Which countries have the worst (and best) cybersecurity_

With so much of our personal data stored online, cybersecurity is of the utmost importance.

Each year, our study looks at over 60 countries to find out where in the world you’re most “cyber safe.” This year, we’ve analyzed 75 countries, judging each of them with an extended list of 15 criteria (previous reports had 7). This means countries are now ranked from one to 75 with one being the least cyber-secure country and 75 being the most cyber-secure country.

The new criteria are as follows:

  • % of mobiles infected with malware
  • % of users attacked by mobile banking trojans
  • % of users attacked by mobile ransomware trojans
  • % share of users attacked by banking malware (non-mobile)
  • % of users attacked by ransomware trojans (non-mobile)
  • % of computers infected by at least one malware attack (web-based)
  • % of computers facing at least one local malware attack
  • % of mobile users attacked via web sources
  • % of telnet attacks by originating country (IoT)
  • % of attacks by cryptominers
  • % of SSH-based attacks by originating country (IoT)
  • % of all spam emails by originating country
  • % share of countries targeted by malicious mailings
  • % of computers attacked by phishing
  • The best-prepared countries for cyberattacks

And, given the impact COVID-19 had on the cybersecurity landscape, we decided to also look at how COVID-19-related malware attacks impacted each country, scoring this separately to the full study.

So which country was the most and least cyber-secure? And did any country come out “top of the class?”

Unfortunately, similar to previous years, there wasn’t one country that “aced” every test. In fact, countries often perform well in one area but fall worryingly short in others.

Which is the least cyber-secure country in the world?

According to our study, Tajikistan is the least cyber-secure country in the world, followed by Bangladesh and China.

Tajikistan had the highest percentage of users attacked by banking malware (4.7%), computers facing at least one local malware attack (41.16%), and attacks by cryptominers (5.7%). It also scored poorly for the percentage of users attacked by ransomware trojans (1.35%). But, it was also one of the better-scoring countries in several categories, including percentage of users attacked via web sources (0.03%), percentage of telnet attacks by originating country (0.01%), percentage of spam emails by originating country (0.01%), and share of countries targeted by malicious mailings (0.01%). Zero users were attacked by mobile ransomware trojans and no SSH-based attacks originated from Tajikistan.

This just highlights how vastly different each country’s cybersecurity and cyber threats (threats to the country itself and the threat it poses to other countries) may be. For example, Tajikistan appears to be particularly vulnerable to malware but isn’t the source of many attacks, nor does it seem to be the target for spam and other malicious mailings.

The highest-scoring countries per category were:

  • Mobiles infected with malware
    1. Iran – 30.29%
    2. Algeria – 21.97%
    3. Bangladesh – 17.18%
  • Users attacked by mobile banking trojans
    1. Japan – 1.89%
    2. Turkey – 0.33%
    3. Italy – 0.31%
  • Users attacked by mobile ransomware trojans
    1. Kazakhstan – 0.57%
    2. Kyrgyzstan – 0.14%
    3. China – 0.09%
  • Percentage of users attacked by banking malware
    1. Tajikistan – 4.7%
    2. Uzbekistan – 4.6%
    3. Iran – 1.6%
  • Users attacked by ransomware trojans
    1. Bangladesh – 2.37%
    2. Haiti – 1.38%
    3. Tajikistan – 1.35%
  • Computers infected with at least one malware attack (web-based)
    1. Vietnam – 8.69%
    2. Bangladesh – 7.34%
    3. Latvia – 7.31%
  • Computers facing at least one local malware attack
    1. Tajikistan – 41.16%
    2. Bangladesh – 39.9%
    3. Uzbekistan – 36.58
  • Mobile users attacked via web sources
    1. Ecuador – 6.33%
    2. Oman – 4.98%
    3. Morocco – 4.51%
  • Percentage of telnet attacks by originating country (IoT)
    1. India – 19.99%
    2. China – 15.46%
    3. Egypt – 9.77%
  • Percentageof attacks by cryptominers
    1. Tajikistan – 5.7%
    2. Kyrgyzstan – 2.51%
    3. Uzbekistan – 2.46%
  • SSH-based attacks by originating country (IoT)
    1. China – 28.56%
    2. United States – 14.75%
    3. Germany – 4.67%
  • Spam emails by originating country
    1. Russia – 21.27%
    2. Germany – 10.97%
    3. United States – 10.47%
  • Share of countries targeted by malicious mailings
    1. Spain – 8.48%
    2. Germany – 7.28%
    3. Russia – 6.29%
  • Computers attacked by phishing
    1. Brazil – 19.94%
    2. Portugal – 19.73%
    3. France – 17.9%
  • Global Cybersecurity Index
    1. Honduras – 0.044
    2. Haiti – 0.046
    3. Bolivia – 0.139

Which is the most cyber-secure country in the world?

Just like in 2019 and 2020, the safest country is Denmark, which had an overall score of 3.56. It was placed in the top three 10 times out of a possible 15, scoring particularly well in categories such as percentage of users attacked by ransomware trojans (0.02%) and percentage of attacks by cryptominers (0.11%). This country also had zero users attacked by mobile ransomware trojans and mobile banking trojans.

It wasn’t the only country deemed “safest” 10 times, however. In eleventh place was Haiti, which also enjoys this accolade. However, Haiti’s score was increased due to it being in the top three worst countries for percentage of users attacked by ransomware trojans and for its Global Cybersecurity Index score. Again, this highlights how it isn’t uncommon for a country to rank well in one category and poorly in another.

The lowest-scoring countries per category were:

  • Percentage of mobiles infected with malware
    1. Finland – 1.06%
    2. Ukraine – 1.15%
    3. Denmark – 1.33%
  • Users attacked by mobile banking trojans
    1. Algeria, Argentina, Denmark, Egypt, Haiti, Hungary, Ireland, Mexico, Nigeria, and Thailand – 0.00%
  • Users attacked by mobile ransomware trojans
    1. Argentina, Australia, Austria, Belarus, Brazil, Chile, Colombia, Denmark, Ecuador, France, Greece, Haiti, Hungary, Japan, Latvia, Peru, Tajikistan, Turkey, and Venezuela – 0.00%
  • Share of users attacked by banking malware
    1. Ecuador – 0.03%
    2. Bolivia – 0.05%
    3. Denmark, Ireland, and Panama – 0.10%
  • Percentage of users attacked by ransomware trojans
    1. Denmark – 0.02%
    2. Sweden – 0.03%
    3. Ireland and Romania – 0.04%
  • Percentage of computers infected with at least one malware attack (web-based)
    1. Haiti – 0.48%
    2. Denmark – 1.33%
    3. Ireland – 1.35%
  • Computers facing at least one local malware attack
    1. Denmark – 2.83%
    2. Sweden – 3.34%
    3. Ireland – 3.49%
  • Mobile users attacked via web sources
    1. Haiti and Tajikistan – 0.03%
    2. Russia and China – 0.04%
    3. Armenia – 0.05%
  • Percentage of telnet attacks by originating country (IoT)
    1. Haiti, Tajikistan, Algeria, and Qatar – 0.01%
    2. Denmark, Finland, Kuwait, Kyrgyzstan, Oman, Sri Lanka, and Uzbekistan – 0.02%
    3. Azerbaijan and Switzerland – 0.03%
  • Share of attacks by cryptominers
    1. Haiti – 0.05%
    2. Denmark and Japan – 0.11%
    3. Germany – 0.12%
  • Percentage of SSH-based attacks by originating country (IoT)
    1. Tajikistan – 0.00%
    2. Haiti and Azerbaijan – 0.01%
    3. Armenia and Kyrgyzstan – 0.02%
  • Share of all spam emails by originating country
    1. Haiti – 0.00%
    2. Tajikistan and Oman – 0.01%
    3. Qatar and UAE – 0.02%
  • Share of countries targeted by malicious mailings
    1. Tajikistan, Norway, and Finland – 0.01%
    2. Haiti and Kyrgyzstan – 0.02%
    3. Georgia – 0.04%
  • Computers attacked by phishing
    1. Haiti – 1.94%
    2. Denmark – 3.26%
    3. Sweden – 3.35%
  • Global Cybersecurity Index
    1. United Kingdom – 0.931
    2. United States – 0.926
    3. France – 0.918

How have COVID-19-specific attacks impacted countries?

Recent years saw a surge in cyberattacks, a trend partly attributed to the increased reliance on remote working. Cybercriminals have adapted their strategies, often rebranding scams and phishing efforts to exploit the general public’s concerns about COVID-19, including aspects related to support and prevention measures.

The extent of this increase is quite significant. For instance, Securelist observed a dramatic rise – over 1000 percent – in the number of harmful files masquerading as virtual meeting tools such as Zoom and Slack in less than a year. Early in 2020, Kaspersky reported a more than twofold increase in global Distributed Denial of Service (DDoS) attacks. They also noted a marked uptick in attacks involving cryptominers and mobile banking trojans.

The impact of these cyberattacks varied across countries. A case in point is India, which experienced a substantial rise in the percentage of telnet attacks (originating from IoT devices). Specifically, a 54.14 percent increase (from 3.14% to 4.84%) from the first to the second quarter, and a 313.02% jump (from 4.84% to 19.99%) from the second to the third quarter. This data indicates some regions were more targeted or vulnerable than others during this period.

Mcafee used to have a live map of COVID-19-related malicious file detections, though this is no longer operational. While it was, however, we also looked at where the majority of files were being detected and whether this made a difference to the country’s overall scores.

During the pandemic, several countries’ malware infection scores increased slightly (India, Italy, South Africa, and Ukraine) but those most impacted were Spain and the US. They accounted for over 48% of the overall files detected and, when taking this into account with our score, their rankings dropped from 17 to 8 and from 31 to 11, respectively.

Improve your cybersecurity with our lists of:

Cybersecurity trends in 2023

Global cybersecurity is constantly evolving, driven by global events, changes in the methodologies of cybercriminals, and ongoing technological advancements. in this section we have included  key cybersecurity statistics from 2023 that help to highlight these changes:

  1. Remote workers have contributed to security breaches at 20% of organizations worldwide. This reveals some of the underlying consequences resulting from the shift to remote working caused by the coronavirus pandemic.
  2. The use of AI cybersecurity tools is helping to save organizations money. In 2023, companies saved up to $3.81M per breach by implementing AI security tools.
  3. In 2023 we witnessed significant data breaches, including a major incident at T-Mobile and the largest DDoS attack ever recorded, mitigated by Cloudflare in February 2023.
  4. In 2022, cybersecurity expenditure soared to approximately $71.1 billion. That is a two-fold increase over five years. The year 2023 saw a noticeable shortage of qualified professionals to fill more than 600,000 available positions.

Following the EU’s decision to pass the GDPR, many other countries around the world followed suit and sought to pass privacy laws that protect consumers. Gartner previously suggested that, by the end of 2023, approximately 75% of people around the globe would be protected by some kind of consumer privacy legislation like GDPR.

Unfortunately, the information provided by GDPR Advisor suggests that this figure is much closer to 30% of the world’s population. So far the following countries have passed GDPR-like laws:

  • Switzerland, Bahrain, Israel, Qatar, Turkey, Kenya, Mauritius, Nigeria, South Africa, Uganda, Japan, South Korea, New Zealand, Argentina, Brazil, Uruguay, Canada, Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, The Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, United Kingdom, Canada.

The US has not passed a federal privacy law that protects all citizens. Just a few states have passed GDPR-like laws (California, Virginia, Utah, Colorado, and Connecticut).

Our methodology: how did we find the countries with the worst cybersecurity?

We considered fifteen criteria, each of which had equal weight in our overall score. These were:

  • The percentage of mobiles infected with malware – software designed to gain unauthorized access to, destroy, or disrupt a device’s system
  • The percentage of users attacked by mobile banking trojans – a malicious program designed to gain access to confidential data processed through or stored on banking systems
  • The percentage of users attacked by mobile ransomware trojans – a malicious program designed to steal sensitive data and lock a user out of their device until they pay a ransom
  • The percentage of users attacked by banking malware (non-mobile) – a malicious program designed to gain access to confidential data processed through or stored on banking systems on a person’s computer
  • The percentage of users attacked by ransomware trojans (non-mobile) – a malicious program designed to steal sensitive data and lock a user out of their computer/account until they pay a ransom
  • The percentage of computers infected with malware (web-based) – software designed to gain unauthorized access to, destroy, or disrupt a computer’s system
  • The percentage of computers facing a least one local malware attack – number of users whose anti-virus software was triggered by a potentially malicious program during the reporting period
  • The percentage of mobile users attacked via web sources – number of users whose anti-virus software was triggered by a potentially malicious web page during the reporting period
  • The percentage of all telnet attacks by originating country (based on the number of unique IP addresses of devices used in the attacks) – a technique used by cybercriminals to get people to download a variety of malware types
  • The percentage of users attacked by cryptominers – software that’s developed to take over a user’s computer and use its resources to mine currency (without the user’s permission)
  • The percentage of SSH-based attacks by originating country (IoT) – a brute force attempt to remove the SSH or secure shell communication tool used between two computers
  • The percentage of spam emails by originating countries – an unsolicited message sent in bulk via email (from the country it was sent from)
  • The percentage share of countries targeted by malicious mailings – an unsolicited message sent in bulk via email (to the country it was sent to)
  • The percentage of computers attacked by phishing attempts – emails that are sent to try and lure the victim into sharing personal data, such as credit card details
  • The best-prepared countries for cyberattacks according to ITU’s Global Cybersecurity Index

The most recent quarterly value available for each country and category was taken unless the values were for yearly data (indicated above).

For each criterion, the country was given a point based on where it ranked between the highest-ranking and lowest-ranking countries. Countries with the least cyber-secure scores were given 100 points, while countries with the most cyber-secure scores were allocated zero points. All of the countries in between these two scores received a score on a percentile basis, depending on where they ranked.

The total score was achieved by averaging each country’s score across the fifteen categories. All of the data used to create this ranking system is the latest available, and we have only included countries where we could cover all of the data points.

Countries added: Bolivia, Georgia, Haiti, Honduras, Israel, Kuwait, Panama, Qatar, and Venezuela.

Countries removed: Bosnia and Herzegovina, Czech Republic, Estonia, Jordan, Lithuania, Moldova, Serbia, Syria, Tanzania, Tunisia, and Turkmenistan.

Data researcher: George Moody

Sources

https://securelist.com/

Global Cybersecurity Index 2020 (PDF)