- Join BJ's Wholesale Club for $20, and get a $20 gift card: Deal
- Delivering better business outcomes for CIOs
- Docker Desktop 4.35: Organization Access Tokens, Docker Home, Volumes Export, and Terminal in Docker Desktop | Docker
- Cybercriminals Exploit DocuSign APIs to Send Fake Invoices
- Your iPhone's next iOS 18.2 update may come earlier than usual - with these AI features
The World Cybercrime Index: What is it and why is it important?
Cybercriminals are notoriously tricky to pin down. They are experts in obfuscation and misdirection, masters of avoiding consequences. Not since the early days of the Wild West have criminals managed to evade capture and maintain anonymity as effectively as modern cybercriminals do.
Part of the reason for these staggeringly low conviction rates is that we usually have little idea of what country an attacker is in. We can make educated guesses: if a cybercrime group, for example, launches an explicitly politically motivated attack on the US, we might assume the attack originated in Russia or China. But even then, we can’t be sure.
As such, we’ve never been able to answer those all-important questions: Where do most cybercrimes originate from? Which country is “best” at cybercrime? And what makes for a fertile cybercriminal breeding ground? But that’s all about to change.
In April 2024, Oxford University and UNSW Canberra released its World Cybercrime Index. It is the current best attempt at mapping the global geography of cybercrime, partially, at least, lifting the veil of anonymity cybercriminals have enjoyed for so long.
The study is an enormous leap forward in our understanding of cybercriminal geography and will likely serve as the foundation for further transformative research. So, let’s dive in.
What is the World Cybercrime Index?
The World Cybercrime Index (WCI) ranks countries based on their contributions to global cybercrime.
However, we’ve established that it’s nearly impossible to determine a cybercriminal’s geographical location with any degree of accuracy, so how did the researchers develop these rankings? The answer is more straightforward than you might think.
Researchers from Oxford University and UNSW Canberra asked 245 cybercrime experts – receiving 92 responses – from each region of the world to consider five significant types of cybercrime:
And nominate the countries they consider to be the most significant sources of each of these cybercrime types. Participants then rated each nominated country according to the following:
- How impactful the cybercrime originating in the country is.
- How professional their cybercriminals are.
- How technically skilled their cybercriminals are.
It’s important to note that researchers only approached cybercrime experts actively tracking cybercriminals – meaning they have first-hand knowledge of cybercriminals. As such, while an element of speculation is inherent with this type of research, the WCI is about as close as possible to an accurate “map” of global cybercrime.
What are the World Cybercrime Index Rankings?
Here are the World Cybercrime Index rankings in full:
Ranking |
Country |
WCI Score |
Ranking |
Country |
WCI Score |
1 |
Russia |
58.39 |
11 |
Iran |
4.78 |
2 |
Ukraine |
36.44 |
12 |
Belarus |
3.87 |
3 |
China |
27.86 |
13 |
Ghana |
3.58 |
4 |
United States |
25.01 |
14 |
South Africa |
2.58 |
5 |
Nigeria |
21.28 |
15 |
Moldova |
2.57 |
6 |
Romania |
14.83 |
16 |
Israel |
2.51 |
7 |
North Korea |
10.61 |
17 |
Poland |
2.22 |
8 |
United Kingdom |
9.01 |
18 |
Germany |
2.17 |
9 |
Brazil |
8.93 |
19 |
Netherlands |
1.92 |
10 |
India |
6.13 |
20 |
Latvia |
1.68 |
What Does the World Cybercrime Index Tell Us?
Perhaps the most impactful conclusion we can draw from the WCI is that a very small number of countries house a large proportion of the world’s cybercrime threats. Anyone with a passing interest in cybercrime could likely have made a pretty good guess at the top five of the WCI, but the discrepancy between those five countries and the rest of the list is alarming.
Why Does the World Cybercrime Index Matter?
While the WCI currently tells us little aside from which countries present the most significant cyber threat, according to Dr Miranda Bruce, who co-authored the study, it is merely the first stage in an extensive research project that will attempt to determine some countries are cybercrime hotspots and some aren’t.
Similarly, Professor Federico Varese, also co-author of the study, told the Oxford University website that he and his fellow researchers “are hoping to expand the study so that we can determine whether national characteristics like educational attainment, internet penetration, GDP, or levels of corruption are associated with cybercrime.”
Determining these factors will be crucial to preventing cybercrime in the future. Although in some countries, the factors contributing to cybercrime may be relatively obvious and difficult to address—Russia, for example, is notorious for tolerating and even encouraging cybercriminals—in others, understanding those factors could inform preventative action.
All in all, the publication of the world’s first World Cybercrime Index is a historic moment in our understanding of cybercrime geography. But it’s more than that: the WCI will facilitate research into the root causes of cybercrime so we can take action to prevent it. Currently, our understanding of the societal and economic causes of cybercrime is largely based on guesswork and speculation. The WCI is set to change that, empowering us to prevent cybercrime, not merely protect against it.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire.