Compare cybersecurity risks in the United States and another country:
The United States is a country that has a high level of internet users and infrastructure. The U.S ranks high with other countries such as China in connectivity. Due to the high number of internet users, we are susceptible to more sophisticate attacks as we are seen as a wealthy nation. Due to our infrastructure, many Americans have access to the internet and become targets of cyber threats, the main threat I will discuss today is Phishing attacks and how they differ between both the United States, a wealthy country with high infrastructure, and Nigeria, a country with less infrastructure and widespread internet connectivity.
Phishing attacks that occur in the United States are primarily by email. “The United States is targeted the most by phising attacks, suffering 60% of worldwide phishing volumes (RSA, 2014)”. Although most phishing attacks that occur in the United States aren’t serious, there are those that can be. Some phishing tactics attempt to lure an individual by using replicated websites that seem legit, such as a bank website, and will ask for a username and password to see “important information” about their account. Once an individual has fallen for the trap, their credentials are then used to gain access to accounts to either sell online or steal from i.e bank accounts, gaming accounts with credit cards linked to them, delivery apps such as UberEats, and many more. These credentials are known as “credential goods” because its information that could be turned into money. The main focus on this method of Phishing is to portray a legitimate website to convince the user to fill in their credentials, where as 419 scams (also known as advance fee fraud schemes) focus more so on social engineering.
The second most common form of phishing attack is one that is way less sophisticated, this is because it is more revolved around social engineering. Social engineering is the act of convincing the victim that you are a real person looking to do legitimate business. This differs from the phishing tactics the USA faces, which tends to be more sophisticated since it uses an entire duplicate/fraudulent website to lure its victims. This phishing tactic is known as a “419 scam” or “Advance fee fraud schemes”. These attacks are more prevalent in countries that may not have the same infrastructure or resources as other Wealthy countries such as the USA and China. Nigeria is one of the top countries that are notorious for using this form of scams, likely because they do not have the same infrastructure to pull off more sophisticated attacks. These scams involve the attacker portraying themselves as a legitimate person looking to do business, or help as an “IT Servicer” , they lure their victims into giving not credentials, but instead an advance of cash to begin the business. Examples of these types of scams could be along the lines of “spend $500 and get $5000 in bitcoin”, “deposit $400 to get started with our services”. These advances are what the attackers are looking for. This provides a direct link for the attacker to obtain the money, rather than find ways to sell the “credential goods” like traditional phishing scammers do in America. These forms of attacks can be dangerous because since the attacker is using social engineering, they can persuade the victim to meet somewhere physically to also be robbed and/or killed.
As we can see, countries differ in their primary types of cybersecurity threats and risks, however every country is susceptible to all sorts of attacks. Some countries will experience less than others, as well as others will experience more sophisticated attacks. From my readings, a countries infrastructure, wealth, and security complexity will determine what kind of attacks they will face. It is important for countries to understand where they fall in the cluster to determine what they should be cautious of and prioritize.