In recent years, cybersecurity has become crucial for both organizations and individuals. The pandemic posed several additional challenges. Cyber attack statistics show that, besides the pandemic, 2020 was also one of the worst regarding data breaches and other cyberattacks.
Unfortunately, 2021 surpassed it. The way things are, cybersecurity often seems ignored, and IT experts believe organizations must do more to protect themselves. Additionally, individuals should also educate themselves on the most recent types of cyberattacks.
Anyhow, these are the most alarming cybersecurity numbers to pay attention to.
Cybersecurity Statistics (Editor’s Choice)
- When it comes to phishing, it was the most common attack in 2020
- About 43% of cyber attacks are aimed at small businesses
- Global losses because of cybercrime reached $1 trillion in 2020
- The global information security industry is forecasted to reach $170.4 billion by 2022
- There are around 2,200 cyber attacks each day
- Close to 35% of global attacks originated in China or Russia
- A total of 95% of cybersecurity breaches happen because of human error
- One cyber attack happens every 11 second
Cyber Attacks Stats
The pandemic brought not just health concerns but also a 600% increase in cyber attacks. Phishing remains the most prominent scam, especially since attackers can present themselves as CDC or WHO employees in their emails.
1. Microsoft Exchange Server Attack was one of the biggest cyber attacks in 2021.
(Geeks)
This attack on Microsoft Exchange Server affected millions of clients. About 60,000 companies in the US faced issues from the attack. Additionally, nine government agencies were also affected, according to cyber attack statistics. Other attacks to note are SolarWinds Megabreach, Colonial Pipeline’s DarkSide Intrusion, and Twitch Data Dump.
2. The pandemic caused a 600% increase in cyber attacks.
(Purplesec)
Pandemic became one of the main reasons for cyber attacks as it opened the doors to new kinds of scams. There is a noticeable increase of 600% in cybercrime. New phishing email schemes have also emerged, where hackers pose as CDC or WHO representatives.
3. When it comes to phishing, it was the most common attack in 2020.
(Tessian)
There are many types of cybersecurity attacks, but phishing was the most common one in 2020. There were a total of 241,324 phishing incidents in 2020. According to the FBI, this was 11x more phishing complaints compared to 2016.
4. About 43% of cyber attacks are aimed at small businesses.
(Embroker)
Attackers will try to take on any business. However, most go for small or medium organizations. Based on the cyberattacks statistics, 43% of cyber attacks are aimed at small businesses. Unfortunately, only 14% are ready to defend.
5. Phishing is also the most common type of attack on small businesses, in 57% of cases.
(Embroker)
Not only individuals are victims of phishing. The latest data shows that this type of attack is a common way to wreak havoc on small businesses. In total, 57% of attacks are phishing or social engineering. In addition, compromised or stolen devices occur in 33% of cases, and credential theft in 30%.
The Costs of Cybercrime
The costs of cyber attacks are high. At the moment, predictions show that the global losses will surpass $6 trillion by the end of 2021, and by 2025, companies will lose about $10.5 trillion in costs.
6. Global losses because of cybercrime reached $1 trillion in 2020.
(NBCDFW)
In 2020, cybercrime skyrocketed. Based on the data, global losses related to cybercrime topped $1 trillion. Unfortunately, by the end of 2021, they’re expected to reach $6 trillion.
7. Cybercrime will cost companies about $10.5 trillion by 2025.
(Embroker)
Other predictions show that cybercrime will cost companies about $10.5 trillion by 2025. Cyberattack threats will not stop, and at the moment, it represents the greatest transfer of economic wealth in history.
8. Companies around the world will spend $6 trillion on cybersecurity.
(Cybintsolutions)
At the moment, the number of organizations that realize the importance of cyber security is growing. These predictions show that organizations around the world will spend about $6 trillion on cyber security by 2021.
9. Businesses lose $75 billion annually because of ransomware attacks.
(Purplesec)
Being one of the most common types of attacks, ransomware makes businesses lose $75 billion annually. Some of the worst ransomware attacks involved NotPeyta, where losses reached $1 billion, and FedEx, which lost $300 million.
International Cyber Attack Statistics
Cyber attacks happen each day across the globe, and cyber warfare isn’t that rare either. Still, organizations will continue to improve their defense in the long run.
10. The global information security industry is forecasted to reach $170.4 billion by 2022.
(Varonis)
Organizations will start improving their methods of defense against cybercrime. This will lead to the increase of the global information security industry, which is expected to reach $170.4 billion by 2020.
11. By 2023, the total number of global DDoS attacks will reach 15.4 million.
(Cisco)
Worldwide cybercrime statistics show that the number of worldwide DDoS attacks will reach 15.4 million by 2023. For comparison, in 2018, this number was around 7.9 million.
12. More than half of consumers have experienced cybercrime.
(Norton)
In 2020, one in three consumers were victims of cyberattacks. Overall, more than half have experienced some sort of cybercrime. About 4% clicked on a fraudulent COVID-19 contact-tracing link, and another 4% paid a fee to receive COVID-19 relief money.
13. There are around 2,200 cyber attacks each day.
(Norton)
Regarding the number of cyberattacks per day, there are about 2,200. This equates to about one attack every 39 seconds. In 2020, the FBI received about 2,000 internet crime complaints daily.
14. In Canada, three in 10 organizations saw a spike in cybercrime.
(Packetlabs)
Three in 10 organizations in Canada saw a spike in cybercrime during the pandemic. Since March 2020, almost 25% of small businesses have been targets of cyberattacks. When it comes to cyberattack types, about 80% of businesses were hit by phishing and 50% by malware.
15. Close to 35% of global attacks originated in China or Russia.
(Privacyaffairs)
Many cyber attacks pass unnoticed. However, about 35% of global attacks came from Russia or China. There were 79 confirmed attacks on national governments from China and 75 from Russia. North Korea and Iran are next, sharing 16% of global attacks, followed by the US where 3% of attacks originated.
Cyber Attack Facts
Some of the most terrifying facts about cyberattacks show that outsiders cause most of the attacks. What’s more, one attack occurs every 11 seconds, and people must remain vigilant and ready to protect themselves.
16. A total of 95% of cybersecurity breaches happen because of human error.
(Titanfile)
Unfortunately, it turns out humans are mostly to blame for falling for cyber attacks. A total of 95% of breaches happen because of human error. These cybercrime statistics only show how crucial proper education of employees is for the prevention of cyberattacks.
17. Outsiders cause 70% of cyber attacks.
(Embroker)
In 70% of cyber attack cases, outsiders are behind the attacks. In 55% of cases, organized criminal groups are responsible for the attack, and in 30%, it’s bad internal actors.
18. The finance and insurance sector ranks as the #1 industry by attack volume.
(Securityintelligence)
In 2020, the finance and insurance sector ranked as the #1 industry based on attack volume. Data on cyber attacks by industry show that this rank is unchanged compared to 2019. Manufacturing is ranked second in 2020, while it ranked eighth in 2019. The energy sector was third in 2020, while it ranked ninth in 2019.
19. About 92% of malware is sent via email.
(Purplesec)
Email is still the primary method of malware delivery. About 92% of malware is sent via email. However, mobile malware is also on the rise, with a total of 98% of mobile malware targeting Android phones, according to malware statistics.
20. Windows executables are the most common malware files, in 74% of cases.
(Tessian)
In 74% of cases, the main malware used in cyber attacks was Windows executable. The second most common file involved script files, in 11% of cases. The least used malware files were Android executables, in less than 1% of cases.
21. Average ransomware payment in 2020 reached $111,605.
(Varonis)
Many organizations face issues with ransomware. These attacks became so scary that the average ransomware payments also increased 33% from 2019 to 2020, reaching $111,605, according to cyber security attack statistics.
22. One cyber attack happens every 11 seconds.
(Packetlabs)
Ransomware attacks on businesses have become so common that from 2021 onwards, one organization will suffer from an attack every 11 seconds. Additionally, the number of ransom-paying organizations has increased from 26% in 2020 to 32% in 2021.
23. About 53% of adults admit they don’t know how to protect themselves against cybercrime.
(Norton)
Another worrisome fact is that 53% of adults say they don’t know how to stay protected from cybercrime. The same percentage of people also agree that remote work makes it easier for hackers to attack.
Conclusion
These scary cyberattack statistics show that more organizations than ever became victims of cybercrime. Ransomware, DDoS attacks, and phishing numbers are growing and show no sign of slowing down.
Unfortunately, most of the problems come from human error, as many adults admit they don’t know how to protect themselves from attacks.
Still, organizations around the world will invest more in the cyber security of their systems – forecasts show that around $6 trillion will flow into protection. It remains to be seen how successful it will be.
FAQ
How much have cyber attacks increased?
The pandemic forced people to shift to remote work and online transactions more than ever before. Unfortunately, this opened new doors for various cyber attacks. This is why there’s a noticeable 600% increase in cybercrime around the globe.
Phishing and ransomware remain the most common attacks although DDoS attacks will also grow in the future. Attackers also use WHO and CDC for scams in many cyber attacks, leading people into opening their emails and clicking the malicious links.
What industry is the most highly targeted for cyber attacks?
Organizations in certain industries are more likely to fall victim to cyber attacks than others. However, the industry also dictates how attackers will behave and what type of attack they’ll use to breach security.
For example, the finance and insurance sector ranks were the most attacked industry in 2020. Manufacturing was second on the list, and energy was third, based on the volumes of attacks. Additionally, the healthcare industry also saw an increase in cyber threats.
How many cyber attacks occur daily in the US?
Cyber attacks have become so common that one attack per organization occurs every 11 seconds. Based on the FBI reports, it received about 2,000 internet complaints daily, related to cyber attacks, which equates to about one attack per 39 seconds, be it businesses or individuals.
Some of the most common attacks involved phishing, DDoS, and similar. At the moment, cybercriminals pose as WHO or CDC representatives, luring their victims to click on a link about COVID-19, relief funds, and news.
Where do most cyberattacks come from?
Even though many cyber attacks pass unnoticed, experts can still conclude where they came from. Globally, 35% of attacks come from Russia or China, followed by North Korea and Iran. When it comes to the US, only 31% of global attacks came from that region.
Regarding the people behind the data breaches, in 70% of cases, those people are outsiders. In 55% of cases, they belong to the organized criminal group and in 30% of cases it’s bad internal actors, according to cyber attack statistics.
Sources
FAQs
What are the biggest cybersecurity threats right now 2022? ›
7. Ransomware. Ransomware is considered to be one of the biggest cyber security threats in 2022 and poses a serious cyber threat to businesses of all sizes. Ransomware attacks work by infecting your network and locking down your data and computer systems until a ransom is paid to the hacker.
What are the most common cyber attacks 2022? ›The most common attack vector remains credential theft (19%) then phishing (16%), misconfigured cloud (15%) and vulnerabilities in third-party software (13%). To understand how crucial it is to prevent these common attacks, consider the average time required to identify and contain each type of compromise.
How many cybersecurity attacks are there per day 2022? ›However, considering there are around 2,200 cyberattacks per day, that could equate to more than 800,000 people being hacked per year.
Will there be cyber attacks in 2022? ›Global attacks increased by 28%in the third quarter of 2022 compared to same period in 2021. The average weekly attacks per organization worldwide reached over 1,130.
What is the# 1 cybersecurity threat today? ›1) Phishing Attacks
The biggest, most damaging and most widespread threat facing small businesses is phishing attacks. Phishing accounts for 90% of all breaches that organizations face, they've grown 65% over the last year, and they account for over $12 billion in business losses.
- Malware.
- Phishing.
- Man-in-the-Middle (MitM) Attacks.
- Denial-of-Service (DOS) Attack.
- SQL Injections.
- Zero-day Exploit.
- Password Attack.
- Cross-site Scripting.
- Public administration.
- Healthcare & pharmaceuticals.
- Finance & insurance.
- Education & research.
- Retail.
- Social engineering attacks (or phishing) ...
- Ransomware. ...
- Mobile security attacks. ...
- Remote working risks. ...
- Identity-based cloud security threats.
With so many users, TikTok is clearly a potentially rich source of personal data and could be exploited in the way other social platforms have been to spread disinformation or promote influence operations.
How many websites are hacked every day? ›Cybercrime costs the United States economy a reported $3.5 billion each year. Globally, an estimated 30,000 websites are hacked each day. 43% of cyber attacks target small businesses. Only 5% of company folders and files are properly protected.
What is the most common way hackers find information? ›
Phishing is the most common hacking technique. All of our inboxes and text messaging apps are filled with phishing messages daily.
Are there any serious security threats currently out there? ›Cybercrime today is a major threat not just for the private sector and for individuals but for the government and the nation as a whole. As we move into 2022, state-sponsored attacks are expected to increase, with attacks on critical infrastructure of particular concern.
What are the top 3 biggest data breaches so far in 2022? ›- Crypto.com Crypto Theft. The attack took place on January 17th and targeted nearly 500 people's cryptocurrency wallets. ...
- Microsoft Data Breach. ...
- 3. News Corp Server Breach. ...
- Red Cross Data Breach. ...
- Ronin Crypto Theft. ...
- FlexBooker Data Breach. ...
- GiveSendGo Political Data Breach. ...
- Cash App Data Breach.
- TikTok Denies Cyber Attack.
- NATO Data Leak.
- Samsung Exposes PII.
- Uber's Systems Compromised.
- Starlink Dish Hacked.
- Largest European DDoS Attack.
- Cisco Cyber Attack.
- Cloudflare & Twilio Attacked.
- CAM4 Data Breach. ...
- 2. Yahoo Data Breach (2017) ...
- Aadhaar Data Breach. ...
- First American Financial Corporation Data Breach. ...
- LinkedIn Data Breach (2021) ...
- 7. Facebook Data Breach (2019) ...
- Yahoo Data Breach (2014)
- Malware.
- Ransomware.
- Distributed denial of service (DDoS) attacks.
- Spam and Phishing.
- Corporate Account Takeover (CATO)
- Automated Teller Machine (ATM) Cash Out.
- Ransomware. Ransomware can come in many shapes and sizes, but it all functions with the same basic concept: You must pay a ransom in order to gain access to your data. ...
- Misconfigurations and Unpatched Systems. ...
- Credential Stuffing. ...
- Social Engineering.
Ransomware is the fastest growing malware threat, targeting users of all types—from the home user to the corporate network. On average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016. This is a 300-percent increase over the approximately 1,000 attacks per day seen in 2015.
Which is the biggest cyber crime in the world? ›"Business email compromise is the number one cyber-crime, period – there is no sugarcoating it.
What is the biggest hack in history? ›Data breached: 3 billion user accounts
According to data breach statistics, the largest data breach in history is the one that Yahoo! suffered for several years. Not only is it the biggest breach according to the number of affected users, but it also feels like the most massive one because of all the headlines.
What were the top 5 worst cyber crimes committed? ›
- A Byte Out of History: $10 Million Hack. A Russian's hacking of a U.S. bank in 1994 may have been the first online bank robbery. ...
- Botnet Operation Disabled. ...
- Cyber Criminal Forum Taken Down. ...
- International Cyber Ring That Infected Millions of Computers Dismantled. ...
- Melissa Virus. ...
- Morris Worm. ...
- Operation Innocent Images.
Public reports reveal Federal networks have been under attack for years, and some accounts point to upwards to 3 billion cyber attacks a year in the United States.
Who is the main target of cyber attacks today? ›Cyber Attacks by Industry
While any industry could be subject to a data breach, those most at risk are businesses that are closely involved with people's daily lives. Companies that hold sensitive data or personally identifiable information are common targets for hackers.
...
Consumer loss through cyber crime worldwide in 2017, by victim country (in billion U.S. dollars)
| Characteristic | Annual loss in billion U.S. dollars |
|---|---|
| China | 66.3 |
| Brazil | 22.5 |
| United States | 19.4 |
| India | 18.5 |
Credit risk is the biggest risk for banks. It occurs when borrowers or counterparties fail to meet contractual obligations. An example is when borrowers default on a principal or interest payment of a loan. Defaults can occur on mortgages, credit cards, and fixed income securities.
What are the top 10 biggest cyber threats to organizations? ›- Social Engineering. ...
- Third-Party Exposure. ...
- Configuration Mistakes. ...
- Poor Cyber Hygiene. ...
- Cloud Vulnerabilities. ...
- Mobile Device Vulnerabilities. ...
- Internet of Things. ...
- Ransomware.
Bank executives and banking experts list cybercrime as the leading risk for banks.
Is TikTok a spy app? ›Citing the alarming report originating from BuzzFeed News, he called TikTok a "sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data" that collects search and browsing histories, faceprints, voiceprints, and even keystroke patterns, as well as clipboard data.
Should an 11 year old have TikTok? ›What age is TikTok recommended for? Common Sense recommends the app for age 15+ mainly due to the privacy issues and mature content. TikTok requires that users be at least 13 years old to use the full TikTok experience, although there is a way for younger kids to access the app.
Is TikTok still owned by China? ›TikTok is owned by ByteDance, whose founder is Chinese and has offices in China. US concerns about TikTok were renewed after a BuzzFeed News report in June, based on leaked meeting audio, said ByteDance employees had accessed US user data on multiple occasions.
What is the number 1 most visited website? ›
google.com is ranked #1 as the most popular website in the world for September 2022. The average amount of time that users spend on the website is 11 minutes, and they see, on average, 8.68 pages per visit.
Who is best hacker in the world? ›Yes, antivirus software is a crucial part of protecting our digital security and, ultimately, defending ourselves against hackers. Antivirus immunizes our computers against unauthorized software or coding that can threaten our operating system and, most importantly, our personal data.
What are ways hackers try to trick you? ›Phishing
Phishing is a fake email masquerading as legitimate. Hackers create phishing emails through which they intend to steal your confidential information like passwords and bank account details.
The process of getting tricked into giving your sensitive information to a hacker is called phishing. Phishing is the fraudulent attempt to obtain sensitive information, or data, such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication.
What method do cyber criminals use the most? ›- Bait And Hook. This is one of the most widely used attack methods that phishers and social media scammers use. ...
- Disguise And Conquer. ...
- Hidden And Malicious Payloads. ...
- Information Harvesting. ...
- Malvertising. ...
- Webcam Hijacking. ...
- Business Email Compromise. ...
- Cryptocurrencies.
Social Engineering Attacks
And because humans are prone to error, social engineering is the biggest security risk today. How much of a risk? Some reports estimate 93% of business data breaches come from employees unknowingly engaging with a social engineering attack!
Those risks potentially include data theft, malware attacks, ransomware and even nation-state backed cyber espionage. But one of the most significant cybersecurity threats is also one of the most simple attacks that cyber criminals can carry out: phishing .
What are the top 5 biggest cyber threats to organization? ›- Phishing Attacks. The biggest and widespread threat facing small businesses are phishing attacks. ...
- Cloud Jacking. This is the process where cloud computing is infiltrated by a third party. ...
- Ransomware. ...
- Patch Management. ...
- Deepfakes.
Google hacking search queries can be used to identify security vulnerabilities in web applications, gather information for arbitrary or individual targets, discover error messages disclosing sensitive information, discover files containing credentials and other sensitive data.
What websites get hacked the most? ›
- WordPress websites are a top target for hackers because of their massive user base. ...
- On average 30,000 new websites are hacked every day.
- A study made in 2003 (remember, it's 2022 right now and numbers have probably risen) found that there is an attack every 39 seconds on average on the web.
In June 2022, Michigan-based Flagstar Bank notified customers of a data breach in which hackers stole the social security numbers of 1.5 million customers. The attack itself occurred in early December 2021, and Flagstar discovered the breach in early June 2022.
What are the top 10 cyber attacks? ›- Malware.
- Phishing.
- Man-in-the-Middle (MitM) Attacks.
- Denial-of-Service (DOS) Attack.
- SQL Injections.
- Zero-day Exploit.
- Password Attack.
- Cross-site Scripting.
In 2020, a major cyberattack suspected to have been committed by a group backed by the Russian government penetrated thousands of organizations globally including multiple parts of the United States federal government, leading to a series of data breaches.
Who is called hacktivist? ›Derived from combining the words 'Hack' and 'Activism', hacktivism is the act of hacking, or breaking into a computer system, for politically or socially motivated purposes. The individual who performs an act of hacktivism is said to be a hacktivist.
Which banks have been hacked? ›- First American Financial Corp Data Breach. Date: May 2019. ...
- Equifax Data Breach. Date: Sep 2017. ...
- Heartland Payment Systems Data Breach. Date: January 2008. ...
- Capital One Data Breach. Date: March 2019. ...
- JPMorgan Chase Data Breach. Date: October 2014. ...
- Experian. ...
- Block. ...
- Desjardins Group.
On September 12, 2022, Apple released a set of security updates that fixed newly-identified zero day vulnerabilities in their devices. Apple acknowledged reports that these vulnerabilities may have been exploited by hackers, but did not go into greater detail.
Has Amazon been hacked? ›In December 2014, hackers associated with the group Anonymous leaked 13,000 usernames and passwords for Amazon, Walmart, Playstation Network, Xbox Live, and other websites.
What is the biggest cybersecurity threat right now? ›Cybersecurity Threats and Trends for 2022. Phishing Gets More Sophisticated — Phishing attacks, in which carefully targeted digital messages are transmitted to fool people into clicking on a link that can then install malware or expose sensitive data, are becoming more sophisticated.
What are the top 5 major threats to cybersecurity? ›- Social engineering attacks (or phishing) ...
- Ransomware. ...
- Mobile security attacks. ...
- Remote working risks. ...
- Identity-based cloud security threats.
What are the challenges of cyber security 2022? ›
- Remote Work. The COVID-19 pandemic has forever changed the workplace and how it is secured. ...
- Cloud Attacks. ...
- Phishing Scams. ...
- Cryptocurrency and Blockchain Attacks. ...
- Internet of Things (IoT) Attacks.
- Ransomware. Ransomware can come in many shapes and sizes, but it all functions with the same basic concept: You must pay a ransom in order to gain access to your data. ...
- Misconfigurations and Unpatched Systems. ...
- Credential Stuffing. ...
- Social Engineering.
Ransomware is the fastest growing malware threat, targeting users of all types—from the home user to the corporate network. On average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016. This is a 300-percent increase over the approximately 1,000 attacks per day seen in 2015.
What are the new threats to security? ›- Credential reuse attack. ...
- Insider threat. ...
- Man-in-the-middle attack. ...
- Phishing. ...
- Ransomware. ...
- Watering hole attack. ...
- Spyware. ...
- Social engineering attack.
The main reason behind the vulnerability of millennials is lack of caution. A symptom of this tendency is sharing of passwords. Millennials are so lax about password security that they can be called the password-sharing generation.
What is the Internet threat? ›Internet-based threats expose people and computer systems to harm online. A broad scope of dangers fits into this category, including well-known threats like phishing and computer viruses. However, other threats, like offline data theft, can also be considered part of this group.
What are the main cyber threats? ›Cyber threats include computer viruses, data breaches, Denial of Service (DoS) attacks, and other attack vectors.
What are the 5 types of cyber-attacks? ›- Malware. Malware is a term used to describe malicious software, including spyware, ransomware, viruses, and worms. ...
- Phishing. ...
- Man-in-the-middle attack. ...
- Denial-of-service attack. ...
- SQL injection. ...
- Zero-day exploit. ...
- DNS Tunneling.
Any cyber attack that targets off-site service platforms that offer storage, computing, or hosting services via their cloud infrastructure can be classified as a cloud cyber attack. This can include attacks on service platforms that utilise service delivery models like SaaS, IaaS, and PaaS.
What are the top 10 biggest cyber threats to organization? ›- Social Engineering. ...
- Third-Party Exposure. ...
- Configuration Mistakes. ...
- Poor Cyber Hygiene. ...
- Cloud Vulnerabilities. ...
- Mobile Device Vulnerabilities. ...
- Internet of Things. ...
- Ransomware.
What are the top 3 personal attributes important to a cyber professional? ›
- An eye for attention. ...
- Listening ability. ...
- A hunger to learn. ...
- Writing and speaking. ...
- Courtesy and professionalism. ...
- Ethical standards. ...
- Passion for the field.
Ransomware
Follow these key steps to protect your company. Staff awareness: staff should be wary of unsolicited emails, particularly those that ask for a prompt response. Malware protection: install and maintain good anti-virus and malware protection software. Software updates: keep your applications up to date.