Global distribution of cybercrime

The 2017 Internet Organised Crime Threat Assessment (IOCTA) produced by Europol’s European Cybercrime Centre (EC3) presents some general trends in relation to cybercrime throughout the continents. We explore the findings described in the report.



Oceania accounts for almost 2% of global attacks. The major cyber-threats reported by Australian law enforcement remain data stealing malware and ransomware, and social engineering related frauds, including Business Email Compromise (BEC). BEC frauds appear to target English speaking countries such as Australia more prevalently.



Africa hosts almost 10% of the world’s internet users. The most commonly reported threats were social engineering attacks and cyber fraud. This largely referred to romance scams and phishing, but also IT support scams, CEO (social engineering) fraud, and the sexual extortion of minors. Several countries also reported Africa as the source of various attacks on their critical infrastructure.


The Americas

North America is a key target for financially motivated cybercrime, receiving 37% of the world’s business email compromise (BEC) frauds as well as topping the list for the largest number of data breaches (49% of global data breaches).

The US is the top target for ransomware according to some industry reports that indicate 34% of all ransomware detections occur in the US. The US is also a top target for banking malware.

In addition to financial crime, North America is also one of the regions identified as a primary origin of children featuring in child abuse imagery.

North America hosts a significant proportion of the world’s webservers. Consequently it also hosts almost 50% of the world’s phishing sites, and 39% of global botnet control servers.

South America typically features less in both law enforcement and industry reporting. Some industry reports highlight South America as a source of ATM malware, as well as hosting a significant proportion of global phishing sites.



Asia not only houses over 55% of the world’s population, but over 50% of global internet users. Despite this, it is the focus for a disproportionately small percentage of cyber threats.

Countries in Asia do however feature heavily as victims of cybercrime, with many countries severely affected by mobile and computer malware infections. This is possibly due to the high incidence of pirated software in use in these countries which remains unpatched and therefore vulnerable.



The vast majority of threats affecting the EU were identified by EU law enforcement as coming from within Europe. Of these threats, CEO Fraud, card not present (CNP) fraud, internet-facilitated sexual offences against children, malware, and attacks on critical infrastructure were highlighted.

Europe is also a key target for financially motivated cyber-attacks and frauds. Second only to the US, the UK reports the highest number of BEC frauds (over 9.5%). France and Norway also see a notable proportion of these attacks, each suffering over 2% of global attacks.

Germany, Italy, the Netherlands and UK also account for a small but notable proportion of global ransomware detections (16% combined), and Germany and Russia are identified as key targets for banking malware. The UK suffers the second most data breaches globally after the US, with Germany and Ireland also featuring in a global top 10 list.

Fast, reliable internet infrastructure continues to attract cybercriminals, resulting in Europe hosting some of the top locations for Botnet control servers, namely the Netherlands with 24% of global servers, Germany with 10%, and Russia and the UK with 3% each.

Nyman Gibson Miralis provides expert advice and representation in complex international cybercrime investigations. Our expertise includes dealing with malware, phishing and computer hacking offences, bootlegging and tripping, Bitcoin and crypto-currency fraud, as well as offences relating to identity theft, spreading computer viruses and DDoS attacks.

Contact us if you require assistance.