301 Cybersecurity and Cybercrime Statistics (Alarming 2023 Numbers)

According to Cybersecurity Ventures, by 2025, the average cost of damages by global cybercrime is predicted to be around $10.5 trillion. Ultimately, this statistic shows how much the digital world can pose significant threats to individuals, businesses, and industries.

However, with enlightenment comes knowledge, and preliminary measures can be taken to avoid getting mixed up in cyber-related activities. This article provides information on 300 updated statistics based on cybercrime and cybersecurity.

These facts cover the growth extent of cybercrime operations, attack tactics, user behavior, efforts of cybersecurity agencies, nationwide approach to the threat, and all preventive measures.

Cybercrime Statistics for 2019-2022

It is essential to keep up with the constantly changing nature of cyberattacks, identify efficient security controls, and develop training strategies to combat the threat landscape effectively.

1. Between March 2021 and February 2022, there was a notable increase in the number of new malware samples, with a stunning 153 million pieces, according to AV-Test. Comparing this to the previous year, which had 145.8 million samples, shows a roughly 5% increase.

(Source: AV-Test)

2. A staggering 93.6% of identified malware in 2019 exhibited polymorphic traits. This presents a big issue for cybersecurity experts because the malware constantly changes its code to evade detection.

(Source: Webroot)

3. Within the same year, 50% of business PCs and 53% of consumer PCs that had previously been attacked faced reinfection. This highlights the importance of taking solid precautions against future attacks and containing initial illnesses.

(Source: Webroot) 

4. A cyberattack on a computer or network is launched every 39 seconds by evil hackers. But according to the Internet Crime Complaint Center’s 2020 report, 465,177 occurrences were registered that year, which works out to around one successful attack every 1.12 seconds.

(Source: University of Maryland)

5. A startling 86.2% of the polled firms reported being impacted by a successful hack. This number highlights the wide-ranging effects and the immediate necessity for effective cybersecurity solutions in various sectors.

(Source: CyberEdge)

6. A staggering 93.9% of all surveyed companies in Colombia claimed to have been penetrated at least once that year.

(Source: CyberEdge)

Ransomware Statistics 2021/2022

Ransomware infection rates significantly increased in 2021, partly due to people relying more on telework and online learning platforms.

7. Ransomware attacks have financial impacts in the United States, with the total cost reaching an estimated $623.7 million by 2021.

(Source: Emsisoft) 

8. The first nine months of 2021 saw 495 million ransomware attacks, representing a 148% increase from the same period in 2020.

(Source: SonicWall)

9. The Cybersecurity and Infrastructure Security Agency reported that in February 2022, ransomware incidents attacked 14 of the 16 crucial sectors of the US infrastructure.

(Source: CISA)

10. Public institutions, including universities, hospitals, and local US municipal administrations, recorded Ransomware attacks in the first half of 2022.

(Source: TechTarget)

11. According to a US government report, the healthcare industry fell victim to cyberattacks, as the number of breaches doubled in the first five months of 2022, different from the same period in 2021.

(Source: TechTarget)

12. Backup repositories saw 88% of ransomware assaults in 2022. 75% of these attempts were successful, showing that the attackers planned their actions.

(Source: Veeam)

13. Around 37,700 ransomware attacks occur worldwide per hour, or about 578 every minute.

(Source: Matthew Woodward)

14. Important cases, including the New Orleans municipal government and the Danish business ISS, paid over $50 million in damages due to ransomware attacks, with the former experiencing losses of over $7 million.

(Sources: SC Magazine, GlobeNewswire)

15. In 2020, 92 ransomware attacks caused an astonishing $21 billion loss for the US healthcare sector.

(Source: Comparitech)

16. Ransomware assaults substantially impacted people, with one in five Americans reporting having been the victim of one.

(Source: The Harris Poll)

17. Ransomware is still a significant danger, but it is now only responsible for about 17% of malware security events, down from 27% in 2020.

(Source: Verizon)

18. The average ransom payment grew to $139,739 in Q3 2021, up 2.3% from the prior quarter, despite ransomware payments falling in Q4 2020.

(Source: Coveware)

19. The average downtime caused by a ransomware attack grew to 22 days in Q3 2021 from 19 days in Q3 2020, further emphasizing the disruptive nature of these attacks.

(Source: Coveware)

20. As the case of shipping company Maersk demonstrates, ransomware attacks can have significant financial repercussions. The NotPetya ransomware outbreak cost the business more than $200 million, underscoring the considerable expenses that companies may incur.

(Source: Forbes)

21. The average global cost to resolve a ransomware attack rose to $1.5 million in 2021, more than double the figure of $761,106 from the previous year. This sharp price increase highlights the mounting financial difficulty of dealing with ransomware occurrences.

(Source: Sophos)

22. India, Austria, and the United States are the nations most likely to be the targets of ransomware attacks. Sophos’ The State of Ransomware 2021 states that 68% of India and 57% of Austria firms have dealt with ransomware incidents.

(Source: Sophos)

23. Another worrying development is the increase in mobile ransomware Trojans. From Q3 2020 to Q3 2021, there was an 11.5% increase in mobile ransomware Trojans, going from 5,522 to 6,157 instances.

(Source: Kaspersky Labs) 

24. According to the percentage of users afflicted, Kazakhstan, Sweden, and Kyrgyzstan top the list of nations plagued by mobile ransomware. This emphasizes the threat’s worldwide scope and the requirement for mobile solid security solutions.

(Source: Kaspersky Labs)

These figures show how widespread and expensive ransomware assaults are on mobile devices and in more established computing settings. The growing financial cost and wide-ranging effects highlight the importance of developing effective cybersecurity measures to safeguard persons and enterprises from these threats.

The issue is made worse by nation-states taking part in ransomware assaults. Investigations have shown that nation-state actors were behind attacks like WannaCry and NotPetya, whose effects persisted past their initial incidence in 2017 and 2020. Interestingly, these attacks had goals besides monetary gain, such as information destruction or diversion creation.

The Global State of the Channel Ransomware Report 2020 from Datto finds that small and medium-sized businesses (SMBs) continue to have serious concerns about ransomware.

Over 200 Managed Service Providers (MSPs), affiliates, and users were surveyed for the research, which offers essential details on the ransomware ecosystem. The following are some noteworthy results:

25. Ransomware was named by MSPs as the most common threat facing SMBs, according to an overwhelming 89% of them.

(Source: Datto)

26. An 8% rise over the prior year was seen in the first half of 2019, when 64% of MSPs reported ransomware attacks against their clients. The research did note a drop from 15% in 2018 to 5% in the percentage of MSPs reporting numerous attacks in a single day.

(Source: Datto)

27. Two out of every five SMBs questioned have experienced a ransomware attack, which is concerning and highlights the demand for proactive steps to reduce these risks.

(Source: Datto)

28. Ransomware attacks are primarily caused by phishing emails, a lack of training, and weak passwords, emphasizing the significance of addressing these flaws in cybersecurity measures.

(Source: Datto)

29. Costs associated with downtime have significantly increased by 75% year over year. This highlights the significant financial impact that ransomware events have on enterprises.

(Source: Datto)

30. It’s interesting to note that the standard cost of downtime is a startling 24 times greater than the average ransom amount. This emphasizes the unintended consequences of ransomware attacks, such as lost productivity, harm to one’s reputation, and potential consumer repercussions.

(Source: Datto)

31. Positively, businesses that have put Business Continuity and Disaster Recovery (BCDR) solutions in place have shown resilience in recovering from ransomware attacks. According to MSPs, three out of four clients using BCDR solutions were able to recover within 24 hours, highlighting the need to have adequate contingency plans in place.

(Source: Datto)

32. Always remember that MSPs are not immune to cyberattacks. 75% of them acknowledged being the subject of ransomware-related assaults regularly.

(Source: Datto)

33. 14.46 million ransomware attacks were prevented in quarter two of 2021 despite a slight rise from Q2 2020, when 14.2 million cyberattacks were stopped.

(Source: Kaspersky)

34. Businesses still choose to pay the ransom despite falling infection rates. 57% of ransomware-affected firms decided to pay the ransom to recover access to their data. Unfortunately, paying for ransom demands makes the criminals continue.

(Source: CyberEdge)

Common Cyberattack Methods

Not all security concerns revolve around ransomware. We will examine additional often-seen assault strategies in the sections that follow.

Cryptojacking and the use of encrypted communication are two of the preferred strategies used by hackers.

Following a sharp fall in the second part of 2019, cryptojacking attacks rebounded in 2020. According to the 2021 SonicWall Cyber Threat Report, there was a 28% increase year over year overall, with all but one quarter showing a notable surge.

Cybercriminals use these assaults to spread software that infects victims’ machines, giving them access to the victims’ computing power, so they can stealthily mine cryptocurrencies like Bitcoin or Monero.

Ransomware may have lost some of its allure due to the falling value of cryptocurrencies, but hackers still find mining for virtual currency very lucrative.

The first quarter 2021 saw a considerable increase in infections, setting a record high compared to prior years, according to the ENISA Threat Landscape 2021 report. 

Notably, there has been an incredible 117% surge in the number of instances of crypto-mining malware.

However, CISOs, CIOs, and IT managers are not only concerned about cryptojacking. Numerous danger vectors continue to present serious difficulties.

35. A startling 650% increase in “next-gen” supply chain attacks over only one year proves that cybercriminals are skilled at surpassing tightened security measures.

(Source: Sonatype)

36. The prominence of malicious papers as an infection vector has not decreased. The continued effectiveness of this strategy is shown by the fact that 38% of phishing emails worldwide use Microsoft Office file types like Word, PowerPoint, and Excel.

(Source: Cisco)

37. Additionally, 37% of all malicious file extensions Cisco identified were in archive files, including attachments like.zip and.jar. Additionally, 14% of the total came via malicious PDF files, highlighting their importance as a formidable threat vector.

(Source: Cisco)

38. With allegations that the RedLine Stealer malware can be purchased for as low as $150 on hacking communities and the Dark Web, it has grown to be a significant menace in the world of cybercrime. In 2022, cybersecurity professionals discovered its existence when it was disseminated through phony Windows 11 upgrades. This trojan poses a severe risk since it gives criminals access to victims’ sensitive personal data, including passwords, credit card numbers, and other important information.

(Source: Cisco)

Cybercriminals are taking advantage of the rise in e-commerce and online shopping in addition to conventional attack vectors. These bad actors are trying to take advantage of weak points in the online purchasing ecosystem as it becomes increasingly common to conduct business online. This covers strategies including phishing assaults, fake websites, and misleading adverts that coerce people into disclosing their financial information or downloading malware.

According to the 2019 Internet Security Threat Report by Symantec, “While attacks on household names make headlines, Symantec’s telemetry shows that it is often small and medium-sized retailers, selling goods ranging from clothing to gardening equipment to medical supplies, that have had form jacking code injected onto their websites. This is a global problem with the potential to affect any business that accepts customer payments online.” 

Cloud-based solutions are being used increasingly, yet cybersecurity professionals still struggle to keep up with the changing security environment. In this context, statistics show specific worrying trends:

39. Using rogue cloud applications is a problem for 93% of businesses. This indicates that enterprises use unlicensed or unregulated cloud applications, potentially introducing security flaws and hazards.

(Source: Imperva)

40. 82% of cloud users have experienced security problems due to misunderstandings about who is responsible for protecting cloud deployments. This emphasizes the necessity of greater transparency and comprehension between cloud users and service providers regarding their security obligations.

(Source: Oracle)

Here are some noteworthy figures that highlight the variety and potency of strategies used by cybercriminals:

41. According to a Gartner global survey, 35% of businesses were the subject of SSL- or TLS-based assaults. These assaults exploit holes in secure communication protocols to access and compromise systems.

(Source: Gartner)

42. Fileless assaults, which operate solely in memory and are intended to elude existing detection techniques, have shown to be very successful. They were used in 77% of successful data breaches in 2018. According to the ENISA Threat Landscape 2020 – Malware research, the prevalence of non-filed assaults significantly increased by 265% in the first quarter of 2019.

(Source: ENISA)

43. Despite a drop in numbers, financial trojans threaten consumers seriously. In 2020, Trickbot overtook Emotet to become the most common financial trojan, taking market share.

(Source: ENISA)

44. According to the 2020 Webroot Threat Report, polymorphic malware, a class of malicious software that may modify its code frequently to avoid detection, accounted for approximately 94% of all malicious programs in 2019. This illustrates how malware variants can adapt and persist in the threat environment.

(Source: Webroot)

45. Attacks on supply chains have increased noticeably in 2022, and their rising frequency is reason for alarm. Cybercriminals are increasingly using these assaults because of their potential to affect numerous victims with a single breach. One notable example is the Kaseya hack, which impacted over 1,500 firms. This development is especially concerning since many businesses are ill-equipped to mitigate such attacks. This vulnerability results from either a lack of cybersecurity precautions or insufficient knowledge of the dangers third-party software vendors pose.

(Source: Reuters)

To effectively combat the growing threat of supply chain assaults, businesses must prioritize enhancing their cybersecurity policies and increasing insight into possible threats from third-party partners. 

Some statistics show that physical methods of cybercrimes are steadily climbing:

46. In 2020, physical activity was engaged in 27% of cybersecurity incidents.

(Source: ENISA)

47. Physical attacks on ATMs came in sixth regarding implementing hostile activities on assets.

(Source: ENISA)

48. Physical attacks comprised the majority of 54% of all data breaches.

(Source: ENISA)

49. 65% of workers admit to acting in ways or making decisions that would jeopardize physical security.

(Source: ENISA)

50. Black box ATM assaults grew by 269% in Europe in the first half of 2020, increasing losses from €1,000 to more than €1 million from the prior year. However, in the first half of 2021, losses fell by 37% to €0.63 million.

(Source: EAST)

88% of firms admit they are worried about insider threats, indicating that internal concerns are rising. But it’s essential to remember that damage done by insiders is frequently unintended. Additionally, the motives behind cyberattacks are changing from purely financial gain to gathering information that may be a springboard for numerous additional attacks.

The quantity and frequency of DDoS attacks are increasing due to the rise of internet-connected unprotected devices. By enlisting these devices in botnets, cybercriminals can execute destructive DDoS attacks that potentially harm their target companies seriously.

The following figures demonstrate the seriousness of this problem:

51. In Q4 2021, the number of DDoS assaults surged by more than 4.5 times compared to last year.

(Source: Kaspersky Labs)

52. DDoS attacks increased by 10% from Q4 2019 to Q4 2020.

(Source: Kaspersky Labs)

53. 71% of firms have encountered DDoS attacks involving extortion or ransom.

(Source: Corero)

54. Findings from the 1H 2021 show a significant rise in multi-vector attacks, which employ 15 or more attack vectors. Multi-vector attacks significantly increased by 116% between 2019 and 2020. Additionally, from 2020 to 2021, these attacks grew by an additional 10%. This growing trend emphasizes how complicated and constantly changing cyber threats are.

(Source: NETSCOUT)

55. The APAC (Asia-Pacific) and EMEA (Europe, Middle East, and Africa) areas saw the most significant growth in multi-vector DDoS attacks. However, such attacks somewhat decreased in the NAMER (North America) region.

(Source: NETSCOUT)

56. According to the data, DDoS attacks had an average duration of 50 minutes in the first half of 2021, an increase of 31% over the same time last year. Netscout further emphasized how the rising frequency of sophisticated, multi-vector attacks influences this trend.

(Source: NETSCOUT)

57. With 43.5% of attacks happening in Q4 2021, the US accounted for most attacks when broken down by nation. During that time, 10% of the attacks occurred in China too.

(Source: Kaspersky Labs)

Phishing Attacks are on Their Highest Run in 3 Years

Phishing assaults have increased significantly in three years as scammers and hackers use more advanced techniques to make convincing emails. These phishing attempts are quite successful and continue to threaten consumers.

Phishing was the most commonly reported crime type to the Internet Crime Complaint Center (IC3) in 2020, with several complaints more than doe the previous year, according to the IC3 Internet Crime Report.

58. The vast scope of phishing activity during the third quarter of 2021 can be seen by APWG’s discovery of over 730,000 unique phishing URLs and noted over 86,000 particular subjects for phishing emails.

(Source: APWG)

59. Over 30% of phishing assaults include keyloggers, a type of malware that logs keystrokes, underscoring their significant role in gathering sensitive data.

(Source: Cofense)

60. The 2019 Symantec Internet Security Threat Report states that spear phishing is the most often used targeted attack vector. This shows that fraudsters frequently utilize customized and individualized phishing strategies to trick their intended targets. (Source: Symantec)

61. Small businesses are at greater risk than larger ones. Small businesses are targeted by malicious emails more frequently than larger businesses.

(Source: Symantec)

62. The fact that mining businesses are more vulnerable to receiving fraudulent emails is stated in the same research, indicating that this sector has a higher volume of targeted attacks.

(Source: Symantec)

63. Webmail and Software-as-a-Service (SaaS) users have emerged as the main targets of phishing attempts, accounting for 29.1% of all attacks, according to recent statistics from APWG’s Phishing Activity Trends Report for Q3 2021. This marks a significant gain compared to the previous quarter’s 8.1%. Furthermore, financial institutions comprised 17.8% of phishing assaults during the same period, making them the second-largest targeted group.

(Source: APWG)

64. Phishing is the second most frequent threat activity in data breaches, ranking just below denial-of-service assaults after a successful intrusion.

(Source: Verizon)

65. Threat Landscape 2020 by ENISA report emphasizes how phishing websites increasingly use HTTPS. 74% of phishing sites used HTTPS in the fourth quarter of 2019, up significantly from 32% in 2016. This shows that hackers use encryption to give their phony websites a more trustworthy appearance.

(Source: ENISA)

66. Another result from the ENISA research is that Microsoft Office documents made up roughly 43% of malicious email attachments in 2019. This shows how frequently attackers utilize this file format to spread malware to users who are not careful.

(Source: ENISA)

67. The data from ENISA also shows that more than 95% of emails that spread malware demand human interaction, such as engaging on links or acknowledging security alerts. This emphasizes the importance of the public’s understanding and vigilance in identifying and stopping phishing attacks.

(Source: ENISA)

68. According to ENISA’s Threat Landscape 2020 research, “payment” appears in 32.5% of all phishing attack email subjects, which is frequent.

(Source: ENISA)

69. About 30% of phishing emails are delivered on Monday, making it the most common day for sending out these communications. This finding might be explained by the fact that people are more likely to be engaged and active with their email accounts at the beginning of the workweek, thereby raising the risk of falling for phishing scams.

(Source: ENISA)

Spammers and email fraudsters frequently use impersonation techniques to increase the potency of their attacks. To trick their victims, these attackers often utilize phony display names. This strategy is preferred above others, like typosquatting or domain spoofing.

Attackers try to convince recipients that the email comes from a reliable and trustworthy source by using misleading display names. This strategy can be particularly effective because many users depend more on display names than email addresses or domains to determine who sent them.

More Phishing Statistics

70. DHL and Microsoft were the two companies impersonated the most frequently in phishing efforts, each accounting for 23% of the cases.

(Source: Checkpoint)

71. Other companies that reached the top 10 list included Apple, Google, LinkedIn, FedEx, Amazon, Roblox, and PayPal. Interestingly, scammers now use fewer previously popular platforms, Facebook and Instagram. 

(Source: Checkpoint)

72. Dropbox and Amazon were the most imitated brands when targeting CEOs. These fraudsters, spammers, and other criminal actors use these brands’ notoriety and recognition to boost their chances of duping executives and carrying out their schemes.

(Source: Abnormal Security)

Spam as a Major Force in Email-induced Cybercrimes

Despite advancing attack tactics, spam continues to be an enduring and long-lasting tool cybercriminals utilize. Its ease and capacity to reach a vast number of prospective victims are what make it appealing. 

In 2020, a common spam tactic comprised phony emails from well-known companies requesting that recipients phone a support number. 

Victims who called were duped into divulging private information, including their entire identity and banking information, by the false support team.

73. The average percentage of spam in email traffic in 2021 was 45.56%, with seasonal variations. June had the highest proportion, 48.03 percent.

(Source: Kaspersky)

74. Spain (9.32%), Russia (6.33%), and Italy (5.78%) were the nations that received malicious emails the most frequently, per the research.

(Source: Kaspersky)

75. The top spam-producing nations were Germany and Russia, which produced 24.77% and 14.12% of spam within the same period.

(Source: Kaspersky)

76. The most common threat utilizing COVID-19 was spam.

(Source: ENISA)

77. Spam emails comprised 65.7% of COVID-19-related threats, while malware comprised 26.8%.

(Source: ENISA)

Cybercrimes Leveraging Mobile Channels

78. Nowadays, mobile is where most cybercrime occurs. Mobile platforms are used for 70% of online fraud.

(Source: TechCabal)

79. The number of fraudulent transactions from mobile apps has increased by 680%.

(Source: TechCabal)

80. Every day, 82 malicious apps are discovered on average.

(Source: TechCabal)

81. Games (21%), Tools and Personalization (20%), and Entertainment and Lifestyle (17%) are the three categories with the most harmful apps.

(Source: Secure-D)

82. In 2020, Secure-D identified nearly 45,000 dangerous apps, 23% accessible through Google Play.

(Source: Secure-D)

83. Over a billion transactions, or a startling 93% of all trades, had to be rejected as fraudulent by Secure-D. There were transactions totaling $1.3 billion.

(Source: Secure-D)

84. Compared to 43 million in 2018, IT identified over 17.8 million compromised devices in 2019.

(Source: Secure-D)

85. Decision-makers in corporate settings know the problem: 60% stated that mobile threats were the most significant risk to their organizations.

(Source: Verizon)

86. Nearly 50% of businesses say they are “very confident” in recognizing a compromised mobile device.

(Source: Verizon)

87. Despite these realizations, 76% of businesses claimed they felt forced to forego mobile security to “get the job done” in 2021.

(Source: Verizon)

88. In 2020, more than 90% of the firms that participated in the survey experienced a mobile device hack with “moderate” or worse effects.

(Source: Verizon)

89. Almost 70% of the hacked firms rated the incident as “major.”

(Source: Verizon)

90. In the first half of 2019, mobile banking malware increased by 50%.

(Source: ENISA)

91. Asacub (44.4%), Svpeng (22.4%), Agent (19.1%), Faketoken (12%), and Hqwar (3.8%) were the most common financial malware during 2019.

(Source: ENISA)

92. Mobile device phishing attempts are happening more frequently. Enterprise mobile phishing encounter rates increased by 331% in North America during the first quarter of 2020, reaching 24.71%.

(Source: Lookout)

Software and Hardware Vulnerabilities

93. In the first half of 2019, mobile banking malware increased by 50%.

(Source: ENISA)

94. Asacub (44.4%), Svpeng (22.4%), Agent (19.1%), Faketoken (12%), and Hqwar (3.8%) were the most common financial malware during 2019.

(Source: ENISA)

95. Mobile device phishing attempts are happening more frequently. Enterprise mobile phishing encounter rates increased by 331% in North America during the first quarter of 2020, reaching 24.71%.

(Source: Lookout)

96. The most challenging security process for enterprises changed in 2020 when “Third-party risk management” overtook “Detection of rogue insiders/insider attacks.”

(Source: Imperva)

97. The most widely used security-management technology of the year is patch management, utilized by 56.7% of businesses and has a 29.1% adoption rate target.

(Source: Imperva)

98. Still, according to the NDIA 2019 Cybersecurity Report, more than 75% of major businesses (those with 500+ people) rely on the pre-installed antivirus software on their computer equipment.

(Source: Imperva)

99. In 2021, Google handed out $8.7 million in bug bounties; since 2015, it has paid out $33.2 million.

(source: Google) 

100. Microsoft paid $13.6 million in bug bounties in a year.

(Source: Microsoft)

101. Facebook also has a bounty program, and in 2020 it paid out almost $2 million in a little under 10 months. Up to this point, the biggest reward was $80,000.

(Source: Facebook)

Increasing Attacks on IoT

102. One honeypot recorded more than 7 billion attacks in 2021.

(Source: F-Secure)

103. Although locations can be faked, the majority of these attacks looked to originate from China, the US, and Ireland.

(Source: F-Secure)

104. IoT devices make up networks in 69% of businesses, more than computers.

(Source: Forrester)

105. Computers are considered to be less risky than IoT devices by 84% of security experts.

(Source: Forrester)

106. IoT security events have affected 67% of businesses.

(Source: Forrester)

107. Only about 21% of security experts believe their security controls are sufficient.

(Source: Forrester)

108. IoT developers are most concerned about security, with 46% ranking it as their top priority (up from 39% in 2020).

(source: Eclipse Foudation)

109. Data encryption (27%) and communication security (43%) are the two IoT security methods that are most frequently employed.

(source: Eclipse Foudation)

110. According to projections from the IoT Security Market Report 2017–2022, spending on IoT security is increasing at a compound annual growth rate of 44% and will reach approximately $4.4 billion by 2022.

(Source: IIoT World)

111. Malware was responsible for most IoT security breaches between 2015 and 2017.

(Source: IIoT World)

112. The most significant IoT security vulnerabilities that need to be resolved are authentication/authorization (32%), data encryption at 14%, slightly toppled by access control (15%), and, as we’ve seen, default passwords are the primary attack vector.

(Source: IIoT World)

113. 57% of IoT devices might be attackable.

(Source: Palo Alto Networks)

114. Only 4% of developers think their IoT security procedures might be made better. 25% think a complete makeover is required.

(Source: Palo Alto Networks)

115. About one in four IT decision-makers adopt micro-segmentation to increase IoT device security.

(Source: Palo Alto Networks)

The Widespread Social Media Attacks and Scams

116. Eight hundred forty-nine million records were exposed due to Facebook security flaws in 2019.

(Source: Comparitech)

117. When it comes to the security of personal data, social media is distrusted by Baby Boomers (96%), Gen Xers (94%), Gen Z (93%), and Millennials (92%).

(Source: Malwarebytes)

118. In the UK, Facebook-related crime increased by 19% in 2019.

(Source: The Commentator)

119. The problem with social media is more serious: According to 59% of respondents to the 2019 RSA Data Privacy & Security Survey, it is immoral for social media companies to customize newsfeeds.

(Source: Outpost 24)

120. According to the 2019 RSA Data Privacy & Security Survey, 67% of UK customers think that recommendations based on past browsing or purchasing behavior are unethical.

(Source: Outpost 24)

121. Regarding newsfeeds, 30 to 40 percent of social media infections originate from contaminated advertisements.

(Source: Bromium)

122. Social media is another tool cybercriminals use to advertise their hacking services: According to Bromium Into The Web of Profit: Social media platforms and the cybercrime industry, between 30 and 40 percent of social media platforms include accounts that offer some sort of hacking operations.

(Source: Bromium)

123. It makes sense that 34% of US people lack faith in social media businesses to protect their personal information.

(Source: Statista)

124. Two hundred twenty thousand people participated in the 500 fraud-related social media groups RSA discovered. 60% of them were Facebook users.

(Source: Commission on Young Lives)

125. Twitter is not the favored method of communication for fraudsters, but WhatsApp is.

(Source: Commission on Young Lives)

126. RSA’s investigation revealed over 15,000 compromised credit cards were exposed on numerous social media networks.

(Source: Commission on Young Lives)

127. This is consistent with carding or carding services being the most common fraud-related terms in group names or searches.

(Source: Commission on Young Lives)

128. According to Bromium Into The Web of Profit: Social media platforms and the cybercrime economy, add-ons or plugins for social media platforms are responsible for at least 20% of social media infections.

(Source: Bromium)

129. Phishing on social media is becoming more prevalent, with 8% of attacks coming from these platforms.

(Source: ENISA)

Global Proneness to Data Breach and Risk

130. Two hundred fifty million records were exposed in one of the first leaks of 2020 (involving Microsoft).

(Source: Comparitech)

131. In 2020, the most significant data breach occurred when CAM4, an adult cam website, let over 10 billion records go.

(Source: Safety Boulevard)

132. Advanced Info Service (AIS) (8.3 billion records) and Keepnet Labs (5 billion records) were also both victims of significant breaches.

(Source: Comparitech)

133. Around 18,000 SolarWinds customers were impacted by another significant breach in 2020, although the consequences have not yet been assessed.

(Source: Reuters)

134. In the US, 56% of businesses have had a data breach.

(Source: Thales)

135. 41% of US organizations had experienced a breach in the past year.

(Source: Thales)

136. California has been the state most frequently affected since 2005, with 5.6 billion records exposed in 1,777 breaches.

(Source: Comparitech)

137. Texas is third with 294 million information in 819 breaches, New York is second with 295 million records in 863 violations, and California is fourth.

(Source: Comparitech)

138. A total of 1,789 data breaches impacting US customers occurred in 2021. This decrease from the 2020 figure is 38%.

(Source: Identity Theft Resource Center)

139. In 2021, only about 300 million people were affected by data breaches, a 66% decrease over 2019.

(Source: Identity Theft Resource Center)

140. 1,613 violations in 2021 were discovered to have been caused, in part, by cyberattacks. These affected roughly 188 million people, an increase of 10% over the 170 million in 2020.

(Source: Identity Theft Resource Center)

141. Phishing accounted for 33% of compromises and was the most frequent type of cyber attack that resulted in breaches.

(Source: Identity Theft Resource Center)

142. This is consistent with the Verizon research, which claims that roughly 40% of harmful activities used social engineering attacks, with phishing, pretexting, and bribery being the most frequent evil deeds.

(Source: Verizon)

143. This is a change compared to prior years when mistakes were the most frequent reason for breaches. 

(Source: Verizon)

144. Despite this, mistakes still happen. The most common mistakes in 2021 were misconfiguration and then misdelivery.

(Source: Verizon)

145. More than 20% of breaches involved the use of stolen credentials.

(Source: Verizon)

146. Another frequent attack type was ransomware, responsible for 22% of breaches, with cyberattacks as their primary cause.

(Source: Identity Theft Resource Center)

147. Web applications were the most common hacking vector, accounting for about 90% of hacking breaches.

(Source: Verizon)

148. An average loss of $3.24 million was incurred due to data breaches brought on by human mistakes and technical flaws.

(Source: ENISA)

149. In 2019, there were fewer point-of-sale and card-skimming breaches, which is assumed to be related to the widespread use of chip-and-pin cards and terminals.

(Source: ENISA)

150. The most frequent types of malware implicated in breaches were ransomware, capture app data malware, and password dumper malware.

(Source: Verizon)

151. Email links were the most common malware vector used in breaches, followed by direct installs and malware downloads.

(Source: Verizon)

152. More than 70% of breaches had monetary motivations. Although it seems like a lot, this decreased from 86% the previous year.

(Source: Verizon)

153. Retail (24%) and banking and insurance (18%) are the industries most frequently hit by data breaches involving payment card information.

(Source: Trustwave)

154. Small firms account for nearly 50% of all breaches, making them significantly more susceptible to being targeted. From the previous year, when they were the victims merely 28% of the time, this is an almost 100% increase.

(Source: Verizon)

155. Most data breaches occur in public enterprises, with healthcare and finance coming in second and third.

(Source: ENISA)

156. Healthcare firms reported 400 data breaches in 2019, a sobering high for the sector.

(Source: ENISA)

157. Over the upcoming year, healthcare breaches are predicted to rise by 10% to 15%.

(Source: ENISA)

158. In a year, 70% of cloud platforms were compromised.

(source: Sophos)

159. Credentials, private information, personal information, financial information, and internal information are the data sets most frequently compromised in breaches.

(Source: Verizon)

160. Emails are exposed in 70% of data breaches.

(Source: ENISA)

161. Personal data may now be purchased on the dark web more efficiently than ever due to the rising frequency of data breaches. For instance, credit card information is worth $12 to $20.

(source: We Live Security)

162. American Express information is more expensive, selling for $35, including the PIN.

(source: We Live Security)

163. For some reason, transfers between $1,000 and 3,000 sell for roughly $156, whereas more enormous transfers (over 3,000) cost an average of $320.

(Source: We Live Security)

164. With an average selling price of $156 per account, Gmail accounts appear lucrative for crooks.

(Source: We Live Security)

165. The majority of breaches are caused by the top actors who are involved in organized crime.

(Source: Verizon)

166. System administrators, end users, and nation-state or state-affiliated actors are additional important participants, but they each only cause about 5% of breaches.

(Source: Verizon)

167. 67% of the expenses associated with data breaches become apparent in the first year after a breach, whereas 22% and 11% of those costs are realized in subsequent years.

(Source: ENISA)

168. The cost of a data breach per employee is higher for smaller businesses than for more prominent companies, at $3,533 and $204, respectively.

(Source: ENISA)

169. Data breaches in the US typically cost $4.24 million.

(Source: IBM)

170. The average loss to businesses from missed business is $1.59 million.

(Source: IBM)

171. The average cost of significant security breaches involving 1–10 million records was $52 million.

(Source: IBM)

172. A breach costs a business around $160 for each stolen record.

(Source: IBM)

173. A data breach must be contained for an average of 287 days. This is a tad longer than the 280 days in 2019.

(Source: IBM)

174. 40% of breaches are not discovered for months or more.

(Source: Verizon)

175. In less than a month, 28% of firms found their most major breach, compared to 72% who took longer.

(Source: EY)

176. 39% of businesses say they can’t stop a virus attack without using files.

(Source: EY)

177. Only 7% of security executives can estimate the cost of security breaches.

(Source: EY)

178. 50% of businesses only dedicate 6–15% of their security budgets to data security.

(Source: Thales)

179. The average sum spent on a breach can be decreased by $2.46 million (54.9%) by having a team capable of responding to incidents available.

(Source: IBM)

180. 36% of corporate efforts include cybersecurity teams in the planning phase.

(Source: EY)

Cybersecurity Impacts on Stock Market Prices

181. Following a breach, equities typically see an immediate reduction in the share price of 0.43%.

(Source: Comparitech)

182. A considerably more gradual increase in share values is one of the long-term benefits. In the three years before the breach, share prices increased by 45.6%, but only by 14.8% in the three years after the compromise.

(Source: Comparitech)

183. On average, it takes 38 days for breached companies to return to their pre-breach performance levels on the NASDAQ, but three years later, they are still doing nearly 40% worse than the index.

(Source: Comparitech)

184. Financial institutions see their share prices fall immediately after a data breach, whereas internet enterprises (e-commerce, social media, etc.) typically incur long-term consequences.

(Source: Comparitech)

185. More minor breaches impact share prices more, whereas more significant breaches show less impact.

(Source: Comparitech)

186. Share prices are significantly negatively affected by breaches requiring credit card and social security numbers more than by breaches involving less sensitive information, including email addresses.

(Source: Comparitech)

The Irony of Users’ Concern Over Statistics More Than Prevention

187. 55% of people fear that criminals may gain access to personal data.

(Source: ENISA)

188. 92% of people know the dangers of using the same password for many online accounts, which increases the likelihood of stolen passwords and credential usage. Nevertheless, 65% still do it.

(Source: LastPass)

189. Of polled users, 66% said they skim end-user license agreements and other permission papers or do not read them.

(Source: Malwarebytes)

190. Only 47% of users know their apps’ access to their devices.

(Source: Malwarebytes)

191. Identity theft that results in financial loss is the top fear for 78% of UK citizens.

(Source: Outpost 24)

192. 93% of respondents to research who were polled said they use security software, and 96% said they worry about their privacy.

(Source: Malwarebytes)

193. According to the RSA Data Privacy & Security Survey 2019, 75% of customers now only reveal some personal information online.

(Source: Outpost 24)

194. According to RSA’s global poll, 36% of respondents worldwide and 45% of US respondents stated that their personal information had been stolen in a data breach over the previous five years.

(Source: Outpost 24)

195. In addition, 58% of respondents from the United States indicated they’d think about avoiding investing in firms that don’t secure personal data.

(Source: Outpost 24)

196. However, there is also some positive news: more than 53% of people use password managers.

(Source: Malwarebytes)

197. One in three workers runs the danger of installing malware on their work laptops.

(Source: Positive Technologies)

198. Penetration testers found that one out of every seven employees conversed with a fake person and shared sensitive information.

(Source: Positive Technologies)

199. One employee out of ten entered account information into a phony authentication form.

(Source: Positive Technologies)

200. Approximately 11 million files are accessible to each employee.

(Source: Varonis)

201. Over 1,000 sensitive files are available for public viewing in about two-thirds of businesses.

(Source: Varonis)

202. According to the 2021 Varonis Financial Services Data Risk study, more than 500 passwords are used in 6 out of 10 businesses.

(Source: Varonis)

General Data Protection Regulation (GDPR) Statistics

On May 25, 2018, GDPR became enforceable, and everyone complied out of fear of penalties and other legal repercussions. Did everything go as planned? Let’s see what the data indicates.

203. Fines of €1.1 billion ($1.2 billion) have been imposed since January 28, 2021.

(Source: DLA Piper)

204. Amazon received the most significant GDPR-related penalties of €746 million ($843 million) from Luxembourg’s data protection supervisory authority (CNPD) in July 2021.

(Source: DLA Piper)

205. The second-largest fine to date (€225 million) was imposed against WhatsApp Ireland Limited in Ireland, and Google in Italy received the third-largest charge (€50 million).

(Source: DLA Piper)

206. With fines of €746 million, Luxembourg leads in total acceptable amount. With penalties totaling 226 million, Ireland comes in second.

(Source: DLA Piper)

207. Companies may be penalized under the EU GDPR up to €20 million or 4% of their yearly revenue, whichever is more significant.

(Source: IT Governance)

208. There were almost 144,000 complaints made in the first year the GDPR was in effect.

(Source: Acceptable Now)

209. In the first year of the GDPR, France’s CNIL received 30% more complaints than the year before.

(Source: Acceptable Now)

210. In that first year, more than 89,000 breach notices were sent.

(source: Acceptable Now)

211. Since the introduction of the GDPR, Germany has reported the most data breaches, with over 106,731. The Netherlands comes in second, and the UK 40,026.

(Source: DLA Piper)

212. As a result of legal action, hefty fines are increasingly being lowered. Examples include a 90% reduction for British Airways and an 80% decrease for Marriott.

(Source: Bank Info Security)

213. With more than two-thirds (69%) of individuals in the EU-27 knowing about the GDPR, it is clear that many people are aware of it.

(Source: FRA)

214. Men are slightly more aware of the GDPR (71%) than women are (67%).

(Source: FRA)

215. Poland has the highest GDPR awareness percentage at 95%.

(Source: FRA)

216. People in each country know their data protection authority to 71%, with Czechs being the most knowledgeable.

(Source: FRA)

217. In the EU-27, 60% of citizens know the right to access personal data kept by public authorities, but only 51% understand that this right extends to private businesses.

(Source: FRA)

Cybercrime Statistics on Cost

When it comes to the financial toll of cybercrime, there’s lots of data to research on. The surprising figures below could help motivate proactive action in terms of cyber defenses.

A study by Atlas VPN found that cybercrime criminals earn $1.5 trillion annually, almost three times more than Walmart’s revenue.

Feeling overwhelmed because of the figures is a natural phenomenon. Despite the yearly development, there are still reasons why cybersecurity strategies should be increased.

The various ways in which cyber criminals gather this massive sum of money range from extensive operations to spray-and-pray attacks; they target lots of victims with high hope of compromising some of them.

Have you ever imagined how they successfully took this huge amount without being caught? This study reveals money laundering alone:

The United Nations Office on Drugs and Crime estimates that 2% to 5% of global GDP is laundered annually, which is $800 billion to $2 trillion.

Money laundering has three stages:

1. Placement:  this is the act of moving the money from the direct association with the crime.
2. Layering: This is distinguishing the trail to foil pursuit
3. Integration: this is making money available to the criminal from legitimate sources.

However, malicious hackers and scammers spend more money investing in assets that will make their plans very effective.

Below are some of the prices Armor Dark Market Report 2020 observed:

• SMS spamming service- (1000 SMS costs $18.99-19.99).
• Ransomware- ($1.99-6.50).
• Unhacked remote desktop protocol services- ($9.99-25 per server).
• Card reader/writer- ($149-990).
• Setup of vendor shop on an underground market- ($5.828-12.791) or (€5.000-10.000).
• Money transfer service- ($1,000 for a $15,000 balance).
• Phones- (iPhone 11 Max Pro- $179) -(iPhone 11 Xs Max-$159).
• Underground market vendor shop setup- (€5,000–10,000).
• Bulletproof hosting (web hosting for content such as fraud, money laundering, and porn)- ($4–19 per month).
• Degree from hacker university- ($125).
• Destroy a target’s business- ($185).

From other reports, criminals pay more for their tools. Hackers are selling critical Zoom zero-day exploits at a costly rate, $500,000 in March 2020. Another report says the price range for zero exploits is from $60,000 for Adobe Reader and up to $2,500,000 for Apple iOS for each zero-day exploit. 

Most tools attackers use are becoming cheaper, and personal data used in attacking is becoming very reasonable too. PayPal account credentials sell for as low as $50.

Statistics About Current and Future Cybersecurity Costs

218. The US lost hundreds of billions to cybercrime, possibly as much as 1% to 4% of GDP annually.

(Source: NIST)

219. In 2021, BEC, cryptocurrency, and ransomware lost about $7 billion, and BEC lost nearly $2.4 billion from out of it.

(Source: ICR) 

220. In 2022, the global cost of crime was estimated to exceed $8 trillion, expected to increase to $11 trillion in 2023.

(Source: Statista)

221. Cybercrime will cost the global economy more than $30 trillion by 2026.

(Source: Statista)

222. There were global damages in 2021 that cost about $6 trillion.

(Source: CS Ventures)

223. Experts forecasted international cybercrime costs to grow by 15% each year for the next five years, reaching about $10.5 trillion annually by 2025, up from $3 trillion in 2015.

(Source: CS Ventures)

224. Cybercrime has affected at least 6.5 million victims, with a total calculation of about $26 billion from 2001 to 2021.

(Source: Getastra)

225. By 2031, global ransomware damage costs will go beyond $265 billion annually.

(Source: Cs Ventures)

226. By 2025, crypto crime will cost the world $30 billion annually.

(Source: Cs Ventures)

227. Cybercrime increased by 600% due to the pandemic in 2019.

(Source: Purplesec)

228. The average cost of a data breach to small businesses can range from $120,000 to $1.24 million.

(Source: Purplesec)

229. Data breach costs increased from $3.86 million to $4.24 million in 2021, the highest average total price in the 17-year history of this report.

(Source: Purplesec)

230. Zero trust security policies saved $1.76 million per breach.

(Source: Purplesec) 

231. From 2020 to 2021, there was a 10% increment in the average total cost of a breach.

(Source: Purplesec)

232. Over 50% of all cyber-attacks are done on SMBs.

(Source: Purplesec)

Cybersecurity Trends on Spending

233. Malware attacks are more likely to compromise and destroy an F-35 fighter jet than missiles. The F-35 is also known as the “Flying Computer” due to its advanced technologies and features like sophisticated data links, a well-set database of threat information, 360-degree camera access, and highly optimized computerized logistics systems.

(source: Interesting Engineering) 

234. The United Kingdom ranks number one in cybercrime victims per internet user in 2023, with a staggering 4,371 victims per million. Following the United Kingdom is the United States with 1,494 victims per million, Canada with 1,319 victims per million, and Australia with 1,235 victims per million.

Furthermore, the report revealed that the average cybercrime per million internet users worldwide is 1,085. This shows that the United Kingdom also has over four times the figure of the global average.

(Source: Surfshark)

235. In 2022, 87.3% of surveyed countries had breach densities lower than the worldwide average, a shocking 50 leaked email accounts per 1,000 internet users. Thus, implying that cybercriminals target some nations more than others.

The report shows Russia exceeds expectations by having almost 17 times more leaked emails than globally. Furthermore, the report showed that 8/10 internet users in Russia had breaches. The next-ranking country was France, with 3/10 internet users having violations.

(Source: Surfshark)

236. So far, In 2023, Russia still ranks the highest number of leaked email accounts within the first quarter of the year. The European country had a staggering 6.6 million spread accounts in the first quarter of 2023. This revealed a 27.4% growth from the 2022 fourth-quarter figures of 5.2 million account breaches.

The United States followed Russia, as over 5.03 million American accounts were hacked during the first quarter of 2023. Also, Taiwan followed with 3.99 million breached accounts, France with 3.16 million breached accounts, and Spain with 3.11 million in 2023 Q1.

(Source: Surfshark)

237. The global spending on cybersecurity accrued from $101.5 billion in 2017 to $169 billion in 2022. This shows a remarkable growth in the industry’s year-over-year expenses on information security. Some notable reasons for this were the growing sophistication of cyberattacks and many cybercrimes.

(Source: Statista)

238. The worldwide healthcare information security market was $14 billion in 2022 and is projected to grow at a CAGR of 18.4% between 2023 to 2030. Also, the projected expenses on cybersecurity in 2023 are $23.2 billion. A report from Grandview Research revealed this. 

(Source: Grandview)

239. The finance sector is projected to rank the number 2 industry to spend the most on cybersecurity in 2023, with more than $20.8 billion. A report from Hello Zai revealed that over 26,000 fintech organizations operated worldwide in 2021, and the global investment was above $210bn. By 2027, the worldwide e-commerce market will be valued at $4tn, an outstanding 50% growth from 2021.

(Source: Hello Zai)

240. Within the First Quarter of 2023, Loaders Ranked as the Number One Type of Malware, with a staggering 7820 uploads. The attack vector secured the leading position in a study by Any.run, followed by trojan, which recorded 7,696 trojan uploads. Trojans are incredibly versatile and can be transmitted through several payloads.

(Source: Any.run)

241. “The State of Cybersecurity in 2023” report showed that over 3.9 million phishing attacks occurred daily. In 2023, the cost of these attacks is rising fast and might reach $2.1 trillion.

(Source: Sophos)

242. The malware families that saw more usage in the First Quarter of 2023 include RedLine, Remcos, njRat, Emotet, and AsyncRAT.

(Source: Sophos)

243. Notably, RedLine ranks highest for two consecutive years. During the first quarter of 2023, there were over 1,895 RedLine uploads, followed by Remcos, njRat, Emotet, and AsynRAT, with 1385, 1096, 982, and 831 uploads, respectively.

(Source: Any.run)

244. Ransomware attacks were the second most popular one in 2023. The cost is estimated to reach $1.7 trillion. These attacks are becoming more complex and familiar, with over 300,000 ransomware attacks in 2023.

(Source: Offshore Technology Focus)

245. Nevada has the highest number of cybercrime victims per 100,000 internet users in the United States. The cybercrime attack rate in the US has variable densities across the various states, with Nevada being the most targeted area in the United States. In Nevada, there were 801 cyberattack victims per 100,000 web users.

(Source: Surfshark)

246. It takes an average of 280 days to detect a data leak. According to a report from ACA International, companies that can detect and contain a data breach within 30 days can save more than $1 million compared to companies that fail to do so within 30 days.

(Source: ACA International)

247. The mean time of 70 days to contain data breaches. IBM’s report on Data Breaches revealed that while it takes about 9 months to detect a data breach, it takes 69 days to prevent these leaks.

(Source: IBM Data Breach)

248. Cyberjackers Looted $3.1 Million From Victims by Tampering with Healthcare Payment Gateways. The FBI released a report warning that cyberhackers were aiming for payment processors. The agency noted that the healthcare portals accrued $3.1 Million From Victims.

(Source: Thessltore)

249. Studies show that the average cost of a breach to SMB ranges from $120,000 to $1.24 million. This figure includes businesses that don’t handle sensitive data and information.

(Source: Prowritersins)

250. Over 50% of all cyberattacks are implemented on Small and Medium Businesses. This is a notable increase from the number of cyberattacks on SMBs in the previous year.

(Source: CNBC)

251. 45% of data breaches happened in the cloud. While nearly half of the cyberattacks occurred in the cloud, companies implementing a hybrid cloud model experienced lower average data breach expenses. The average cost of data breaches in companies with hybrid cloud costs $3.80 million, much lower than private ($4.24 million) and public clouds ($5.02 million).

(Source: IBM)

252. Phishing Kits that Cybercriminals can use for social engineering cost as low as $10. One of the most popular uprising malware methods is Phishing-as-a service (PaaS). It is also cost-effective, ranging about $10 for phishing kits.

(Source: Heimdal)

253. ML and AI will be the two most crucial cybersecurity trends in 2023. These two are becoming more essential in various other sectors worldwide.

(Source: Analytics Vidhya)

254. BEC/EAC Incidents result in Almost $2.4 Billion in Adjusted Losses. Hackers implemented impersonation and compromised legitimate email accounts. The IC3 reported in its Internet Crime Report 2021 that almost 20,000 business email compromise/email account complaints with a hefty price tag of up to $2.4 billion.

(Source: Analytics Vidhya)

255. Internet transaction scams will cost businesses over $343 billion between 2023-2027. While the payment fraud problem increases daily, the industry is projected to be valued at $343 billion between 2023 and 2027.

(Source: Jupiter Research)

256. Expenses on cybercrime only make up 1% of the worldwide GDP. By 2025, the cost of cybercrime is predicted to reach $10.5 trillion, only approximately 1% of the worldwide GDP.

(Source: Sangfor research)

257. The average breach cost savings at companies with a functional incident response team that implemented their plan was $2.66 million more than those who didn’t.

(Source: IBM)

258. Fully implemented zero trust programs saved organizations 43% on data breach expenses. While companies that didn’t integrate zero trust strategies accrued $5.04 million per breach, those that did have a total average of $3.28 million.

(Source: Tera Mind)

259. Even firms that implement Zero Trust still save some cost on data breaches. Interestingly, companies that partially implemented zero trust observed a minimum savings of $66,000 per breach.

(Source: Tera Mind)

260. Data Breach Incidents in the United States cost twice the average global cost. The United States ranks as the country with the highest price of a cyber network breach, costing an average of $9.44.

(Source: IBM)

261. Companies implementing AI and security automation detected and contained 27% more breaches than those that didn’t. Introducing AI and security automation helped these companies be more effective.

(Source: Tera Mind)

Growth Statistics of Cybersecurity Jobs

262. The top three cybersecurity skills are cloud security, threat intelligence, and incident response. These skills are the highest-demand skills that will aid companies to detect and contain cyber threats.

(Source: Cybersecurity Ventures)

263. The more common info security job titles include security engineer, security analyst, and security architect.

(Source: Ongig)

264. 60% of companies will be challenged by cybersecurity skills shortages in 2023. Thus, ⅔ companies struggle to get qualified IT security experts to fill open roles.

(Source: ISC2)

265. In 2023, there were 1.1 million IT security workers in the US. This figure is projected to increase to 1.7 million by 2023.

(Source: Cyberseek)

266. Globally, women only make up 24% of information security workers.

(Source: ISC2)

267. There are currently 663,434 job openings in the United States of America.

(Source: Cyberseek)

268. 81% of companies used third-party firms once in a while for cybersecurity projects in 2023.

(Source: Cyberseek)

269. 49% of companies said that using third-party cybersecurity firms.

(Source: Cyberseek)

270. In 2023, the average income of an information security analyst is $125,000, according to the Bureau of Labor Statistics.

(Source: BLS)

271. In America, the average annual salary of a security engineer is $88,000, whereas their UK counterparts earn £52,500 ($72,000) annually for the same position.

(Source: Cybercrime Magazine)

272. Almost two-thirds of companies believe their security policies are inefficient in safeguarding their firms from attacks. Thus, 60% of firms need new or effective security policies to improve their security teams.

(Source: Ponemon Institute)

273. 90% of companies use managed security service providers (MSSPs) to deploy at least one cybersecurity function.

(Source: Imperva)

274. The number of job openings is predicted to expand by 31% from 2021 to 2031.

(Source: Bureau of Labor Statistics)

275. The demand for info security experts dominates the supply, causing a skill shortage in the vertical.

(Source: (ISC2)

276. The information security sector is a rapidly-growing industry, expected to increase by 11% by 2023, and there are many opportunities for individuals with the required skills and experience.

(Source: Simplilearn)

277. The United States ranks number one as the country with the most cybersecurity professionals in 2023, with approximately 1.1 million infosec workers. It is followed by India (800,000) and China (700,000).

(Source: Cyberseek)

278. The worldwide market value of cybersecurity was worth more than $153.65 billion in 2022.

(Source: Globe Newswire) 

279. Currently, there are over 3.5 million open cybersecurity jobs globally.

(Source: Cybercrime Magazine)

Country Statistics of Cybersecurity Threats and Programs

280. Since their cybersecurity programs are still developing, nations like Mexico, New Zealand, and Iceland fall into the middle of the pack.

(Source: Global Cybersecurity Index)

281. The Vatican, Chad, Libya, Yemen, and many other nations are just starting or creating their information security initiatives simultaneously.

(Source: Global Cybersecurity Index)

282. Colombia was the hardest-hit nation overall in 2020, according to the Imperva 2021 Cyberthreat Defense Report, with 93.9% of those surveyed confirming successful attacks.

(Source: Imperva)

283. African and Asian nations are the most frequently attacked by malware; their citizens are up to five times more likely to experience a malware assault than Americans.

(Source: Avira)

284. The same research states that while there have been 36% fewer incidents in Europe, there have also been 28% more records compromised, “with UK organizations being the most affected in Europe.”

(source: ENISA)

285. Canada paid the most direct costs associated with the breach, while the United States paid the highest indirect fees. According to the ENISA Threat Landscape Report 2018, one compromised record cost $81 in Canada and $152 in the US.

(source: ENISA)

286. According to attack geography, “the US (45,87%), Netherlands (25,74%), Germany (5,33%), and France (4,92%) were the top four source countries for web-based attacks, representing an increase for each country not only compared to Q1 2018 but also compared to 2017.”

(source: ENISA)

287. According to the Federal Office for Information Security, German authorities discovered almost 4 million new malware types in the first half of 2020.

(Source: Federal Office for Information Security)

288. Only 27% of those polled in Germany reported using password managers, and 78% expressed concern that an attacker would simultaneously gain access to all their credentials.

(Source: Federal Office for Information Security)

289. Up from 97% in 2018, 100% of polled decision-makers acknowledged they have some degree of influence over decisions made for the company’s cybersecurity program.

(Source: Telstra)

290. Businesses in the APAC area are interested in threat intelligence systems (56%), analytics for users and entities (57%), and both. According to the 2018 Telstra Security Report, security for IoT and DevOps are top objectives in Europe (55% and 55%, respectively).

(Source: Telstra )

291. Australian respondents say IT and cyber security funding is rising in 2019. The typical annual budget is currently around AUD 900,000.

(Source: ResearchGate)

292. Asia’s two most frequent attack strategies are personnel mistakes and virus/malware outbreaks. It’s interesting to note that phishing attacks and employee mistakes frequently occur in Europe.

(Source: Telstra)

293. Every month, on average, 35,000 dangerous emails were stopped in real-time by automatic antivirus software before they could reach the mailboxes of their intended recipients.

(Source: Telstra)

Statistics Of Top Cybersecurity Threats

294. 75% of consumers anticipate a rise in cyberattacks that steal money or data.

(Source: World Economic Forum)

295. Users’ most significant concern is that their privacy will be compromised by businesses, according to 76% of them.

(Source: World Economic Forum)

296. 76% of customers fear that governments will invade their privacy this year.

(Source: World Economic Forum)

297. By 2025, it is anticipated that ransomware will cost $10.5 trillion annually.

(Source: Cybersecurity Ventures)

298. Since much of the workforce is remote, IT teams will prioritize previously unnoticed vulnerabilities, such as firmware misconfigurations.

(Source: Palo Alto Networks)

299. Attackers will start to exploit 5 G’s vulnerabilities as it is deployed more widely.

(Source: Kaspersky)

300. Targeted ransomware will become more and more common.

(Source: Kaspersky)

301. By 2023, companies that separate or partition their IoT devices will see a 25% reduction in successful intrusions.

(Source: Gartner)

7 Ways to Easily Improve Your Online Privacy and Security

Here are the recommended ways to improve security and prevent online breaches. Taking these measures on time is essential to avoid risks and save costs.

Use Spam Filters and Keep An Active Detective Instinct

Aside from spam filters, use your skill to recognize and prevent phishing attempts—open links and attachments in unauthorized emails and texts with caution. Check for sensitive information on websites that have active HTTPS certificates. Ask the sender specific questions or contact them via alternative channels if you have doubts about an email. Never send or receive private information or passwords by email, instant messaging, or SMS.

Antivirus

Installing or activating antivirus software will safeguard your computer. Choose from a variety of paid and free programs. Using system scans or real-time scanning of active processes and downloads antivirus software checks files for malware. Utilize these techniques to identify and get rid of hazards to stay safe.

Firewall

Use a firewall to shield your computer from unwelcome internet traffic. The majority of routers and operating systems support it. Keep it turned on and be selective about which programs can use the firewall to access the internet.

VPN

A virtual private network routes internet traffic through a predetermined remote server while encrypting. Commercial VPN services cost money and offer two key advantages. First, an encrypted tunnel secures data, guarding against ISP and Wi-Fi hacking. Second, the VPN protects your anonymity by hiding your IP address. Access to geo-restricted content is also made possible.

Secure Browser Extensions

Your browser is the first point of contact when you are at risk of spam, and it must always be guarded. Here are some suggested browser add-ons

1. HTTPS Everywhere: If SSL-encrypted versions of websites are available, they are automatically used.
2. Privacy Badger: Prevents the usage of tracking cookies and other technologies to keep tabs on internet activity.
3. AdBlock Plus: It reduces the danger of malware and phishing attempts by effectively blocking adverts.
4. NoScript or ScriptSafe: Prevents JavaScript from loading automatically, preventing malware infections and possible drive-by download attacks.

Security Updates

Avoid ignoring security updates because they are essential for network and device security. Although they might be unpleasant, not updating your software puts your network and device at risk. Hackers primarily target people who don’t update their software and out-of-date software. For the best protection, give rapid installation of security updates a top priority.

Passwords

Using a password generator for each account, you can generate a different, random password. Password managers do away with the necessity to write or memorize them. Mix capital and lowercase letters, digits, and symbols for randomization. Avoid using passwords that are the same across accounts or personal information that hackers could decipher. Intense password usage significantly improves account security.

How To Report Cybercrimes

It is pertinent to take quick action if you believe you are a victim of cybercrime. These actions should be applied in steps.

1. Compile supporting documentation, including emails, screenshots, and pertinent data.
2. Speak with the local authorities. Inform them of the occurrence and provide them with supporting documentation.
3. Alert cybercrime units. Locate and contact the relevant departments in your nation.
4. Alert your financial institutions. Let your bank or credit card company know if financial implications exist.
5. Report to relevant online platforms or social media websites.
6. Use online reporting portals. Look for tools in your nation specifically for reporting cybercrime.

Reporting cybercrime helps in obtaining justice, locating offenders, and defending others. For specific countries, there are lines or agencies designated to combat cybercrimes.

• USA: FBI, IC3
• UK: ActionFraud, National Crime Agency
• Europe: Europol
• Australia: ACORN
• Canada: Public Safety Canada

Conclusion

The eye-opening facts and statistics on cybercrime and cybersecurity underline the urgent need for robust, preventative security measures. And that requires a collective effort. We can all work together to create a better and more secure cyberspace for people, businesses, and society by remaining informed, implementing standard procedures, and reporting cybercrimes.

FAQs