial cybercrime, name the countries they believe each of these types of cybercrime originates from, and then rank them based on impact, professionalism and technical skills cybercriminals.
The five categories of cybercrime are:
- Technical products/services (e.g. malware coding, botnet access, access to compromised systems, tool production)
- Attacks and extortion (e.g. DDoS attacks, ransomware)
- Data/identity theft (e.g. hacking, phishing, account compromise, credit card compromise)
- Scams (e.g. advance fee fraud, business email compromise, online auction fraud)
- Cashing/money laundering (e.g. credit card fraud, money mules, illicit virtual currency platforms)
The researchers assigned a score to each nominated country in each category, then calculated an overall score, called the WCI score, which was used to establish the overall ranking. A description of the calculations used can be found in the scientific article.
Top 20 Countries With the Highest Cybercrime Threat Levels
Russia is the country where most cybercrime originates, with a WCI score of 58.39, followed by Ukraine (36.44) and China (27.84).
The United States (25.01) and Nigeria (21.28) also make the top five. The United Kingdom, India, North Korea and Brazil all made the top ten.
WCI updates and upgrades ‘likely’
THE Global Cybercrime Index was developed in a partnership between the University of Oxford and the University of New South Wales in Australia and funded by CRIMGOV, an EU-supported project based at the University of Oxford and at Sciences Po Paris.
Jonathan Lusthaus, associate professor in the Department of Sociology at the University of Oxford and the Oxford School of Global and Area Studies, is one of five co-authors of the study.
At a press conference, Lusthaus stressed the need to expose the origins of cybercrime, which is largely an invisible phenomenon because offenders often mask their physical location by hiding behind fake profiles and technical protections.
“If you try to use technical data to map their location, you will also fail, because cybercriminals bounce their attacks off internet infrastructures around the world. The best way we have to build a picture of where these offenders really are is to investigate those whose job it is to track these people,” he said.
According to another co-author, Federico Varese, a professor at Sciences Po in Paris, the Global Cybercrime Index will likely be updated and improved in the future.
He added that researchers hope to expand the study to determine whether national characteristics such as education level, internet penetration, GDP or corruption levels are associated with cybercrime.
“Many people think of cybercrime as global and fluid, but this study supports the idea that, like forms of organized crime, it takes place in particular contexts,” Varese said.
A specific measure used by the index, the technicality score (T-score), characterizes the competence of cybercriminals based on the top 15 of these countries.
“For example, Russia and Ukraine are highly technical cybercrime centers, while Nigerian cybercriminals engage in less technical forms of cybercrime,” the paper reads.
“But for countries close to the center (0), the story is more complex. Some may specialize in types of cybercrime with medium technical complexity (e.g. data/identity theft). Others may specialize in high- and low-tech crimes,” he continues.