Abstract:
Are cybercriminals more interested in launching cyberattacks on top GCI countries? The paper advances a model for comparing a countries commitment vs. the interest rate of cybercriminals to launch cyberattacks on the country's cyberinfrastructure. The model measures each countries performance on GCI with the rate and type of monthly attacks in six aspects: vulnerability, network attacks, web threats, ransomware, local infections, and spam. GCI is the Global cybersecurity Index conducted and published by the International Telecommunication Union (ITU) to foster a global culture of cybersecurity. We developed a z-score based method for comparing the relative interest of cybercriminals to orchestrate a type of attack on the cyberinfrastructure of one country compared to other countries. The interest of cybercriminals to launch cyberattacks on a country is calculated from the average relative to other countries. We use the sum of a detected type of attack in-country per month, the mean and standard deviation from similar attacks in other countries. We then use the details to find the z - score. If the z score of a specific type of attack that occurred in a country is above the mean score of all similar attacks that occurred in other countries the same month, that country falls into the red zone. A nation falls into an orange zone if the z score of a specific type of attack in that country is less than the mean score of all similar attacks in other countries in the same month. A country reaches a swarming interest point if more than 75 percentiles of its attacks are
in the red zone. The model does not show the impact of an above or less than average interest on critical infrastructure. Further studies may opt to classify the effect of each type of attack. The model is built and tested using a cyberthreat real-time map from Kaspersky and the 2020 GCA report. Kaspersky1 is a global cybersecurity with deep threat intelligence and security expertise to protect businesses, critical infrastructure, governments, and consumers around the globe and to fight sophisticated and evolving digital threats. Kaspersky technologies protect over 400 million users and 270,000 corporate clients. Measurement over time will provide policymaker insights and questions to understand why it has remained in a zone or switched zones or why some countries remain a zone, and others don't.