Cybersecurity company SEON has taken a snapshot of the global threat of cybercrime and compiled a ranking of the most and least vulnerable countries. […]
The risk of cybercrime is not evenly distributed across the globe. According to the software company SEON, which specializes in fraud detection, Internet users are significantly more at risk in some countries than in countries that offer more security due to strict laws against cybercrime and broad-based cybersecurity programs.
SEON combined data from a number of cybersecurity indices and indicators to create a global ranking of the countries with the lowest and highest risk of cybercrime. According to the SEON ranking, cybersecurity for Internet users is highest in Denmark, where people are protected from cybercrime by both legislation and technologies. Germany and the USA follow in this order.
How the cybersecurity ranking was determined
To create its global cybersecurity index, SEON first collected data from the National Cybersecurity Index (NCSI), which ranks each country according to the strength of its cybersecurity measures. The company then used data from a similar ranking, the Global Cybersecurity Index 2020, in which countries are also ranked based on their respective cybersecurity practices. The data from these two sources were used because they use different criteria for the classification of each country.
SEON also used the Basel AML Index: 9th Edition, which ranks countries according to the risk of money laundering and terrorist financing. These illegal activities are mostly carried out digitally, so the index is a good indicator of how well the Internet is monitored and secured in the individual countries.
When compiling the overall ranking, SEON also took into account the Cybersecurity Exposure Index (CEI) 2020, which measures the exposure of Internet users in each country.
In addition to these various indices, SEON examined the strength of cybercrime legislation in each country.
“We allocated one point to each country for each piece of legislation, and half a point if the legislation was only in draft form. Then we added an additional point for each regulatory category that covered it, thus including the coverage of the legislation in the assessment. The points from all these factors were converted into a single, equally weighted score of 10, “ says Gergo Varga, author of the report.
The countries with the lowest risk of cyber threats
At the top of the ranking of the most cybersecurity countries is Denmark with an overall cybersecurity score of 8.91. It performs particularly well in the Cybersecurity Exposure Index, where it receives only 0.117 points.
SEON combined data from various cybersecurity indices to create a ranking of countries in terms of their exposure to cybercrime.
Germany achieved a cybersecurity score of 8.76, while the US achieved 8.73. The relatively high overall ranking for the United States is partly due to the fact that it took first place in the Global Cybersecurity Index and also performed well in terms of general vulnerability to cybercrime and strict laws.
Other countries that have made it into the top 10 safest countries are – in order of placement – Norway, the United Kingdom, Canada, Sweden, Australia, Japan and the Netherlands.
At the other end of the scale are the countries that offer the least protection against cybercrime. These countries have very weak or no laws to combat cybercrime and therefore pose the greatest risk for transactions involving personal data, the report says.
The countries with the highest risk of cyber threats
Myanmar ranks worst in terms of Internet security, only achieving a score of 2.22 on SEON’s Global Cyber-Safety Index. The country performed poorly in all areas, especially in terms of legislation, as hardly any laws were passed to put obstacles in the way of cybercriminals.
“Based on the methodology of the report, most of the reasons for the risk ranking are due to legislation and a dedicated government infrastructure focused on regulation and enforcement,” said Liz Miller, vice president at Constellation Research.
SEON combined data from various cybersecurity indices to create a list of countries most at risk of cybercrime.
“Even if a country has adopted or is in the process of adopting laws to protect consumer privacy or digital security, if there are no real consequences for these crimes, whether for the criminals who commit these crimes, or for companies that refuse to invest in compliance, or for those who deliberately ignore data protection and security regulations … then what? You have a piece of paper with good intentions but no teeth,“ Miller added.
Cambodia follows Myanmar with a cybersecurity score of 2.67, the second-worst overall score in the SEON rankings. Cambodia performs marginally better than Myanmar in any metric other than the global cybersecurity index.
The third place is taken by Honduras with a score of 3.13. The Central American country performs worst of all the countries studied in the Global Cybersecurity Index, while it also has poor results in all other areas. However, Honduras performs twice as well as Myanmar and Cambodia in terms of legislation to combat cybercrime.
The other countries on the list of the most vulnerable to cyber threats are (in order from highest to lowest risk): Bolivia, Mongolia, Algeria, Zimbabwe, Nicaragua, Bosnia-Herzegovina and El Salvador.
The most common forms of cybercrime
The SEON report also looks at the most reported forms of cybercrime in 2020. According to it, phishing emails and pharming are the biggest online threat to US Internet users, accounting for 32.9% of all reported cybercrime in 2020. Phishing and pharming refer to the fraudulent practice of tricking people into revealing personal information such as passwords, login details and credit card numbers.
The second most common type of cybercrime was non-payment and non-delivery, which was reported 108,869 times and accounted for 14.9% of cybercrime in the United States. Non-payment means that a buyer does not pay for the goods or services received, while non-delivery means that the paid goods or services are not delivered.
Extortion is the third most common form of cybercrime, with 76,741 reported incidents in 2020 in the U.S., representing 10.4% of total cybercrime in the country. Extortion comes in various forms, with the most common being the use of ransomware to block access to files and devices, followed by demanding money, cryptocurrency, gift cards, or some other form of payment.
Strong security requires resources
To really fathom why some countries are more at risk than others, it is necessary to take into account the resources and richness of the targets, according to Miller of Constellation Research. Security requires resources that some companies in some countries may not have access to, be it the budget to implement proactive protections or the talent and time to staff security teams and operations. Companies that lack resources can also prioritize operations over security, which, according to Miller, creates a favorable environment for malicious actors who want to exploit vulnerabilities.
Countries that are most at risk should take measures to regulate and educate the public, Miller said.
“The average consumer simply does not see himself as part of the vulnerability supply chain, and some are calling for the government to solve these problems with faceless strangers lurking in basements and wearing hoodies. But we all know that the faceless hooded man did not click on the link in the email, which in reality did not come from the bank, “ says Miller.
If a government is really serious about tackling threats, partnerships are the key, Miller says. The public and private sectors must jointly develop solutions and exchange information in order to detect threats at an early stage and to be able to defend against them quickly.