Why the world needs a citizens’ cyberattack framework

Most cyberattacks against citizens go unreported and unmeasured. Image: Unsplash
- Most cyberattacks against citizens go unreported and unmeasured, creating a critical gap in our understanding of scale, patterns and impact.
- Attacks against individuals are highly targeted, psychologically driven and span multiple domains, yet are treated as separate problems by industry and policy-makers.
- We need a shared model to map and track these threats, to help us design effective prevention, improve platform accountability, and reduce systemic risk to the digital economy.
When a major brand or piece of critical national infrastructure suffers a cyberattack, it makes national headlines. Governments convene, regulators act and the cybersecurity industry mobilizes. When a single parent is defrauded out of their savings, or a teenager’s intimate images are shared without consent, the response is fractured, slow, and too often, non-existent.
To many, it makes sense to prioritize these large attacks, but there is a bigger picture. Attacks against individuals are happening on a vast scale, and the cumulative impact, especially over the long term, is likely to be catastrophic for society. How are we going to run our economies and public services digitally when there is a loss of trust in interacting online?
Individuals and families are being left behind. In the UK, almost 70% of victims don’t report to the police. Around 98% of those who do report an online crime to the police receive a ‘no further action’ decision; their case is closed without any meaningful action; 87% have their case closed immediately. Reporting is, for most, a dead end.
This picture is seen worldwide. Crime has changed and embraced technology. The criminal justice system and victim support space have not.
The impact is devastating. Victims often report severe impacts to mental health, online confidence, physical health and the ability to live their day-to-day life. For too many, it leads to a loss of life.
A deadly knowledge gap
Around the world, hundreds of millions of individuals are falling victim every year. We have visibility of a tiny fraction of what these attacks are and how they work.
The consequence is a profound measurement failure. Without accurate data on scale, patterns and victim profiles, it is impossible to design effective prevention, allocate resources appropriately, build support services or build policy that reflects the true burden on citizens.
Cyberattacks against individuals are not simply smaller versions of attacks against organizations – they are categorically different. Where corporate attacks exploit technical vulnerabilities, attacks against individuals are overwhelmingly psychological. A vishing call exploits trust. A catfishing campaign manipulates emotional attachment. Intimate image abuse weaponizes shame. These are human problems that require a human-centred response that current cyber frameworks don’t provide.
Artificial intelligence and other technologies are enabling rapid evolution in the tradecraft being used to target individuals. We can’t continue to treat individuals as an afterthought and leave them to respond alone.
Understanding how attacks against individuals unfold remains fragmented across helplines, banks, researchers, law enforcement and platform safety teams – all working in isolation, all generating data that is rarely compared or combined. The result: we cannot identify emerging patterns, cannot tailor advice to different victim profiles, cannot measure whether interventions are working, and cannot reach people with warnings before they are victimized.
A playbook for protecting citizens
To enable a step change in support and outcomes for individuals who fall victim to online crime, we first need to truly understand the threat and to evidence what good responses look like.
Attack frameworks have transformed how the cybersecurity industry understands and defends against adversaries. They provide an open, structured catalogue of attacker tactics and techniques, used globally by enterprises, governments and security vendors. By standardizing how threats are described, detected and mitigated, they have become the foundation of threat-informed defence.
It is time we did the same for individuals.
A strong “citizens’ cyberattack framework” would look at all the ways individuals can come to harm online and look at how different attack types intersect. It would not only codify attack patterns, perpetrator tactics, techniques and procedures, but also outline evidence-based response techniques and map the true impact of these attacks on individuals and their lives.
The framework would be a shared tool that could drive the “security by design” of online platforms and new technologies. It would focus government policy and guide frontline services on how to respond effectively. It would shape relevant public education programmes.
As an industry, if we get this right, not only can we ensure fewer individuals fall victim, but we can also have a positive impact on our ongoing efforts to run our critical systems digitally.
Don't miss any update on this topic
Create a free account and access your personalized content collection with our latest publications and analyses.
License and Republishing
World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.
The views expressed in this article are those of the author alone and not the World Economic Forum.
Stay up to date:
Cybersecurity
Forum Stories newsletter
Bringing you weekly curated insights and analysis on the global issues that matter.
