June 6, 2016 By David Strom 3 min read

It may be difficult to imagine, but emerging cybercrime markets can be just as lucrative an opportunity for cybercriminals as those in the developed world. These remote areas have been slow to get online, but malicious actors have already stepped in to take advantage of the lack of security awareness in these populations.

Where in the World Are the Cybercrime Markets?

In the World Economic Forum’s “Global Risks 2015” report, cyberattacks were ranked alongside unemployment and climate change as one of the top 10 most significant risks worldwide.

“Cybersecurity is a critical issue, and as companies become more global they leave a digital footprint that can make them accessible to anyone from anywhere,” said a 2014–2015 Cushman & Wakefield report on emerging market conditions.

The multinational real estate company ranked more than 40 countries on their relative risk of doing business — not just on cybersecurity — and the emerging markets of African nations such as Libya, Angola and the Democratic Republic of the Congo had the highest risk. The authors see cyberthreats on the rise, particularly as global businesses try to expand into more of the developing world.

That puts all businesses on notice. Just because these events happen in the developing world doesn’t mean they shouldn’t be monitored. To put this in perspective, cybercrime in Brazil results in over $8 billion per year in losses. The country has become the top source and destination for attacks across Central and South America.

In the U.S., we are used to thinking that because we created the internet, we have some primacy on the technology. But in the last few years, there are now more internet users in China than the U.S., and that’s translating into greater numbers of malicious actors.

According to The Guardian, authorities in China recently arrested 15,000 people for alleged cybercrimes, signaling a new offensive to safeguard the internet. Police investigated more than 60,000 websites and increased efforts not only to block content, but also to insist that users register with their actual names and not pseudonyms.

There’s more: Symantec recently reported that attacks against the SWIFT financial network could be traced back to criminals in North Korea. The banking network has dominated the headlines recently with news of costly hacks around the world. This is yet another emerging cybercrime market already having a massive effect on the world.

Security Without Borders

Part of the problem is that many businesses in these emerging markets have limited security awareness, regulations and controls. They also don’t have the security and IT professionals needed to implement and enforce these measures.

Many Indian banks have yet to employ a chief information officer (CIO), let alone significant IT staff to operate security infrastructure or set policies. Without someone to take the lead, cloud computing security policies are practically nonexistent in the country.

In Nigeria, cybersecurity laws are barely a year old, “but many key stakeholders such as the judiciary and law enforcement agencies have yet to come up to speed in understanding and implementing” these laws, said a report from Deloitte. Nigerian IT security consultants are also in short supply, making it harder for businesses to stay on top of attacks and train their own staff properly.

We can be sure that cybercriminals are waiting in the wings to exploit growing technologies — and security-illiterate populations. Even though many of these emerging markets are just getting internet access, the best strategy is still to start with the security basics. For example, a 2015 KPMG report recommended five specific actions, including implementing basic cyber precautions such as regular software patching and restricting data access, enforcing continuous testing for software vulnerabilities, monitoring critical systems and preparing incident response plans.

More from Threat Intelligence

Ongoing ITG05 operations leverage evolving malware arsenal in global campaigns

13 min read - As of March 2024, X-Force is tracking multiple ongoing ITG05 phishing campaigns featuring lure documents crafted to imitate authentic documents of government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents associated with finance, critical infrastructure, executive engagements, cyber security, maritime security, healthcare, business, and defense industrial production. Beginning in November 2023, X-Force observed ITG05…

CVE-2023-20078 technical analysis: Identifying and triggering a command injection vulnerability in Cisco IP phones

7 min read - CVE-2023-20078 catalogs an unauthenticated command injection vulnerability in the web-based management interface of Cisco 6800, 7800, and 8800 Series IP Phones with Multiplatform Firmware installed; however, limited technical analysis is publicly available. This article presents my findings while researching this vulnerability. In the end, the reader should be equipped with the information necessary to understand and trigger this vulnerability.Vulnerability detailsThe following Cisco Security Advisory (Cisco IP Phone 6800, 7800, and 8800 Series Web UI Vulnerabilities - Cisco) details CVE-2023-20078 and…

X-Force data reveals top spam trends, campaigns and senior superlatives in 2023

10 min read - The 2024 IBM X-Force Threat Intelligence Index revealed attackers continued to pivot to evade detection to deliver their malware in 2023. The good news? Security improvements, such as Microsoft blocking macro execution by default starting in 2022 and OneNote embedded files with potentially dangerous extensions by mid-2023, have changed the threat landscape for the better. Improved endpoint detection also likely forced attackers to shift away from other techniques prominent in 2022, such as using disk image files (e.g. ISO) and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today