Which countries have the worst (and best) cybersecurity_

With so much of our personal data stored online, cybersecurity is of the utmost importance.

Each year, our study looks at over 60 countries to find out where in the world you’re most “cyber safe.” This year, we’ve analyzed 75 countries, judging each of them with an extended list of 15 criteria (previous reports had 7). This means countries are now ranked from one to 75 with one being the least cyber-secure country and 75 being the most cyber-secure country.

The new criteria are as follows:

  • % of mobiles infected with malware
  • % of users attacked by mobile banking trojans
  • % of users attacked by mobile ransomware trojans
  • % share of users attacked by banking malware (non-mobile)
  • % of users attacked by ransomware trojans (non-mobile)
  • % of computers infected by at least one malware attack (web-based)
  • % of computers facing at least one local malware attack
  • % of mobile users attacked via web sources
  • % of telnet attacks by originating country (IoT)
  • % of attacks by cryptominers
  • % of SSH-based attacks by originating country (IoT)
  • % of all spam emails by originating country
  • % share of countries targeted by malicious mailings
  • % of computers attacked by phishing
  • The best-prepared countries for cyberattacks

And we’ve also looked at how COVID-19-related malware attacks have impacted each country, scoring this separately to the full study.

So which country was the most and least cyber-secure? And did any country come out “top of the class?”

Unfortunately, similar to previous years, there wasn’t one country that “aced” every test. In fact, countries often perform well in one area but fall worryingly short in others.

Which is the least cyber-secure country in the world?

According to our study, Tajikistan is the least cyber-secure country in the world, followed by Bangladesh and China.

Tajikistan was the worst-scoring country for the % of users attacked by banking malware (4.7%), % of computers facing at least one local malware attack (41.16%), and % of attacks by cryptominers (5.7%). It also scored poorly for % of users attacked by ransomware trojans (1.35%). But, it was also one of the better-scoring countries for several categories, including % of users attacked via web sources (0.03%), % of telnet attacks by originating country (0.01%), % of spam emails by originating country (0.01%), and % share of countries targeted by malicious mailings (0.01%). Zero users were attacked by mobile ransomware trojans and no SSH-based attacks originated from Tajikistan.

This just highlights how vastly different each country’s cybersecurity and cyber threats (threats to the country itself and the threat it poses to other countries) may be. For example, Tajikistan appears to be particularly vulnerable to malware but isn’t the source of many attacks, nor does it seem to be the target for spam and other malicious mailings.

The highest-scoring countries per category were:

  • % of mobiles infected with malware
    1. Iran – 30.29%
    2. Algeria – 21.97%
    3. Bangladesh – 17.18%
  • % of users attacked by mobile banking trojans
    1. Japan – 1.89%
    2. Turkey – 0.33%
    3. Italy – 0.31%
  • % of users attacked by mobile ransomware trojans
    1. Kazakhstan – 0.57%
    2. Kyrgyzstan – 0.14%
    3. China – 0.09%
  • % share of users attacked by banking malware
    1. Tajikistan – 4.7%
    2. Uzbekistan – 4.6%
    3. Iran – 1.6%
  • % of users attacked by ransomware trojans
    1. Bangladesh – 2.37%
    2. Haiti – 1.38%
    3. Tajikistan – 1.35%
  • % of computers infected with at least one malware attack (web-based)
    1. Vietnam – 8.69%
    2. Bangladesh – 7.34%
    3. Latvia – 7.31%
  • % of computers facing at least one local malware attack
    1. Tajikistan – 41.16%
    2. Bangladesh – 39.9%
    3. Uzbekistan – 36.58
  • % of mobile users attacked via web sources
    1. Ecuador – 6.33%
    2. Oman – 4.98%
    3. Morocco – 4.51%
  • % of telnet attacks by originating country (IoT)
    1. India – 19.99%
    2. China – 15.46%
    3. Egypt – 9.77%
  • % of attacks by cryptominers
    1. Tajikistan – 5.7%
    2. Kyrgyzstan – 2.51%
    3. Uzbekistan – 2.46%
  • % of SSH-based attacks by originating country (IoT)
    1. China – 28.56%
    2. United States – 14.75%
    3. Germany – 4.67%
  • % of all spam emails by originating country
    1. Russia – 21.27%
    2. Germany – 10.97%
    3. United States – 10.47%
  • % share of countries targeted by malicious mailings
    1. Spain – 8.48%
    2. Germany – 7.28%
    3. Russia – 6.29%
  • % of computers attacked by phishing
    1. Brazil – 19.94%
    2. Portugal – 19.73%
    3. France – 17.9%
  • Global Cybersecurity Index
    1. Honduras – 0.044
    2. Haiti – 0.046
    3. Bolivia – 0.139

Which is the most cyber-secure country in the world?

Continuing on from the last two years, the safest country is Denmark with a score of 3.56. It was placed in the top three 10 times out of a possible 15, scoring particularly well in categories such as % of users attacked by ransomware trojans (0.02%) and % of attacks by cryptominers (0.11%). It also had zero users attacked by mobile ransomware trojans and mobile banking trojans.

It wasn’t the only country deemed “safest” 10 times, however. Eleventh-most-secure, Haiti, also enjoys this accolade but its score was increased due to it being in the top 3 worst countries for % of users attacked by ransomware trojans and for its Global Cybersecurity Index score. Again, this highlights how it isn’t uncommon for a country to rank well in one category and the polar opposite in another.

The lowest-scoring countries per category were:

  • % of mobiles infected with malware
    1. Finland – 1.06%
    2. Ukraine – 1.15%
    3. Denmark – 1.33%
  • % of users attacked by mobile banking trojans
    1. Algeria, Argentina, Denmark, Egypt, Haiti, Hungary, Ireland, Mexico, Nigeria, and Thailand – 0.00%
  • % of users attacked by mobile ransomware trojans
    1. Argentina, Australia, Austria, Belarus, Brazil, Chile, Colombia, Denmark, Ecuador, France, Greece, Haiti, Hungary, Japan, Latvia, Peru, Tajikistan, Turkey, and Venezuela – 0.00%
  • Share of users attacked by banking malware
    1. Ecuador – 0.03%
    2. Bolivia – 0.05%
    3. Denmark, Ireland, and Panama – 0.10%
  • % of users attacked by ransomware trojans
    1. Denmark – 0.02%
    2. Sweden – 0.03%
    3. Ireland and Romania – 0.04%
  • % of computers infected with at least one malware attack (web-based)
    1. Haiti – 0.48%
    2. Denmark – 1.33%
    3. Ireland – 1.35%
  • % of computers facing at least one local malware attack
    1. Denmark – 2.83%
    2. Sweden – 3.34%
    3. Ireland – 3.49%
  • % of mobile users attacked via web sources
    1. Haiti and Tajikistan – 0.03%
    2. Russia and China – 0.04%
    3. Armenia – 0.05%
  • % of telnet attacks by originating country (IoT)
    1. Haiti, Tajikistan, Algeria, and Qatar – 0.01%
    2. Denmark, Finland, Kuwait, Kyrgyzstan, Oman, Sri Lanka, and Uzbekistan – 0.02%
    3. Azerbaijan and Switzerland – 0.03%
  • % of attacks by cryptominers
    1. Haiti – 0.05%
    2. Denmark and Japan – 0.11%
    3. Germany – 0.12%
  • % of SSH-based attacks by originating country (IoT)
    1. Tajikistan – 0.00%
    2. Haiti and Azerbaijan – 0.01%
    3. Armenia and Kyrgyzstan – 0.02%
  • % of all spam emails by originating country
    1. Haiti – 0.00%
    2. Tajikistan and Oman – 0.01%
    3. Qatar and UAE – 0.02%
  • % Share of countries targeted by malicious mailings
    1. Tajikistan, Norway, and Finland – 0.01%
    2. Haiti and Kyrgyzstan – 0.02%
    3. Georgia – 0.04%
  • % of computers attacked by phishing
    1. Haiti – 1.94%
    2. Denmark – 3.26%
    3. Sweden – 3.35%
  • Global Cybersecurity Index
    1. United Kingdom – 0.931
    2. United States – 0.926
    3. France – 0.918

How have COVID-19-specific attacks impacted countries?

With reports, such as the one from the World Health Organization (WHO), warning people about cybercriminals trying to take advantage of the COVID-19 pandemic, we have also looked at how cyber safety has changed over the year amid the pandemic.

According to the quarterly reports released by Kaspersky, there were a few areas that saw a rise in Q2, tying in with the beginning of the pandemic. The most significant of these were % of attacks by cryptominers, % of mobiles infected with malware, and % of users attacked by mobile banking trojans. Some countries also saw significant spikes where others perhaps didn’t. For example, in India, there was a significant increase in the % of telnet attacks by originating country (IoT) – rising by 54.14 percent (3.14% to 4.84%) from Q1 to Q2 and by 313.02% (4.84% to 19.99%) from Q2 to Q3.

Using Mcafee’s live map of COVID-19-related malicious file detections we also looked at where the majority of files were being detected and whether this made a difference to the overall scores.

Several countries’ scores increased slightly (India, Italy, South Africa, and Ukraine) but those most impacted were Spain and the US. They accounted for over 48% of the overall files detected and, when taking this into account with our score, their rankings drop from 17 to 8 and 31 to 11, respectively.

Improve your cybersecurity with our lists of:

Our methodology: how did we find the countries with the worst cybersecurity?

We considered fifteen criteria, each of which had equal weight in our overall score. These were:

  • The percentage of mobiles infected with malware – software designed to gain unauthorized access to, destroy, or disrupt a device’s system
  • The percentage of users attacked by mobile banking trojans – a malicious program designed to gain access to confidential data processed through or stored on banking systems
  • The percentage of users attacked by mobile ransomware trojans – a malicious program designed to steal sensitive data and lock a user out of their device until they pay a ransom
  • The percentage of users attacked by banking malware (non-mobile) – a malicious program designed to gain access to confidential data processed through or stored on banking systems on a person’s computer
  • The percentage of users attacked by ransomware trojans (non-mobile) – a malicious program designed to steal sensitive data and lock a user out of their computer/account until they pay a ransom
  • The percentage of computers infected with malware (web-based) – software designed to gain unauthorized access to, destroy, or disrupt a computer’s system
  • The percentage of computers facing a least one local malware attack – number of users whose anti-virus software was triggered by a potentially malicious program during the reporting period
  • The percentage of mobile users attacked via web sources – number of users whose anti-virus software was triggered by a potentially malicious web page during the reporting period
  • The percentage of all telnet attacks by originating country (based on the number of unique IP addresses of devices used in the attacks) – a technique used by cybercriminals to get people to download a variety of malware types
  • The percentage of users attacked by cryptominers – software that’s developed to take over a user’s computer and use its resources to mine currency (without the user’s permission)
  • The percentage of SSH-based attacks by originating country (IoT) – a brute force attempt to remove the SSH or secure shell communication tool used between two computers
  • The percentage of spam emails by originating countries – an unsolicited message sent in bulk via email (from the country it was sent from)
  • The percentage share of countries targeted by malicious mailings – an unsolicited message sent in bulk via email (to the country it was sent to)
  • The percentage of computers attacked by phishing attempts – emails that are sent to try and lure the victim into sharing personal data, such as credit card details
  • The best-prepared countries for cyberattacks according to ITU’s Global Cybersecurity Index

The most recent quarterly value available for each country and category was taken unless the values were for yearly data (indicated above).

For each criterion, the country was given a point based on where it ranked between the highest-ranking and lowest-ranking countries. Countries with the least cyber-secure scores were given 100 points, while countries with the most cyber-secure scores were allocated zero points. All of the countries in between these two scores received a score on a percentile basis, depending on where they ranked.

The total score was achieved by averaging each country’s score across the fifteen categories. All of the data used to create this ranking system is the latest available, and we have only included countries where we could cover all of the data points.

Countries added: Bolivia, Georgia, Haiti, Honduras, Israel, Kuwait, Panama, Qatar, and Venezuela.

Countries removed: Bosnia and Herzegovina, Czech Republic, Estonia, Jordan, Lithuania, Moldova, Serbia, Syria, Tanzania, Tunisia, and Turkmenistan.

Data researcher: George Moody

Sources

https://securelist.com/

https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2018-PDF-E.pdf

https://www.mcafee.com/enterprise/en-gb/lp/covid-19-dashboard.html