top of page

Latin America, Africa, & Asia Suffer The Most From Ransomware: Microsoft Security Report

Microsoft’s Security Intelligence report releases data on each nation’s average percentage of ransomware encounters per month from 2017 to January of 2020. An interactive map allows you to click on each country to see its history of ransomware attacks: Security Intelligence Report


Ransomware is a type of malware attack in which threat actors get a hold of a user or an organization’s valuable information, and encrypt it to deny the user or organization access to their private property. The information is only released by hackers (depending on whether they feel like releasing it) if the owner pays a high ransom.

According to Microsoft’s report, countries with the highest percentage of ransomware attacks include those in South America, Africa, and the far east of Asia. Some of the highest percentage of ransomware attacks occurred in India (13%), Pakistan (25%) Venezuela (27%), Mongolia (33%), and Afghanistan with the most attacks (at 99%). The world average for ransomware attacks is marked at 0.04%, putting these other numbers in serious perspective.


From Microsoft’s report, the likely reason why these countries suffer from such high rates of ransomware attacks is because of their lack of basic security hygiene. True, in agreement with Microsoft, if these countries spent more time and money on organizing a better cybersecurity culture with awareness training, they could reduce the amount of ransomware attacks ten-fold.

However, getting a general population to practice security hygiene (update your software, choose strong passwords, employ multi-factor authentication, don’t click on suspicious links, etc.) is a challenge itself that even countries with “sophisticated” security principles are unable to achieve.

To see what is worse about the cybersecurity principles of Latin America, Africa, and the far east, a magnifying glass is needed to look at the deeper economic, educational, political, social, and historical problems of each country. These points can be broken down into an very simple (completely non-extensive) profile of a “ransomware nation”:

  1. Economics & Education

All countries with the highest rate of ransomware encounters have emerging or developing economies, specializing in vast agricultural or industrial sectors and smaller technology sectors. Therefore, there is likely little investment in technology spanning in the IT or Information Security fields.

There are also fewer opportunities to get a job in technology without an education. The education systems of many of these countries are below average on international education rankings, making it difficult to obtain the basic skills needed to become an infosec professional. Most of the population is easier employed to work in factories, restaurants, hotels, (etc.) to make a living to support themselves and their families.

  1. Politics, Social Issues, & History

Many of the countries that have ransomware issues have experienced a history of political turmoil, war, poverty, corruption, and societal issues. It is difficult to focus on security measures when there is an urgency to fix population growth, public health, education, pollution, broken infrastructure, etc. (the list goes on). Governments in these countries simply do not have enough money in their budgets and must choose their own opportunity costs.


In a nutshell, these are the main foundation points for why information security is not a priority in “ransomware countries”, but for a deeper explanation, it is necessary to read about 10 books on the subjects of economics, politics, and societal issues. However, the fact that information security is not a priority in these developing countries is the reason why hackers tend to launch more attacks at higher frequencies than countries with developed security programs.

In your correspondent’s personal opinion, it is therefore time to pay more attention to the security standards in Latin America, Africa, and the far east. Like in risk management, we need to look at the areas that are most vulnerable in order to proscribe the risk treatment that they need. This means investing in basic secure technology and effectively promoting security hygiene to nearly 2 billion people; a daunting task, no doubt. However, these “ransomware countries” contribute much to the world and to the future of our planet. Therefore, it is vital that they be protected as equally as the U.S., the U.K., or the EU.

bottom of page