It may be difficult to imagine, but emerging cybercrime markets can be just as lucrative an opportunity for cybercriminals as those in the developed world. These remote areas have been slow to get online, but malicious actors have already stepped in to take advantage of the lack of security awareness in these populations.
Where in the World Are the Cybercrime Markets?
In the World Economic Forum’s “Global Risks 2015” report, cyberattacks were ranked alongside unemployment and climate change as one of the top 10 most significant risks worldwide.
“Cybersecurity is a critical issue, and as companies become more global they leave a digital footprint that can make them accessible to anyone from anywhere,” said a 2014–2015 Cushman & Wakefield report on emerging market conditions.
The multinational real estate company ranked more than 40 countries on their relative risk of doing business — not just on cybersecurity — and the emerging markets of African nations such as Libya, Angola and the Democratic Republic of the Congo had the highest risk. The authors see cyberthreats on the rise, particularly as global businesses try to expand into more of the developing world.
That puts all businesses on notice. Just because these events happen in the developing world doesn’t mean they shouldn’t be monitored. To put this in perspective, cybercrime in Brazil results in over $8 billion per year in losses. The country has become the top source and destination for attacks across Central and South America.
In the U.S., we are used to thinking that because we created the internet, we have some primacy on the technology. But in the last few years, there are now more internet users in China than the U.S., and that’s translating into greater numbers of malicious actors.
According to The Guardian, authorities in China recently arrested 15,000 people for alleged cybercrimes, signaling a new offensive to safeguard the internet. Police investigated more than 60,000 websites and increased efforts not only to block content, but also to insist that users register with their actual names and not pseudonyms.
There’s more: Symantec recently reported that attacks against the SWIFT financial network could be traced back to criminals in North Korea. The banking network has dominated the headlines recently with news of costly hacks around the world. This is yet another emerging cybercrime market already having a massive effect on the world.
Security Without Borders
Part of the problem is that many businesses in these emerging markets have limited security awareness, regulations and controls. They also don’t have the security and IT professionals needed to implement and enforce these measures.
Many Indian banks have yet to employ a chief information officer (CIO), let alone significant IT staff to operate security infrastructure or set policies. Without someone to take the lead, cloud computing security policies are practically nonexistent in the country.
In Nigeria, cybersecurity laws are barely a year old, “but many key stakeholders such as the judiciary and law enforcement agencies have yet to come up to speed in understanding and implementing” these laws, said a report from Deloitte. Nigerian IT security consultants are also in short supply, making it harder for businesses to stay on top of attacks and train their own staff properly.
We can be sure that cybercriminals are waiting in the wings to exploit growing technologies — and security-illiterate populations. Even though many of these emerging markets are just getting internet access, the best strategy is still to start with the security basics. For example, a 2015 KPMG report recommended five specific actions, including implementing basic cyber precautions such as regular software patching and restricting data access, enforcing continuous testing for software vulnerabilities, monitoring critical systems and preparing incident response plans.