A team of US security researchers have just put the finishing touches on a two-year report into the vulnerabilities of 44 different countries to cyberattacks.
After poring through 20 billion automatically-generated reports collected from four million machines, the group was able to rank countries of the world on how many machines were attacked and how often these events happen.
The results show Nordic countries like Denmark, Norway, Finland and Sweden at the top of the rankings alongside Japan and Germany, while China, India, Russia, Saudi Arabia and South Korea ranked poorly.
The United States came 11th in the list. Many developing or emerging countries weren't included in the rankings due to lack of data.
"Our goal was to characterize how vulnerable different countries were, identify their current cybersecurity policies and determine how those policies might need to change in response to this new information," said V.S. Subrahmanian, who lead the research.
They gathered the data from machines using Symantec anti-virus software. When users opted-in, reports of attacks were automatically generated.
In the United States, trojans, viruses and worms were the biggest threats, but fake and misleading software was much more prevalent as a problem than in other countries with similar GDPs.
The team concluded that while all countries recognise the international nature of cybersecurity issues and the value of cybersecurity education and R&D, few had a coherent policy to improve things and almost none recognised the need to understand what drives cyber-attacks in the first place.
In its foreword, Isaac Ben-Israel, the chair of Israel's National Cyber Bureau, wrote: "People—even experts—often have gross misconceptions about the relative vulnerability [to cyber attack] of certain countries. The authors of this book succeed in empirically refuting many of those wrong beliefs."