The report, produced by researchers from the Department of Sociology, University of Oxford, and the University of New South Wales, Canberra, identified the globe’s major cybercrime hotspots by ranking the most significant sources of cybercrime at a national level.
A survey of top cybercrime experts worldwide produced the data that forms the basis of the Index. The task assigned to the participants involved thinking through five main categories of cybercrime and selecting the nations they believed to be the main origins of each of these crimes.
The five categories are Technical products/services (like malware); Attacks and extortion; Data/identity theft (like hacking or phishing); Scams (like online auction fraud or business email compromise); and Cashing out/money laundering (like credit card fraud).
The survey asked participants to rank each nominated country according to the impact, professionalism, and technical skills of its offenders.
One of the authors of the report, Dr Jonathan Lusthaus, while commenting on the report, stated that, “Due to the illicit and anonymous nature of their activities, cybercriminals cannot be easily accessed or reliably surveyed. They are actively hiding.
“If you try to use technical data to map their location, you will also fail, as cybercriminals bounce their attacks around internet infrastructure across the world. The best means we have to draw a picture of where these offenders are actually located is to survey those whose job it is to track these people.”
The University of Oxford and UNSW Canberra, Dr. Miranda Bruce, added, “The research that underpins the Index will help remove the veil of anonymity around cybercriminal offenders, and we hope that it will aid the fight against the growing threat of profit-driven cybercrime. By continuing to collect this data, we’ll be able to monitor the emergence of any new hotspots and it is possible early interventions could be made in at-risk countries before a serious cybercrime problem even develops.
“For the first time, we have reliable data on the location of cybercriminals, and we also have a way to measure their impact. Government agencies and private enterprises tasked with tackling cybercrime now have a much better understanding of the scale of the problem in their own backyard.”
Meanwhile, the latest report by cybersecurity firm, Check Point, also revealed a five per cent increase in the average number of cyber attacks per organization globally compared with the same quarter last year, adding that African businesses witnessed the highest number of attacks compared to other regions.
“Regionally, Africa surged to the forefront with an average of 2,373 attacks per week per organization, a 20 per cent jump from the same period in 2023.
“In contrast, Latin America showed a 20 per cent decline, perhaps indicating a shift in focus or improved defensive measures in the region; another reason could be a temporary shift in focus by cybercriminals on other more vulnerable regions across the world,” the report explained.
Subsequently, the research disclosed that the Education/Research industry suffered a severe hit, ranking first among the targeted industries with an average of 2,454 attacks per company per week.
A concerning level of vulnerability in industries that are essential to the operation of society was shown by the sector’s ranking, which was followed by the Government/Military (1,692 assaults per week) and Healthcare (1,605 attacks per organization).
“However, it is the substantial year-on-year increase in attacks on the Hardware Vendor industry, rising by 37 per cent, which underlines a strategic shift in target preference by cybercriminals. This industry’s increasing reliance on hardware for IoT and smart devices makes these vendors lucrative targets for cybercriminals,” it added.
In terms of the attack type, the report showed that North America was the region most impacted by Ransomware attacks in Q1 2024, accounting for 59 per cent out of close to 1000 published ransomware attacks. It was followed by Europe (24 per cent) and APAC (12 per cent).
The largest increase in reported ransomware attacks compared to Q1 2023 was seen in Europe, with a significant 64 per cent increase
“This significant increase could be attributed to factors such as increased digitization of services and regulatory environments that may make organizations more vulnerable or visible targets. In contrast, North America saw a 16 per cent increase, indicating a sustained focus by attackers on this region.
“The most impacted Industry globally was the Manufacturing sector, accounting for 29 per cent of published ransomware attacks and having almost double the amount of reported attacked YoY, followed by the Healthcare industry with 11 per cent of the attacks (and 63 per cent increase YoY), and
Retail/Wholesale with 8 per cent of the attacks,” the report added.
Check Point however advised firms to take a multifaceted strategy to cybersecurity in order to defend themselves against the increasing number of assaults. This approach should include periodic cyber awareness training, reliable data backups, timely security patches, strong user authentication, and cutting-edge anti-ransomware solutions. It went on to say that proactive use of AI-powered security can greatly increase an organization’s resistance to these attacks.
