Home > News > 2023 Key Cybersecurity Cyber Crime Statistics 馃寪馃敀

2023 Key Cybersecurity Cyber Crime Statistics 馃寪馃敀

dall路e 2024 05 14 14.51.54 create a feature image for the article titled cybersecurity cyber crime statistics. visualize a digital environment filled with graphs charts an

Overview: Trends and Insights

As the digital world continues to grow, so do the risks associated with it. Cybercrime is on the rise, and according to Cybersecurity Ventures, damages caused by global cybercrime are predicted to reach $10.5 trillion by 2025. This staggering statistic highlights the need for increased awareness and preventative measures to protect individuals, businesses, and industries from falling victim to cyber-related activities.

To help combat this growing threat, this article provides updated statistics on cybercrime and cybersecurity. These statistics cover a wide range of topics, including the extent of cybercrime operations, attack tactics, user behavior, efforts of cybersecurity agencies, nationwide approaches to the threat, and preventative measures. By understanding the scope and nature of cybercrime, individuals and organizations can take proactive steps to safeguard themselves against potential cyber threats.

Key Takeaways

  • The predicted cost of damages caused by global cybercrime is $10.5 trillion by 2025.
  • Updated statistics on cybercrime and cybersecurity provide valuable insights into the extent of cyber threats and preventative measures.
  • Increased awareness and proactive measures can help protect individuals, businesses, and industries from falling victim to cyber-related activities.

Cybercrime Statistics for 2019-2022

dall路e 2024 05 14 14.53.14 create a feature image for the article titled cybercrime statistics. visualize a high tech digital environment filled with various types of cybercri
image 漏 2024. all rights reserved.

Cybercrime is a growing threat that requires constant vigilance and effective countermeasures. Here are some notable cybersecurity statistics from 2019-2022:

  1. The number of new malware samples increased by approximately 5% between March 2021 and February 2022, with a total of 153 million pieces identified during that period. This is a significant increase compared to the previous year, which had 145.8 million samples. (Source: AV-Test)

  2. In 2019, a staggering 93.6% of identified malware exhibited polymorphic traits, constantly changing its code to evade detection. This presents a significant challenge for cybersecurity experts. (Source: Webroot)

  3. In the same year, 50% of business PCs and 53% of consumer PCs that had previously been attacked faced reinfection. This highlights the importance of taking solid precautions against future attacks and containing initial illnesses. (Source: Webroot)

  4. According to the Internet Crime Complaint Center鈥檚 2020 report, there was an average of one successful cyberattack every 1.12 seconds, with a total of 465,177 occurrences registered that year. This underscores the need for effective cybersecurity solutions. (Source: University of Maryland)

  5. A survey conducted by CyberEdge found that a staggering 86.2% of polled firms reported being impacted by a successful hack, highlighting the broad impact of cybercrime across various sectors. (Source: CyberEdge)

  6. In Colombia, 93.9% of all surveyed companies claimed to have been penetrated at least once in 2019, underscoring the urgent need for effective cybersecurity measures. (Source: CyberEdge)

These statistics reveal the growing threat of cybercrime and highlight the need for effective countermeasures. Cybersecurity experts must remain vigilant and continue to develop innovative strategies to combat the evolving threat landscape.

Ransomware Statistics 2021/2022

dall路e 2024 05 14 16.32.25 create a feature image for the article titled ransomware statistics. visualize a high tech digital environment filled with various ransomware attack
image 漏 2024. all rights reserved.

Ransomware attacks have become increasingly prevalent in 2021 and 2022, with a significant increase in the number of attacks compared to previous years. The rise in remote work and online learning platforms has contributed to the increase in ransomware infections. These attacks have had severe financial consequences, with the total cost of ransomware attacks in the United States reaching an estimated $623.7 million by 2021.

According to SonicWall, the first nine months of 2021 saw 495 million ransomware attacks, representing a 148% increase from the same period in 2020. The Cybersecurity and Infrastructure Security Agency reported that in February 2022, ransomware incidents attacked 14 of the 16 crucial sectors of the US infrastructure. Public institutions, including universities, hospitals, and local US municipal administrations, recorded ransomware attacks in the first half of 2022.

The healthcare industry fell victim to cyberattacks, as the number of breaches doubled in the first five months of 2022, different from the same period in 2021. Backup repositories saw 88% of ransomware assaults in 2022. 75% of these attempts were successful, showing that the attackers planned their actions.

According to Matthew Woodward, around 37,700 ransomware attacks occur worldwide per hour, or about 578 every minute. Important cases, including the New Orleans municipal government and the Danish business ISS, paid over $50 million in damages due to ransomware attacks, with the former experiencing losses of over $7 million.

In 2020, 92 ransomware attacks caused an astonishing $21 billion loss for the US healthcare sector. Ransomware assaults substantially impacted people, with one in five Americans reporting having been the victim of one. Ransomware is still a significant danger, but it is now only responsible for about 17% of malware security events, down from 27% in 2020.

The average ransom payment grew to $139,739 in Q3 2021, up 2.3% from the prior quarter, despite ransomware payments falling in Q4 2020. The average downtime caused by a ransomware attack grew to 22 days in Q3 2021 from 19 days in Q3 2020, further emphasizing the disruptive nature of these attacks.

As the case of shipping company Maersk demonstrates, ransomware attacks can have significant financial repercussions. The NotPetya ransomware outbreak cost the business more than $200 million, underscoring the considerable expenses that companies may incur. The average global cost to resolve a ransomware attack rose to $1.5 million in 2021, more than double the figure of $761,106 from the previous year. This sharp price increase highlights the mounting financial difficulty of dealing with ransomware occurrences.

India, Austria, and the United States are the nations most likely to be the targets of ransomware attacks. Sophos鈥 The State of Ransomware 2021 states that 68% of India and 57% of Austria firms have dealt with ransomware incidents. Another worrying development is the increase in mobile ransomware Trojans. From Q3 2020 to Q3 2021, there was an 11.5% increase in mobile ransomware Trojans, going from 5,522 to 6,157 instances.

According to the percentage of users afflicted, Kazakhstan, Sweden, and Kyrgyzstan top the list of nations plagued by mobile ransomware. This emphasizes the threat鈥檚 worldwide scope and the requirement for mobile solid security solutions.

Small and medium-sized businesses (SMBs) continue to have serious concerns about ransomware. Ransomware was named by MSPs as the most common threat facing SMBs, according to an overwhelming 89% of them. An 8% rise over the prior year was seen in the first half of 2019, when 64% of MSPs reported ransomware attacks against their clients. Two out of every five SMBs questioned have experienced a ransomware attack, which is concerning and highlights the demand for proactive steps to reduce these risks.

Ransomware attacks are primarily caused by phishing emails, a lack of training, and weak passwords, emphasizing the significance of addressing these flaws in cybersecurity measures. Costs associated with downtime have significantly increased by 75% year over year. This highlights the significant financial impact that ransomware events have on enterprises.

It鈥檚 interesting to note that the standard cost of downtime is a startling 24 times greater than the average ransom amount. This emphasizes the unintended consequences of ransomware attacks, such as lost productivity, harm to one鈥檚 reputation, and potential consumer repercussions. Businesses that have put Business Continuity and Disaster Recovery (BCDR) solutions in place have shown resilience in recovering from ransomware attacks. According to MSPs, three out of four clients using BCDR solutions were

Common Cyberattack Methods

dall路e 2024 05 14 16.38.04 create a feature image for the article titled common cyberattack methods. visualize a high tech security command center filled with digital screens
image 漏 2024. all rights reserved.

Cybercriminals use various methods to launch attacks on individuals and organizations. These methods include social engineering, vulnerability exploitation, hacking, distributed denial of service (DDoS) attacks, and the use of bots. In this section, we will examine some of the most common cyberattack methods.


Cryptojacking is a type of cyberattack where hackers use victims' machines to mine cryptocurrencies like Bitcoin or Monero. They do this by infecting the victims' machines with software that runs in the background, using the victims' computing power to mine cryptocurrencies without their knowledge.

According to the 2021 SonicWall Cyber Threat Report, there was a 28% increase in cryptojacking attacks year over year. Notably, there has been an incredible 117% surge in the number of instances of crypto-mining malware.

Supply Chain Attacks

Supply chain attacks are becoming increasingly common, with a 650% increase in 鈥渘ext-gen鈥 supply chain attacks over only one year. Cybercriminals are skilled at surpassing tightened security measures, making it difficult for organizations to protect themselves.

Malicious Files

Malicious files are still a serious threat vector. According to Cisco, 38% of phishing emails worldwide use Microsoft Office file types like Word, PowerPoint, and Excel. Additionally, 37% of all malicious file extensions identified by Cisco were in archive files, including attachments like .zip and .jar. Furthermore, 14% of the total came via malicious PDF files, highlighting their importance as a formidable threat vector.

RedLine Stealer Malware

The RedLine Stealer malware can be purchased for as low as $150 on hacking communities and the Dark Web. This trojan poses a severe risk since it gives criminals access to victims鈥 sensitive personal data, including passwords, credit card numbers, and other important information.

E-commerce and Online Shopping Attacks

Cybercriminals are taking advantage of the rise in e-commerce and online shopping in addition to conventional attack vectors. These bad actors are trying to take advantage of weak points in the online purchasing ecosystem as it becomes increasingly common to conduct business online. This covers strategies including phishing assaults, fake websites, and misleading adverts that coerce people into disclosing their financial information or downloading malware.

Rogue Cloud Applications

Using rogue cloud applications is a problem for 93% of businesses. This indicates that enterprises use unlicensed or unregulated cloud applications, potentially introducing security flaws and hazards. Furthermore, 82% of cloud users have experienced security problems due to misunderstandings about who is responsible for protecting cloud deployments.

SSL- or TLS-based Attacks

According to a Gartner global survey, 35% of businesses were the subject of SSL- or TLS-based assaults. These assaults exploit holes in secure communication protocols to access and compromise systems.

Fileless Attacks

Fileless assaults, which operate solely in memory and are intended to elude existing detection techniques, have shown to be very successful. They were used in 77% of successful data breaches in 2018. According to the ENISA Threat Landscape 2020 鈥 Malware research, the prevalence of non-filed assaults significantly increased by 265% in the first quarter of 2019.

Financial Trojans

Despite a drop in numbers, financial trojans threaten consumers seriously. In 2020, Trickbot overtook Emotet to become the most common financial trojan, taking market share.

Polymorphic Malware

Polymorphic malware, a class of malicious software that may modify its code frequently to avoid detection, accounted for approximately 94% of all malicious programs in 2019. This illustrates how malware variants can adapt and persist in the threat environment.

Supply Chain Attacks

Attacks on supply chains have increased noticeably in 2022, and their rising frequency is reason for alarm. Cybercriminals are increasingly using these assaults because of their potential to affect numerous victims with a single breach. This development is especially concerning since many businesses are ill-equipped to mitigate such attacks.

Physical Attacks

Physical attacks are steadily climbing, with 27% of cybersecurity incidents in 2020 being physical in nature. Physical attacks on ATMs came in sixth regarding implementing hostile activities on assets, and they comprised the majority of 54% of all data breaches. Additionally, 65% of workers admit to acting in ways or making decisions that would jeopardize physical security.

DDoS Attacks

The quantity and frequency of DDoS attacks are increasing due to the rise of internet-connected unprotected devices. By enlisting these devices in botnets, cybercriminals can execute destructive DDoS attacks that potentially harm their target companies seriously. In Q4 2021, the number of DDoS assaults surged by more than 4.5 times compared to last year.

Phishing Attacks are on Their Highest Run in 3 Years

dall路e 2024 05 14 16.39.47 create a feature image for the article titled phishing attacks are on their highest run. visualize a digital ocean or river filled with various phis
image 漏 2024. all rights reserved.

Phishing attacks have been on the rise in recent years, with scammers and hackers using more advanced techniques to make convincing emails. These phishing attempts are quite successful and continue to threaten consumers.

According to the Internet Crime Complaint Center (IC3) Internet Crime Report, phishing was the most commonly reported crime type in 2020, with several more complaints than the previous year.

The vast scope of phishing activity during the third quarter of 2021 can be seen by APWG's discovery of over 730,000 unique phishing URLs and noted over 86,000 particular subjects for phishing emails.

Over 30% of phishing assaults include keyloggers, a type of malware that logs keystrokes, underscoring their significant role in gathering sensitive data.

The 2019 Symantec Internet Security Threat Report states that spear phishing is the most often used targeted attack vector, indicating that fraudsters frequently utilize customized and individualized phishing strategies to trick their intended targets.

Small businesses are targeted by malicious emails more frequently than larger businesses, and mining businesses are more vulnerable to receiving fraudulent emails, according to the same research, indicating that this sector has a higher volume of targeted attacks.

Webmail and Software-as-a-Service (SaaS) users have emerged as the main targets of phishing attempts, accounting for 29.1% of all attacks, according to recent statistics from APWG's Phishing Activity Trends Report for Q3 2021. This marks a significant gain compared to the previous quarter's 8.1%. Furthermore, financial institutions comprised 17.8% of phishing assaults during the same period, making them the second-largest targeted group.

Phishing is the second most frequent threat activity in data breaches, ranking just below denial-of-service assaults after a successful intrusion.

Threat Landscape 2020 by ENISA report emphasizes how phishing websites increasingly use HTTPS. 74% of phishing sites used HTTPS in the fourth quarter of 2019, up significantly from 32% in 2016. This shows that hackers use encryption to give their phony websites a more trustworthy appearance.

Another result from the ENISA research is that Microsoft Office documents made up roughly 43% of malicious email attachments in 2019. This shows how frequently attackers utilize this file format to spread malware to users who are not careful.

The data from ENISA also shows that more than 95% of emails that spread malware demand human interaction, such as engaging on links or acknowledging security alerts. This emphasizes the importance of the public's understanding and vigilance in identifying and stopping phishing attacks.

According to ENISA's Threat Landscape 2020 research, “payment” appears in 32.5% of all phishing attack email subjects, which is frequent.

About 30% of phishing emails are delivered on Monday, making it the most common day for sending out these communications. This finding might be explained by the fact that people are more likely to be engaged and active with their email accounts at the beginning of the workweek, thereby raising the risk of falling for phishing scams.

Spammers and email fraudsters frequently use impersonation techniques to increase the potency of their attacks. To trick their victims, these attackers often utilize phony display names. This strategy is preferred above others, like typosquatting or domain spoofing.

Attackers try to convince recipients that the email comes from a reliable and trustworthy source by using misleading display names. This strategy can be particularly effective because many users depend more on display names than email addresses or domains to determine who sent them.

More Phishing Statistics

Spam as a Major Force in Email-induced Cybercrimes

  • The average percentage of spam in email traffic in 2021 was 45.56%, with the highest proportion in June at 48.03% (Kaspersky).
  • Spain, Russia, and Italy were the nations that received malicious emails the most frequently, with Germany and Russia being the top spam-producing nations (Kaspersky).
  • Spam emails comprised 65.7% of COVID-19-related threats, while malware comprised 26.8% (ENISA).

Cybercrimes Leveraging Mobile Channels

  • Mobile platforms are used for 70% of online fraud, with a 680% increase in fraudulent transactions from mobile apps (TechCabal).
  • Over a billion transactions, or a startling 93% of all trades, had to be rejected as fraudulent by Secure-D, with transactions totaling $1.3 billion (Secure-D).
  • Mobile device phishing attempts are happening more frequently, with enterprise mobile phishing encounter rates increasing by 331% in North America during the first quarter of 2020, reaching 24.71% (Lookout).

Software and Hardware Vulnerabilities

  • In 2021, Google handed out $8.7 million in bug bounties; since 2015, it has paid out $33.2 million, while Microsoft paid $13.6 million in bug bounties in a year (Google) (Microsoft).
  • The most challenging security process for enterprises changed in 2020 when 鈥淭hird-party risk management鈥 overtook 鈥淒etection of rogue insiders/insider attacks鈥 (Imperva).
  • According to the NDIA 2019 Cybersecurity Report, more than 75% of major businesses rely on the pre-installed antivirus software on their computer equipment (Imperva).

Increasing Attacks on IoT

  • IoT devices make up networks in 69% of businesses, and only about 21% of security experts believe their security controls are sufficient (Forrester).
  • According to projections from the IoT Security Market Report 2017鈥2022, spending on IoT security is increasing at a compound annual growth rate of 44% and will reach approximately $4.4 billion by 2022 (IIoT World).
  • Malware was responsible for most IoT security breaches between 2015 and 2017, and the most significant IoT security vulnerabilities that need to be resolved are authentication/authorization, access control, and default passwords (IIoT World).

Global Proneness to Data Breach and Risk

dall路e 2024 05 14 16.41.05 create a feature image for the article titled global proneness to data breach and risk. visualize a world map with various regions highlighted in di
image 漏 2024. all rights reserved.

Data breaches have become a common occurrence in the modern world, with various companies and organizations falling victim to cyberattacks. The consequences of these breaches can be severe, leading to financial losses, reputational damage, and legal repercussions. This section will explore some of the statistics related to global proneness to data breaches and risk.

According to Thales, 56% of businesses in the US have experienced a data breach. Additionally, 41% of US organizations have experienced a breach in the past year. California has been the state most frequently affected since 2005, with 5.6 billion records exposed in 1,777 breaches. Texas is third with 294 million information in 819 breaches, New York is second with 295 million records in 863 violations, and California is fourth.

In 2020, around 18,000 SolarWinds customers were impacted by a significant breach, although the consequences have not yet been assessed. Moreover, Advanced Info Service (AIS) (8.3 billion records) and Keepnet Labs (5 billion records) were also victims of significant breaches. The most significant data breach of 2020 occurred when CAM4, an adult cam website, let over 10 billion records go. In one of the first leaks of 2020, 250 million records were exposed, involving Microsoft.

The number of data breaches impacting US customers decreased by 38% to 1,789 in 2021, compared to the previous year Identity Theft Resource Center. However, about 300 million people were still affected by data breaches in 2021, which was a 66% decrease over 2019. The majority of breaches were caused by the top actors who were involved in organized crime, while system administrators, end-users, and nation-state or state-affiliated actors each caused about 5% of breaches.

Phishing accounted for 33% of compromises and was the most frequent type of cyber attack that resulted in breaches Identity Theft Resource Center. Web applications were the most common hacking vector, accounting for about 90% of hacking breaches. Ransomware was responsible for 22% of breaches, with cyberattacks as their primary cause. More than 20% of breaches involved the use of stolen credentials. The most common mistakes in 2021 were misconfiguration and then misdelivery.

The cost of a data breach per employee is higher for smaller businesses than for more prominent companies, at $3,533 and $204, respectively ENISA. Data breaches in the US typically cost $4.24 million, and an average loss of $3.24 million was incurred due to data breaches brought on by human mistakes and technical flaws ENISA. The average loss to businesses from missed business is $1.59 million.

In conclusion, data breaches pose a significant risk to businesses and individuals alike. Cyber attackers use various techniques such as phishing, ransomware, and stolen credentials to exploit vulnerabilities in web applications and misconfigured systems. The consequences of data breaches can be severe, leading to financial losses, reputational damage, and legal repercussions. Therefore, it is essential to take proactive measures to prevent data breaches, such as implementing robust security measures and training employees on cybersecurity best practices.

Cybersecurity Impacts on Stock Market Prices

dall路e 2024 05 14 16.42.56 create a feature image for the article titled cybersecurity impacts on stock market prices. visualize a digital environment with a graph displaying
image 漏 2024. all rights reserved.

The Irony of Users鈥 Concern Over Statistics More Than Prevention

According to a study by ENISA, 55% of people fear that criminals may gain access to their personal data [^187]. Similarly, a report by Outpost 24 found that identity theft resulting in financial loss is the top fear for 78% of UK citizens [^191]. Despite this, according to LastPass, 65% of people still use the same password for many online accounts, which increases the likelihood of stolen passwords and credential usage [^188].

Malwarebytes found that 66% of polled users said they skim end-user license agreements and other permission papers or do not read them, and only 47% of users know their apps鈥 access to their devices [^189][^190]. However, more than 53% of people use password managers, which is a positive sign [^196].

The impact of cybersecurity breaches on stock market prices can be significant. Comparitech found that following a breach, equities typically see an immediate reduction in the share price of 0.43% [^181]. A considerably more gradual increase in share values is one of the long-term benefits. In the three years before the breach, share prices increased by 45.6%, but only by 14.8% in the three years after the compromise [^182].

Financial institutions see their share prices fall immediately after a data breach, whereas internet enterprises (e-commerce, social media, etc.) typically incur long-term consequences [^184]. More minor breaches impact share prices more, whereas more significant breaches show less impact [^185]. Share prices are significantly negatively affected by breaches requiring credit card and social security numbers more than by breaches involving less sensitive information, including email addresses [^186].

The COVID-19 pandemic has also had an impact on cybersecurity and the stock market. With the rise of remote work, companies have had to adjust to new cybersecurity threats. A study by Positive Technologies found that one in three workers runs the danger of installing malware on their work laptops [^197]. Penetration testers found that one out of every seven employees conversed with a fake person and shared sensitive information, and one employee out of ten entered account information into a phony authentication form [^198][^199].

In addition, the pandemic has led to an increase in cyberattacks targeting remote workers. According to a report by Varonis, over 11 million files are accessible to each employee, and over 1,000 sensitive files are available for public viewing in about two-thirds of businesses [^200][^201]. Furthermore, according to the 2021 Varonis Financial Services Data Risk study, more than 500 passwords are used in 6 out of 10 businesses [^202].

The General Data Protection Regulation (GDPR) became enforceable on May 25, 2018. Since then, fines of 鈧1.1 billion ($1.2 billion) have been imposed since January 28, 2021 [^203]. Amazon received the most significant GDPR-related penalties of 鈧746 million ($843 million) from Luxembourg鈥檚 data protection supervisory authority (CNPD) in July 2021 [^204]. The second-largest fine to date (鈧225 million) was imposed against WhatsApp Ireland Limited in Ireland, and Google in Italy received the third-largest charge (鈧50 million) [^205].

Companies may be penalized under the EU GDPR up to 鈧20 million or 4% of their yearly revenue, whichever is more significant [^207]. There were almost 144,000 complaints made in the first year the GDPR was in effect [^208]. In that first year, more than 89,000 breach notices were sent [^210]. Since the introduction of the GDPR, Germany has reported the most data breaches, with over 106,731. The Netherlands comes in second, and the UK 40,026 [^211].

The GDPR has had a significant impact on data protection awareness, with 69% of individuals in the EU-27 knowing about the GDPR [^213]. Men are slightly more aware of the GDPR (71%) than women are (67%) [^214]. Poland has the highest GDPR awareness percentage at 95% [^215]. People in each country know their data protection authority to 71%, with Czechs being the most knowledgeable [^216]. In the EU-27, 60% of citizens know the right to access personal data kept by public authorities, but only 51% understand that this right extends to private businesses [^217].

In conclusion, the impact of cybersecurity breaches on stock market prices can be significant, with immediate reductions in share prices and long-term consequences for certain industries. The COVID-19 pandemic has also led to an increase in cyberattacks targeting remote workers. Despite the knowledge and awareness

Cybercrime Statistics on Cost

dall路e 2024 05 14 16.42.56 create a feature image for the article titled cybersecurity impacts on stock market prices. visualize a digital environment with a graph displaying 1 1
image 漏 2024. all rights reserved.

Cybercrime has become one of the most profitable industries in the world, with cybercriminals earning $1.5 trillion annually, which is almost three times more than Walmart's revenue, according to a study by Atlas VPN. The high financial rewards that cybercriminals receive have led to an increase in fraudulent activities, theft, and identity theft, among other crimes.

One of the ways that cybercriminals earn money is through money laundering. The United Nations Office on Drugs and Crime estimates that between 2% and 5% of global GDP is laundered annually, which is equivalent to $800 billion to $2 trillion. Money laundering has three stages: placement, layering, and integration. Placement involves moving the money from the direct association with the crime, while layering is distinguishing the trail to foil pursuit. Integration involves making the money available to the criminal from legitimate sources.

Cybercriminals also invest in assets that will make their plans more effective. For example, Armor Dark Market Report 2020 observed that SMS spamming services cost between $18.99 and $19.99 for 1000 SMS, while ransomware costs between $1.99 and $6.50. Unhacked remote desktop protocol services cost between $9.99 and $25 per server, while card reader/writer costs between $149 and $990. The setup of vendor shops on an underground market costs between $5,828 and $12,791 or 鈧5,000-10,000. Money transfer services cost $1,000 for a $15,000 balance, while iPhones cost between $159 and $179. Bulletproof hosting, which is web hosting for content such as fraud, money laundering, and porn, costs between $4 and $19 per month. A degree from a hacker university costs $125, while destroying a target's business costs $185.

Hackers are selling critical Zoom zero-day exploits at a costly rate of $500,000, while the price range for zero exploits is from $60,000 for Adobe Reader and up to $2,500,000 for Apple iOS for each zero-day exploit. However, most tools attackers use are becoming cheaper, and personal data used in attacking is becoming very reasonable too. PayPal account credentials sell for as low as $50.

These statistics show that cybercrime is a costly industry that is growing at an alarming rate. Businesses and individuals must take proactive measures to protect themselves from cybercriminals to avoid the high costs associated with cybercrime, including downtime, extortion, and fraud.

Statistics About Current and Future Cybersecurity Costs

dall路e 2024 05 14 16.46.22 create a feature image for the article titled statistics about current and future cybersecurity costs. visualize a forward looking financial dashboa
image 漏 2024. all rights reserved.

Cybercrime has been on the rise in recent years, causing significant financial losses to individuals, businesses, and governments worldwide. According to a report by NIST, the US lost hundreds of billions of dollars to cybercrime, which could be as much as 1% to 4% of GDP annually [218]. In 2021, BEC, cryptocurrency, and ransomware lost about $7 billion, with BEC alone losing nearly $2.4 billion [219].

The global cost of cybercrime was estimated to exceed $8 trillion in 2022, with experts forecasting that it will increase to $11 trillion in 2023 [220][221]. Cybercrime will cost the global economy more than $30 trillion by 2026 [221]. These staggering figures demonstrate the need for robust cybersecurity measures to protect against cyber threats.

According to CS Ventures, there were global damages in 2021 that cost about $6 trillion, and international cybercrime costs are expected to grow by 15% each year for the next five years, reaching about $10.5 trillion annually by 2025, up from $3 trillion in 2015 [222][223]. Additionally, cybercrime has affected at least 6.5 million victims, with a total calculation of about $26 billion from 2001 to 2021 [224].

Ransomware attacks have become increasingly prevalent, with global ransomware damage costs expected to exceed $265 billion annually by 2031 [225]. Crypto crime is also on the rise, with an estimated cost of $30 billion annually by 2025 [226].

Small businesses are particularly vulnerable to cyber threats, with over 50% of all cyber-attacks targeting SMBs [232]. The average cost of a data breach to small businesses can range from $120,000 to $1.24 million [228]. Data breach costs increased from $3.86 million to $4.24 million in 2021, the highest average total price in the 17-year history of this report [229].

Implementing zero trust security policies can help mitigate the financial impact of cybercrime. According to Purplesec, such policies saved $1.76 million per breach [230]. However, despite the potential savings, there was still a 10% increment in the average total cost of a breach from 2020 to 2021 [231].

In conclusion, the financial impact of cybercrime is significant, with losses projected to increase in the coming years. It is crucial to implement robust cybersecurity measures to protect against cyber threats and minimize financial losses.

Cybersecurity Trends on Spending

dall路e 2024 05 14 16.47.25 create a feature image for the article titled cybersecurity trends on spending. visualize a sleek digital dashboard displaying rising trends in cybe
image 漏 2024. all rights reserved.

The global spending on cybersecurity has been increasing year-over-year due to the growing sophistication of cyberattacks and cybercrimes. According to Statista, the worldwide spending on cybersecurity accrued from $101.5 billion in 2017 to $169 billion in 2022 [237]. The healthcare information security market worldwide was $14 billion in 2022 and is projected to grow at a CAGR of 18.4% between 2023 to 2030. The projected expenses on cybersecurity in 2023 are $23.2 billion [238].

The finance sector is projected to rank the number 2 industry to spend the most on cybersecurity in 2023, with more than $20.8 billion. Over 26,000 fintech organizations operated worldwide in 2021, and the global investment was above $210bn. By 2027, the worldwide e-commerce market will be valued at $4tn, an outstanding 50% growth from 2021 [239].

The average cost of a breach to SMB ranges from $120,000 to $1.24 million. This figure includes businesses that don鈥檛 handle sensitive data and information [249]. Over 50% of all cyberattacks are implemented on Small and Medium Businesses. This is a notable increase from the number of cyberattacks on SMBs in the previous year [250].

Zero Trust programs saved organizations 43% on data breach expenses. While companies that didn鈥檛 integrate zero trust strategies accrued $5.04 million per breach, those who fully implemented zero trust programs saved $2.66 million more per breach [257].

The worldwide cyber insurance market is projected to grow at a CAGR of 21.2% during 2021-2028. The market was valued at $8.9 billion in 2020 and is expected to reach $31.5 billion by 2028 [cyber insurance].

In conclusion, the global spending on cybersecurity has been increasing year-over-year due to the growing sophistication of cyberattacks and cybercrimes. The finance sector is projected to rank the number 2 industry to spend the most on cybersecurity in 2023. Zero Trust programs saved organizations 43% on data breach expenses. The worldwide cyber insurance market is projected to grow at a CAGR of 21.2% during 2021-2028.

Growth Statistics of Cybersecurity Jobs

dall路e 2024 05 14 16.51.37 create a feature image for the article titled growth statistics of cybersecurity jobs. visualize a dynamic graph or bar chart showing the upward tre
image 漏 2024. all rights reserved.

The cybersecurity industry is a rapidly growing field with a high demand for skilled professionals. In 2023, there were 1.1 million IT security workers in the United States, and this figure is projected to increase to 1.7 million by 2023 [265]. However, the demand for info security experts dominates the supply, causing a skill shortage in the vertical [275]. This section will highlight some of the growth statistics of cybersecurity jobs.

Job Titles

The most common job titles in the cybersecurity industry include security engineer, security analyst, and security architect [263]. The top three cybersecurity skills in demand are cloud security, threat intelligence, and incident response [262]. These skills are the highest-demand skills that will aid companies to detect and contain cyber threats.

Skills Gap

According to ISC2, 60% of companies will be challenged by cybersecurity skills shortages in 2023 [264]. Thus, two-thirds of companies struggle to get qualified IT security experts to fill open roles. Almost two-thirds of companies believe their security policies are inefficient in safeguarding their firms from attacks. Thus, 60% of firms need new or effective security policies to improve their security teams [272].


The information security sector is a rapidly-growing industry, expected to increase by 11% by 2023, and there are many opportunities for individuals with the required skills and experience [276]. However, the skills gap in the industry is a concern. To bridge this gap, companies are investing in training programs for their employees. According to Cyberseek, 81% of companies used third-party firms once in a while for cybersecurity projects in 2023 [268]. Additionally, 49% of companies said that using third-party cybersecurity firms [269].


In 2023, the average income of an information security analyst is $125,000, according to the Bureau of Labor Statistics [270]. In America, the average annual salary of a security engineer is $88,000, whereas their UK counterparts earn 拢52,500 ($72,000) annually for the same position [271].

Managed Security Service Providers (MSSPs)

Ninety percent of companies use managed security service providers (MSSPs) to deploy at least one cybersecurity function [273]. This indicates that outsourcing cybersecurity functions to third-party companies is becoming a common practice.

Job Openings

The number of job openings is predicted to expand by 31% from 2021 to 2031 [274]. Currently, there are over 3.5 million open cybersecurity jobs globally [279]. The United States ranks number one as the country with the most cybersecurity professionals in 2023, with approximately 1.1 million infosec workers. It is followed by India (800,000) and China (700,000) [277].

In conclusion, the cybersecurity industry is expanding rapidly, and there is a high demand for skilled professionals. However, the skills gap in the industry is a concern, and companies are investing in training programs to bridge this gap. The number of job openings in the industry is predicted to expand in the coming years, and outsourcing cybersecurity functions to third-party companies is becoming a common practice.

Country Statistics of Cybersecurity Threats and Programs

dall路e 2024 05 14 16.53.20 create a feature image for the article titled country statistics of cybersecurity threats and programs. visualize a world map with various countries
image 漏 2024. all rights reserved.

The Global Cybersecurity Index ranked Mexico, New Zealand, and Iceland in the middle of the pack in terms of their cybersecurity programs, as they are still developing. On the other hand, nations such as the Vatican, Chad, Libya, and Yemen are just starting or creating their information security initiatives simultaneously.

Colombia was the hardest-hit nation overall in 2020, with 93.9% of those surveyed confirming successful attacks. African and Asian nations are the most frequently attacked by malware, with their citizens being up to five times more likely to experience a malware assault than Americans.

According to Avira, while there have been 36% fewer incidents in Europe, there have also been 28% more records compromised, with UK organizations being the most affected in Europe. Additionally, Canada paid the most direct costs associated with the breach, while the United States paid the highest indirect fees. According to the ENISA Threat Landscape Report 2018, one compromised record cost $81 in Canada and $152 in the US.

In terms of attack geography, the US, Netherlands, Germany, and France were the top four source countries for web-based attacks, representing an increase for each country not only compared to Q1 2018 but also compared to 2017.

The Federal Office for Information Security discovered almost 4 million new malware types in the first half of 2020. Only 27% of those polled in Germany reported using password managers, and 78% expressed concern that an attacker would simultaneously gain access to all their credentials.

According to Telstra, 100% of polled decision-makers acknowledged they have some degree of influence over decisions made for the company鈥檚 cybersecurity program, up from 97% in 2018. Businesses in the APAC area are interested in threat intelligence systems (56%), analytics for users and entities (57%), and both. According to the 2018 Telstra Security Report, security for IoT and DevOps are top objectives in Europe (55% and 55%, respectively). Australian respondents say IT and cybersecurity funding is rising in 2019, with the typical annual budget currently around AUD 900,000.

Asia鈥檚 two most frequent attack strategies are personnel mistakes and virus/malware outbreaks. It鈥檚 interesting to note that phishing attacks and employee mistakes frequently occur in Europe. Every month, on average, 35,000 dangerous emails were stopped in real-time by automatic antivirus software before they could reach the mailboxes of their intended recipients, according to Telstra.

Overall, it is clear that cybersecurity threats are a global issue affecting various countries and industries. Companies and governments need to prioritize compliance and governance to ensure they are adequately protecting themselves and their customers. It is essential to invest in cybersecurity programs and implement best practices to prevent and mitigate cyber attacks.

Statistics of Top Cybersecurity Threats

dall路e 2024 05 14 16.54.40 create a feature image for the article titled statistics of top cybersecurity threats. visualize a sophisticated digital dashboard showing the most
image 漏 2024. all rights reserved.

The rise in cyberattacks that steal money or data is a significant concern for 75% of consumers, according to the World Economic Forum. Users' privacy is also a major concern, with 76% of them fearing that their privacy will be compromised by businesses, while 76% of customers worry that governments will invade their privacy this year. These concerns are not unfounded because, by 2025, ransomware is expected to cost $10.5 trillion annually.

As the workforce continues to operate remotely, IT teams will prioritize previously unnoticed vulnerabilities such as firmware misconfigurations. Attackers will start to exploit 5G's vulnerabilities as it is deployed more widely, and targeted ransomware will become more and more common. To prevent successful intrusions, companies that separate or partition their IoT devices will see a 25% reduction by 2023, according to Gartner.

Overall, the threat landscape is constantly evolving, and cybercriminals are always finding new ways to exploit vulnerabilities. It is essential to stay vigilant and up-to-date with the latest cybersecurity threats to ensure the safety and security of personal and business data.

7 Ways to Easily Improve Your Online Privacy and Security

dall路e 2024 05 14 17.03.04 create a feature image for the article titled ways to easily improve your online privacy and security. visualize a digital shield protecting a compu
image 漏 2024. all rights reserved.

Online privacy and security are major concerns in today's digital age. Cybercriminals are always looking for ways to exploit vulnerabilities and gain access to sensitive information. Here are seven ways to easily improve your online privacy and security.

Use Spam Filters and Keep an Active Detective Instinct

Spam filters are an effective way to prevent unwanted emails from reaching your inbox. However, it is essential to keep an active detective instinct and recognize and prevent phishing attempts. Always open links and attachments in unauthorized emails and texts with caution. Check for sensitive information on websites that have active HTTPS certificates. If you have doubts about an email, ask the sender specific questions or contact them via alternative channels. Never send or receive private information or passwords by email, instant messaging, or SMS.


Installing or activating antivirus software is crucial to safeguard your computer. Antivirus software checks files for malware using system scans or real-time scanning of active processes and downloads. Choose from a variety of paid and free programs to identify and get rid of hazards to stay safe.


A firewall is an essential tool to shield your computer from unwelcome internet traffic. The majority of routers and operating systems support it. Keep it turned on and be selective about which programs can use the firewall to access the internet.


A virtual private network (VPN) routes internet traffic through a predetermined remote server while encrypting. Commercial VPN services offer two key advantages. First, an encrypted tunnel secures data, guarding against ISP and Wi-Fi hacking. Second, the VPN protects your anonymity by hiding your IP address. Access to geo-restricted content is also made possible.

Secure Browser Extensions

Browser extensions can provide an added layer of security to your online browsing experience. Here are some suggested browser add-ons:

  • HTTPS Everywhere: If SSL-encrypted versions of websites are available, they are automatically used.
  • Privacy Badger: Prevents the usage of tracking cookies and other technologies to keep tabs on internet activity.
  • AdBlock Plus: It reduces the danger of malware and phishing attempts by effectively blocking adverts.
  • NoScript or ScriptSafe: Prevents JavaScript from loading automatically, preventing malware infections and possible drive-by download attacks.

Security Updates

Security updates are essential for network and device security. Ignoring security updates puts your network and device at risk. Hackers primarily target people who don鈥檛 update their software and out-of-date software. For the best protection, give rapid installation of security updates a top priority.


Using a password generator for each account, you can generate a different, random password. Password managers do away with the necessity to write or memorize them. Mix capital and lowercase letters, digits, and symbols for randomization. Avoid using passwords that are the same across accounts or personal information that hackers could decipher. Intense password usage significantly improves account security.

By following these seven easy ways to improve your online privacy and security, you can safeguard your digital identity and protect your sensitive information from cybercriminals.

How To Report Cybercrimes

dall路e 2024 05 14 17.09.38 create a feature image for the article titled how to report cybercrimes. visualize a digital environment with a computer screen displaying a cybercr
image 漏 2024. all rights reserved.

If you believe you are a victim of cybercrime, it is crucial to take immediate action. The following steps can help you report cybercrime:

  • Collect supporting documentation, including emails, screenshots, and pertinent data.
  • Inform the local authorities of the occurrence and provide them with supporting documentation.
  • Contact relevant cybercrime units in your nation.
  • Notify your financial institutions if there are any financial implications.
  • Report the incident to relevant online platforms or social media websites.
  • Utilize online reporting portals that are available in your nation.

Reporting cybercrime can help in obtaining justice, locating offenders, and defending others. Several countries have designated lines or agencies to combat cybercrime. In the USA, the FBI and IC3 can be contacted. In the UK, ActionFraud and the National Crime Agency are the relevant departments. In Europe, Europol can be contacted. In Australia, ACORN is the agency to contact. In Canada, Public Safety Canada is the relevant agency.

Cybersecurity Cyber Crime Statistics Conclusion and Personal Recommendation

Creating a secure cyberspace is a collective responsibility. Staying informed and implementing standard procedures can help prevent cybercrime. Reporting cybercrimes is also crucial. By doing so, people, businesses, and society can work together to create a better and more secure cyberspace.

Frequently Asked Questions

What is cybercrime?

Cybercrime refers to criminal activities that are carried out using the internet or other digital technologies. Examples of cybercrime include hacking, phishing, identity theft, ransomware attacks, and malware infections. Cybercrime can target individuals, businesses, and government agencies, and can result in significant financial losses, data breaches, and other negative consequences.

Is 100% error-proof cybersecurity possible?

No, 100% error-proof cybersecurity is not possible. As technology advances, so do the methods used by cybercriminals to infiltrate computer systems and steal data. While cybersecurity measures can be effective in preventing many types of attacks, no system is completely foolproof. The best approach is to implement a multi-layered cybersecurity strategy that includes a range of different tools and techniques.

What sectors of the economy are most vulnerable to cybercrimes?

All sectors of the economy are vulnerable to cybercrimes, but some are more at risk than others. Industries that handle large amounts of sensitive data, such as healthcare, finance, and government, are particularly vulnerable to cyberattacks. However, any organization that uses digital technologies is at risk of being targeted by cybercriminals.

What are the latest trends in global cyber crime statistics?

According to recent statistics, cybercrime is on the rise globally. In 2023, there were 2,365 cyberattacks, which resulted in 343,338,964 victims. This represents a 72% increase in data breaches since 2021, which held the previous all-time record. Additionally, the Cyberthreat Defense Report found that 84.7% of organizations globally admitted to having suffered at least one cyberattack in 2023.

How do cyber crime rates compare across different countries?

Cyber crime rates vary widely across different countries, but all countries are affected to some extent. According to recent data, the United States is the country with the highest number of reported cybercrime incidents, followed by the United Kingdom and India. However, it is important to note that many cybercrime incidents go unreported, so these statistics may not provide a complete picture of the global cybercrime landscape.

What recent cyber crime data has been released by the FBI?

The FBI regularly releases data on cybercrime incidents in the United States. According to the FBI's Internet Crime Complaint Center (IC3), the agency received 791,790 complaints of suspected internet crime in 2023, resulting in reported losses of over $4.2 billion. The most common types of cybercrime reported to the IC3 include business email compromise, tech support fraud, and non-payment/non-delivery scams.

How have cyber crime statistics changed over the past few years?

Cyber crime statistics have been on the rise over the past few years. In 2023, there were 2,365 cyberattacks, which represented a 72% increase in data breaches since 2021. Additionally, the number of complaints of suspected internet crime received by the FBI has increased steadily over the past few years, from 351,937 complaints in 2018 to 791,790 complaints in 2023.

Which countries are currently leading in cyber crime incidents?

The United States is currently the country with the highest number of reported cybercrime incidents, followed by the United Kingdom and India. However, it is important to note that many cybercrime incidents go unreported, so these statistics may not provide a complete picture of the global cybercrime landscape.

What types of cyber attacks are most prevalent according to recent statistics?

According to recent statistics, the most prevalent types of cyber attacks include phishing, malware infections, ransomware attacks, and business email compromise. These types of attacks can be carried out using a range of different techniques, such as social engineering, software vulnerabilities, and brute-force attacks. Organizations should implement a range of different cybersecurity measures to protect against these and other types of cyber attacks.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.