Damaging cyberattacks on a global scale continue to surface every day. Some nations are better prepared than others to deal with online threats from criminals, terrorists and rogue nations.

 

Data-mining experts from the University of Maryland and Virginia Tech recently co-authored a book that ranked the vulnerability of 44 nations to cyberattacks. Lead author V.S. Subrahmanian discussed this research on March 9 at a panel discussion hosted by the Foundation for Defense of Democracies in Washington, D.C.

The United States ranked 11^th safest, while several Scandinavian countries (Denmark, Norway and Finland) ranked the safest. China, India, Russia, Saudi Arabia and South Korea ranked among the most vulnerable.

“Our goal was to characterize how vulnerable different countries were, identify their current cybersecurity policies and determine how those policies might need to change in response to this new information,” said Subrahmanian, a UMD professor of computer science with an appointment in the University of Maryland Institute for Advanced Computer Studies (UMIACS).

The book’s authors conducted a two-year study that analyzed more than 20 billion automatically generated reports, collected from four million machines per year worldwide. The researchers based their rankings, in part, on the number of machines attacked in a given country and the number of times each machine was attacked.

Machines using Symantec anti-virus software automatically generated these reports, but only when a machine’s user opted in to provide the data.

Trojans, followed by viruses and worms, posed the principal threats to machines in the United States. However, misleading software (i.e., fake anti-virus programs and disk cleanup utilities) is far more prevalent in the U.S. compared with other nations that have a similar gross domestic product. These results suggest that U.S. efforts to reduce cyberthreats should focus on education to recognize and avoid misleading software.

In a foreword to the book, Isaac Ben-Israel, chair of the Israeli Space Agency and former head of that nation’s National Cyber Bureau, wrote: “People — even experts — often have gross misconceptions about the relative vulnerability [to cyberattack] of certain countries. The authors of this book succeed in empirically refuting many of those wrong beliefs.”

The book’s findings include economic and educational data gathered by UMD’s Center for Digital International Government, for which Subrahmanian serves as director. The researchers integrated all of the data to help shape specific policy recommendations for each of the countries studied, including strategic investments in education, research and public-private partnerships.

Subrahmanian’s co-authors on the book are Michael Ovelgönne, a former UMIACS postdoctoral researcher; Tudor Dumitras, an assistant professor of electrical and computer engineering in the Maryland Cybersecurity Center; and B. Aditya Prakash, an assistant professor of computer science at Virginia Tech.

A related research paper on forecasting the spread of malware in 40 countries — containing much of the same data used for the book — was presented at the 9^th ACM International Conference of Web Search and Data Mining in February 2016.

Another paper, accepted for publication in the journal ACM Transactions on Intelligent Systems and Technology, looked at the human aspect of cyberattacks — for example, why some people’s online behavior makes them more vulnerable to malware that masquerades as legitimate software.

• For additional information, see the report summary and presentation.
• The book, “The Global Cyber Vulnerability Report,” V.S. Subrahmanian, Michael Ovelgonne, Tudor Dumitras and B. Aditya Prakash, was published by Springer in December 2015.
• The research paper, “Ensemble Models for Data-Driven Prediction of Malware Infections,” C. Kang, N. Park, B.A. Prakash, E. Serra, and V.S. Subrahmanian, appears in Proceedings of the 9th ACM International Conf. on Web Science and Data Mining (WSDM 2016), San Francisco, February 2016.
• The research paper, “Understanding the Relationship between Human Behavior and Susceptibility to Cyber-Attacks: A Data-Driven Approach,” M. Ovelgönne, T. Dumitras, A. Prakash, V.S. Subrahmanian, and B. Wang, was accepted for publication in ACM Transactions on Intelligent Systems & Technology in February 2016.

This work was supported in part by the Army Research Office (Award No. W911NF1410358) and the Office of Naval Research (Award No. N00014-15-1-2007).