When we talk about malware and cyber attacks, we focus our attention on cybercrime as an unknown and uniform entity. However, the code used to develop computer viruses, the process of how the campaign originated, and the goals they targeted do not go unnoticed by cybersecurity specialists.
While it is true that today, there is cybercrime in virtually every country in the world, there are some countries that have undoubtedly created the main threats.
Knowing them allows us to predict how they will evolve and what we can expect from them. Some of the most wanted hackers by the FBI come from these geographies.
1) Russia – High technology and exceptional creativity to always be one step ahead
The preferred victims of these cybercriminals are in Europe and the US. They have had to adapt to their security measures in these countries. These measures consist primarily of bank credentials and double factor authentication, either through SMS, coordinate cards, etc.
In this sense, to avoid this type of protection measures, cybercriminals manipulate the user to see what they want using Web inject techniques.
The Russian hackers are one of the best-known thanks to the high-impact cyberattacks they usually carry out. Some of the attacks have political motivations more typical of cyberwar than cybercrime itself.
One of the most famous Russian cybercrime groups is APT28.
APT28 has involved in numerous occasions related to cyberattacks as a weapon of war, on which there is a great deal of literature.
Undoubtedly, the fact that they remain at the top of the list for years makes researchers wonder what the keys to this “success.”
One of the most debated is related to the educational system of the country, which since the time of the Soviet Union, promoted studies in science and mathematics and the concern for scientific knowledge.
Today, the same educational system arouses the curiosity of the youngest with subjects closely related to computer science and programming.
Others decide to support specific processes of the cybercriminal value chain by helping in essential matters in exchange for money, sometimes without knowing it.
Be that as it may, young Russians come onto the market with skills and knowledge far ahead of other young people in other countries.
The Brazilian criminals are climbing global rankings for the impact of their actions, making it just as dangerous and relevant as Russian hackers.
Once again, depending on the protection measures that are incorporated into the organizations, the style of the criminals varies. In this sense, banks in Latin America have developed protection systems centered, in addition to credentials, on methods for verifying the identification of the device through which the user connects to their online banking.
This protection philosophy forces cyber-criminals to develop remote access control techniques, such as ARPs, to materialize user theft. Something that the Brazilian criminals have been developing with great success, the last one, CannibalRAT (February 2018), and extending throughout Latin America.
In general terms, Brazilian cybercriminals, who tend to be inspired by the Russians.
Turn to their black market in search of new trends and novelties to steal and are the masters of the rest of cybercriminals in Latin America.
On the other hand, the digital leap in Latin America is relatively recent, but very fast, which forces organizations to develop strategic plans against cybercrime.
Thus, in this sense and general terms, the criminals of this country seek to develop easy formulas to steal and with very little exposure to risk.
3) China – Visionaries and experts in social engineering
The preferred victims of these cybercriminals are mainly in Asia, the Pacific, and Australia. Banks in these geographical areas implemented security measures very similar to those in Europe.
Among the most common thefts is the fact of sending false mass SMS to the victims to get fraudulent transfers.
Paradoxically, one of the most striking elements is that a large part of China’s cyber-criminal infrastructure is outside the country. Possibly very related to the harsh legislation of the country, where communications are intercepted, and intelligence services are very present.
We should not be fooled by the fact that at the beginning of the century, their cyber-attacks were unsophisticated.
This Cyber-attacks vary based on complete malware packages, phishing that could be bought on the black market.
The rapid technological adoption that the Chinese have carried out has also affected their cybercrime.
And year after year became more sophisticated until they were able, for example, to steal millions of dollars thanks to the development of magnificent social engineering tactics.
4) Nigeria – the underdogs of Online Fraud
It is success and poverty that make Nigeria a Mecca for online fraud, according to an analysis in the New York Times.
According to the study, advanced fraud began in the 1980s, when oil prices plummeted, and inflation rates of around 40 percent weakened the purchasing power of many Nigerians.
Fraudsters sent faxes and letters to people in business in the UK and the US, with fake insignia of financial institutions. The very first lure call is said to have been: The crude oil cargo of a cargo ship could be purchased at ridiculously low prices if an advance was paid in return. The oil, of course, did not exist.
Payments were often made, even so usually, that necessity became a virtue, and the fraudsters found many imitators. The oil fraud soon had many variants.
At the end of the 1990s, the Internet came into the cafés, which made it even cheaper for perpetrators to reach even more people. The leading email provider of the time gave them the nickname “Yahoo-Yahoo-Boys.” Today they are an integral part of the Nigerian criminal scene.
Nigeria can’t handle cybercriminals alone. This makes the fight against crime, not only a technical challenge but also a social one.
The Nigerian Cybercrime Act makes net offense explicitly punishable and is supposed to have a deterrent effect, but has only existed since 2015. The police authorities still lack the skills to uncover organized Internet crimes.