IT Strategy

The Real-World Geography of Cyber Security: Which Countries Are Most at Risk for Cyber Threats and Vulnerabilities in 2022

Combining numerous cybersecurity data, let’s detect how the threat of cybercrime differs globally and unveil the least and most risky countries for Internet users throughout 2020-2022.

While technological growth holds the potential to support societies in becoming more sustainable and advanced, the vulnerability to cyber attacks is also increasing. In such circumstances, cyber security becomes increasingly imperative for each country to secure its digital infrastructures.

The state of things concerning cyber security differs from country to country and may reveal surprising facts. Thus, the principal task of this research article is to demonstrate real-world geographical aspects of cyber security supported by figures and statistics received in the analysis of relevant publicly available data for 2020-2022 years.

Europe and North America Have a Similar Number of Cyber Attacks

The analysis of data on the number of cyberattacks per country (after normalizing the number of cyberattacks with legitimate traffic) provided by Imperva for 153 countries illustrates the "leadership" of the North American region in the total number of cyber attacks (Fig. 1).

Data source: imperva.com

Figure 2 below illustrates the average number of cyber attacks per country aggregated by five regions.

Data source: imperva.com

Only the United States of America accounts for 36,000 attacks, followed by Canada and Mexico by a wide margin (3,122 and 508 cyber attacks correspondingly). The total picture of cyber attack geography is on the map, where the darker color means that more cyber attacks occurred in the country (Fig. 3).

Data source: imperva.com

Although the average amount of attacks in Europe is twice less than in North America (Fig. 2), the total number of cyber attacks is almost the same (Fig. 1). 71% of all cyber incidents in Europe happened just in 11% of European countries: Germany, Russia, the United Kingdom, France, Netherlands. 

More than half of all cyber attacks that happened in the Asia-Pacific region were in Singapore (22,67%), China (16,75%), and India (16,15%). The South American and African regions account for less than 4% of all attacks. Almost 60% of all cyber attacks in South America happened in Brazil, while most attacks in Africa occurred in South Africa.

When the "popularity" of countries for cyber criminals is exposed, the question of their level of exposure to cyber incidents and preparedness to resist them is rising. Further in the article, we will try to figure it out.

Europe Is the Least Exposed to Cyber Threats

The Cybersecurity Exposure Index (CEI) defines the level of exposure to cybercrime by country from 0 to 1; the higher the score, the higher the exposure.

Check out a related article:

According to the data on the CEI of 108 countries (Fig. 4) provided by 10guards (specializes in world-class ethical hacking and cyber security business consulting), it has been revealed that Europe is the least vulnerable region with the lowest score of exposure per country (0,3285), and then the North American region comes (0,4621).

At the same time, Africa has the highest exposure level per country (0,6431), followed by South America (0,5766). The Asia-Pacific region is in the middle of the "scoreboard" (0,5399).

Data source: 10Guards

71% of European countries belong to the groups with low and very low exposure. Although two countries in Europe (Belarus and Armenia) are in the high exposure group, this is up to only 4,88% of all European countries. It is the smallest part among all regions (Fig. 5).

Data source: 10Guards

Moreover, most countries with low or very low exposure indexes are also European; they represent a proportion of 67% in each of these exposure classification groups correspondingly (Fig. 6).

Data source: 10Guards

67% of North American countries are divided into groups with moderate, low, and very low vulnerability levels. Respectively, 33% of North American countries are highly vulnerable to security threats (Fig. 5). The most-risky countries are Nicaragua, El Salvador, and Honduras. However, there is no extreme value of rate inside any exposure classification groups (Fig. 6).

The Asia-Pacific region accounts for 60% of countries with very high exposure and 36,67% of countries with high exposure to cyber threats worldwide (Fig. 6). Even though the exposure level of the Asia-Pacific region is in the middle, it represents some of the most vulnerable countries in the world (Fig. 4), namely Afghanistan (CEI=1,000) and Myanmar (CEI=0,9100).

40% of South American countries belong to groups with high and very high levels of exposure to security threats, which is close to the situation in the Asia-Pacific region (Fig. 5). The country at higher risk for cybercrime is Venezuela (CEI=0,8070). As well as in North America, in the South American region, there is no extreme percentage inside any exposure classification groups (Fig. 6).

75% of African countries belong to the groups with high and very high exposure to cyber threats (Fig. 5). Along with the Asia-Pacific region, Africa has the largest number of countries with high exposure to cyber threats, it is up to 36,67% of all countries with high exposure worldwide (Fig. 6). Ethiopia is the most sensitive to cyber threats in the region (CEI=0,8660).

The North American and Africa Regions Are Equally Ready To Prevent Cyber Threats

The National Cyber Security Index (NCSI) measures a country's readiness to address cyber threats and manage cyber incidents. It is composed of categories, capacities, and indicators. Each indicator has a value, which shows its relative importance in the index.

The NCSI score means the percentage the country received from the maximum value of all indicators. The maximum value of the NCSI Score is always 100 (100%), regardless of whether these indicators were added or removed. 

According to the data on the NCSI of 160 countries, provided by the same-name database, European region countries are better prepared to manage cyber incidents; the average NSCI is 71,88% (Fig. 7). The best-prepared country in preventing cybercrime in Europe and the world is Greece with NCSI of 96,10%.

Data source: ncsi.ega.ee

South America is taking second place in this "race" with an average NCSI score of 47,23%, which is higher than the average value of the index globally (Fig. 7). Argentina and Paraguay have an equal NCSI of 63,64%, which is the highest value in the region.

The Asia-Pacific region doesn't change its position and again takes third place at the rank. NCSI of this area accounts for 36,50%. Although the most-developed country in cyber security there, Saudi Arabia, has NCSI equal to 84,42%, more than 50% of the countries are under the average NCSI in the region.

Surprisingly, the preparedness of the North American and the African regions is almost at the same level, with an average NCSI of 27,49% and 29,01%, respectively, which are lower than the global average NCSI (Fig. 7). The highest-prepared countries manage cyber threats in these regions are Canada and Morocco, respectively, with an equal NSCI value of 70,13%.

Comparing the maps of the global distribution of the CEI (Fig. 4) and NCSI (Fig. 8), it could seem (and sound logical) that the two indexes are inversely proportional. Nonetheless, analysis demonstrates that better readiness to prevent cyber crimes doesn't always mean the lowest exposure to cyber threats.

Thus, the North American region has a lower (better) exposure level than the South American region. However, its NCSI is also lower (worse); that means North America's worse preparedness to manage cyber incidents, in contrast to its neighboring region (Fig. 5 and Fig. 7).

Data source: ncsi.ega.ee

North American, South American, and Asia-Pacific Regions Are on the Middle Level of Digital Development

An additional index for the cyber security evaluation for each country is Digital Development Level (DDL). The DDL is calculated according to the ICT Development Index (IDI) and Networked Readiness Index (NRI). The DDL defines the average percentage the country received from the maximum value of both indices. 

IDI is used to measure ICT (Information and Communication Technology) resources, which is defined as a composite index combining 11 indicators (classified into three sub-indices: access, use, and skills). NRI helps measure the degree of a country's readiness to exploit opportunities offered by information and communications technology.

Analysis of the DDL of 154 countries, provided by the NSCI database, demonstrates that the digital development of European countries is at a higher level. Moreover, a comparison of average values of NSCI and DDL reveals that among the five mentioned geographical regions, only the European region's cyber security development is in line with, or even ahead of, its digital development (Fig. 7). This conclusion is also relevant to each of more than a half of European countries (Fig. 9).

Data source: ncsi.ega.ee

Cyber security in South and North America and the Asia-Pacific region is behind their digital development (Fig. 7), which is, nonetheless, just at the middle level; DDL for these regions accounts for 51,74%, 50,71%, and 49,19%, accordingly. The African region is again in the last stage of the ranking.

Cybercrime Is Going to Rise in the Next Years

According to the data analysis of significant cyber incidents that happened since 2006, provided by the Center for strategic and international studies (CSIS), more than half of cyber attacks were launched through phishing and malware attacks (Fig. 10). Sadly, there is no reason that this trend will decline, mainly because this making mountains of money crime is easy to commit.

Data source: csis.org

Online attacks will also continue to pose a threat in the next few years due to the implementation of new methods of performing illegal operations; it has made it difficult for authorities to learn about their activities. Internet of Things (IoT) connected devices alongside artificial intelligence (AI) software will be additionally used in performing online attacks; it will let hackers steal sensitive data from the user's servers. It should be emphasized that IoT appliances are a significant threat to individuals' privacy and security due to the lack of security protocols in most IoT devices.

Social media platforms' popularity growth also leads to their use threatening individuals' privacy in the next few years. It may happen through collecting private information and selling data to third parties (Instagram) using fake banking apps, game titles, crypto miners (Google's Android app store), tricking users into opening malicious links due to the limited security measures (WhatsApp), etc.

There are also no signs that dark web-based markets are going to stop their activity of selling illegal products and services and leaking information.

Training Employees Is the Most Vital Step to Stopping Global Cybercrime

Phishing, ransomware, and data breaches are just a few examples of current cyber threats that have a massive economic and social impact on governments, businesses, and individuals worldwide. According to the research of Stanford University, human factors lead to 88% of all data breaches, occurring mainly due to a lack of awareness, negligence, or inappropriate access control.

Thus, cyber security awareness must become essential to everyday organizational culture through regular classroom training, real-world simulations, tabletop exercises, etc. It will help employees to recognize incoming threats, get acquainted with the art of good security hygiene (strong passwords, best practices of file-sharing, updating software, social media etiquette, etc.), and understand the consequences of their actions. 

Moreover, appropriate file access restriction policies should be implemented and maintained. It can be reached via file management systems accessible to businesses of all sizes. At the same time, a regular data backup policy is also crucial to prevent data loss when a disaster strikes.

Not only people but also processes and technology are primary categories on which cyber security professionals focus and which help them to protect data.

However, technologies are programmed by people, as well as processes do not "act" on their own since they are a set of steps that people follow. It brings us back to the previous statement that humans are the weakest link in cyber security, and training employees is the most vital step to stopping global cybercrime.

Conclusion

On analyzing the cyber security situation all over the map, it may be concluded that the growth of digital technologies is creating favorable conditions for cybercrime globally; this trend is continuing to be positive and dynamic in the next few years. 

However, the readiness for such circumstances differs from region to region. Thus, Europe is the least exposed and the most prepared to cybercrime, while the cyber security situation in the African region is diametric.

All necessary cyber security measures must be taken locally by every enterprise and every private user having Internet access since human error is still the most common reason for cyber attacks regardless of country.

avatar
R&D Engineer
Ph.D. in Engineering with 6+ years of experience in scientific research, currently working on a cybersecurity project (CASB) coding mostly with TypeScript. Involved with Python, Big Data Analytics, and Machine Learning, and eager to become a data scientist.