📊Cyber Security Stats & Trends
- Organizations encounter a cyber attack every 44 seconds in a day
- Ransomware can Encrypts 100k files within 42 minutes and 54 seconds
- 75% of Cyber attacks happen through BEC, Phishing, SQL injection, and DDoS attack
- The average cost of a data breach is $4 million by 2021 and there were 2,200 cyberattacks per day
- Organizations identify data breaches on an average of 212 days and run for 280 days
- More than 95% of the Cyber security breaches are due to Human Errors
- A web page you visit will encounter 94 attacks every day on average
- 40 Billion records were exposed in 2023 and the bar is still rising.
- More than 160K Facebook accounts are being hacked every day in 2023.
- Most expensive cyber-attack is (ExPetr – Malware) which cost $7.9 billion in 2017
- Organizations’ share price will drop by ~7.27% after any breach
- 49% of the cyber attacks happen in China and 18% originate from it.
- On average 36% of gamer accounts encounter DDoS attacks in 2023
- 0.5 million Zoom user accounts sold on the dark web, 2.3K user login credentials were publically leaked
- An increase in internet traffic is the 50% driving force for Cyber Attacks
- Remote workers are the reason for 20% of Cyber Attacks in pandemic
- 30% of the Malware comes through PDFs and Microsoft Office files
Most Common Cyber Attacks Statistics
Cybercriminals are targeting every sector & individual, there is no exception for anyone. Lack of awareness & proper security measures results in the rise of these attacks. Our team spent hours 🔎analyzing the data and curated the most comment on Cyber Attacks.
Let’s see how Cyber attacks affecting sectors and individuals form the past few years, so you can be aware of their kind. Without wasting further time, let’s hop in.
1. Growth of Weekly Cyber Attacks
Cyber attack growth is 🚀sky-rocketing every week, businesses witnessed more than 50% of Cyberattack attempts every week in 2023. While the attackers are educational & research sectors followed by HealthCare, ISP, and communication. Cybersecurity intelligence reports show that Corporate Cyber Attacks are more every year.
So, it’s very clear that every organization from small to medium businesses is being affected by Cybersecurity attacks. Only a few of them quickly responded to the incident attacks and can recover quickly. While this seems to grow more every year.
2. Cyber Attacks cost
While Cyber attacks increased by 15% every year, it’s estimated that Cybercrime cost grows to $10.5 trillion from $3 trillion within a span of 10 years. While Cybersecurity ventures report that these attacks shake the economic wealth of countries in history.
Cyber attacks cost more every year with the spread of infected devices in an organization. As you can see the line is very steep hitting 300% more costly compared to 2015.
3. Biggest Data Breach Happen in 2023
2021 is the year of wonders, which saw the biggest data breach ever happen in 17 years. While the cost of the data breach grows from $3 million to $4 million on yearly basis as per IBM data breach cost reports.
4. Losses for Ad-Industry
Digital scams (Cyberattacks) are at their peak attacking victims by displaying fraudulent ads on their screens. Thus ad industry loses $51 million per day (lumpsum money), if this continues the net loss will reach $100 billion per year
5. Impact & Frequency of Cyber Attacks
Cyber Attacks impact industries in several ways (from minor disruptions to huge financial losses). Here are the areas where your organization suffers regardless of Cyber Attacks
- Loss of productivity
- Reputation damage
- Legal Liability
While Cyber attacks happen every 40 seconds in 2016, due to rapid improvements in technology attackers are targeting victims every 11 seconds in 2023. Most of these attacks happen through ransomware
6. It’s takse 197 Days to discover Data Breach
Companies do take more time to realize Data breaches, In a survey conducted by IBM shows that it takes 197 days for a company to realize that they are under Cyber Attack. When companies realize quickly, they can save more than $1 million in under 30 days.
But a slow reaction causes more trouble and results in less customer trust, financial losses, etc.
7. Security Spending
Companies are spending a lot on CyberSecurity to defend themselves from these Cyber attacks. While the total spending is $3.5 billion in 2004 and $120 billion in 2017 (~35 times more in just 17 years).
As per the IT industry claims, Security spending is predicted to exceed $1 trillion by 2025 with 15% growth every year. “With the increase in attacks, organizations continue to spend on security more”.
Looking at the security spending graph over the years, it’s expected that 71% of the Cybersecurity budgets will increase next three years.
8. 93% of Cyber Attacks can penetrate computer networks
In study research, it’s found that in 93% of Cyberattacks, criminals were able to penetrate the computer networks to gain internal resource access. On average, it takes 2 days to penetrate a computer network. Millions of users’ data can be stolen within 2 days. Sometimes, the attacker comprises 100% of all organizations to gain domain privileges to compromise other critical systems.
9. Cyber attacks doubled on HealthCare by 2020
As IBM reports, the Pandemic houses more attacks for the HealthCare industry in which ransomware played the key role. It’s quite surprising for the companies that every one-fourth attack includes ransomware which pulls out $123 million in only 2020.
While 35% of the attacks succeeded in attacking victims through exploitation and the rest of the 33% are due to vulnerabilities & phishing.
10. Human Error leads to 95% of cybersecurity breaches
Source: IBM Cybersecurity
According to IBM CyberSecurity intelligence, most cybersecurity breaches are due to human errors. This increases the cost of data breaches by 2020 raises to $3.3 million. User negligence & lack of security practices, while can put an individual or company at risk.
- Telling colleagues password: 43%
- Failure to log out: 69%
- Logging into an unsecured WiFi: 53%
11. 77% of the enterprise don’t have Cyber Security Incident Response
When a study benchmark is conducted on Cyber Resilience by IBM Security and the Ponemon Institute, reports show that 77% of enterprise organizations don’t have the incident response to cyberattacks. Surprisingly, 54% of them have not even tested their Cyber Security plans which leads to putting them under attack every 2 months.
While the studies claim that 44% of the companies that respond to these attacks will recover within 30 days and save over $1 million on the total cost of a data breach on average
Cyber Crime by Attack Type
12. Annual Ransomware Attacks
Annual reports of global security say that ransomware attacks increased by 62% with 304 million in the year 2020 compared to previous years. But the highest number of attacks happened in 2016 like never before with 638 million.
These ransomware attacks cost more than $75 billion annually for organizations.
13. Cost of Ransomware Attacks
While Cyber Attack cost is growing rapidly, ransomware contribution plays a major part in the total cost, With an average payment hitting $5.7 million, ~82% higher than its preceding year’s $3.1million as per Palo Alto networks.
Cyber Security Ventures claims that this will reach 10 billion dollars by the end of 2021. Though the actual numbers vary as per real-time cost, the predicted amount is also shocking the world.
14. Most affected industries by ransomware
All organizations are attacked by ransomware while the government is the primary victim with 22%, and education comes in second with 16.4%. As per the survey conducted by Cybersecurity Ventures at least one attack happens every 11 seconds, India faced the top ransomware attack with 2/3 of the organizations under attack in 2023.
Malware and ransomware are the fastest-growing threats in recent times.
15. Newly Discovered Ransomware
Ransomware is inevitable with new families showing up every year, as you can the statistics report. Recently 127 ransomware are discovered which is a bit high compared to that of the previous year 95.
The highest ransomware discovered over the past 5 years is in 2017.
16. Commonly Attacking Ransomware in 2020
While new ransomware is being discovered every day, these statistics show the most commonly attacking ransomware families in 2020. Wannacry is the most attacked encryption ransomware in 2020 with 16.56% followed by Phny.
Also, there are other ransomware families which attacked users mostly.
17. Infected Machines Spreading Virus
More than 60% of organizations experience the spread of viruses after getting attacked by one employee system. Terribly this number increased to 74% in 20231, while this could be due to any reason for trusting phishing websites or virus is spreading through emails, etc. It’s irritating employees with its script that makes the system misbehave.
18. US & UK Reported the highest ransomware attack
Ransomware disrupts every business all over the world, but surprisingly US & UK have the hardest time in 2023 with more than half of the organizations being ruined in these countries alone. Though it’s a slight relief compared to previous years with more than 55% of the organizations attacked by ransomware.
19. Google Removed Some Malware-Infected Sites
Source: Google Transparency Reports
As per the Google Transparency reports 2021, there are more than 2 million websites listed under “Dangerous Sites“. While all these sites are phishing sites, only 27,000 sites are removed from google due to malware injection.
More and more number sites might be delisted in upcoming years due to more online users in recent times.
20. Most Mobile Malware Impacted Country
As per the mobile security reports by Kaspersky Lab, It proves Iran is the most malware-affected country in Q2 2021. While the share of mobile attacks is increased ~24% more compared to previous years. While the second most impacted is Bangladesh with ~12% of attacks.
21. Malware Attacks On Ports
SonicWall’s reports show that malware attacks on the standard & non-standard ports increased rapidly to 25% within a year. Though the majority of the problems occur in this standard 8080 port (HTTP).
22. 270,000 Malware Variants detected in 2023
Malware variants 🦠shaking the world, in recent times SonicWall found 268,362 new malware “Never Seen Before” variants. This is a huge spike of 74% compared to the previous year i.e ~63 new malware variants every hour.
23. Ryuk Global Ransomware Signatures
There was more than 189 million ransomware in 2019, Out of which 77 million are part of the cyber security family. These different variants are reasonable for 33% of attacks that happened in 2019, Ryuk is the deadliest ransomware signature in 2020 which attacked 19.9 million users.
24. 91% of the malware attacks
Almost all threats are sent through encrypted (SSL/TSL) traffic. It’s more difficult to find and detect encrypted malware. As per the WatchGuard reports, 91% of the detected malware of this nature. Attackers take advantage of hiding malware in files and encrypting them. Most of the organizations didn’t check the encrypted and fell into the malware attacks.
25. Most Wanted Cyber Criminals
Cybercriminals are tough to find, by 2019 there were 19 Cyber Criminals on the FBI Most Wanted List. They were responsible for the massive breaches which cost $100 million for organizations. It’s not a joke to steal someone’s data, do not engage yourself in any such activities that put you at risk.
26. CryptoJacking Attacks
Source: Kaspersky Cryptojacking
Kaspersky CryptoJacking reports show, that there were 432,171 attackers who hijacked the user’s system to mine Cryptocurrency against their will in 2023 Q1. The number is low in previous years with only 187,746 CryptoJackers, we can expect more attackers with new crypto’s being discovered every day. The prices of Crypto draw more user’s
27. Phishing Attacks
Source: Google Safe browsing
Google Safe browsing reports show that phishing attacks are on the rise compared to malware sites. As you can see, the number of phishing websites (unsafe) in Jan 2019 is more than 2M+.
This is predicted to grow further in the pandemic due to the rise of online users. So, don’t just click on the website you saw without nor provide your details or IP (use VPN).
28. Most Common BEC (Business Email Compromise Attack)
As we already know that most attacks happen through email attachments or injecting viruses through emails. Here are some most common email attacks with subject lines as per Symantec threat reports.
Don’t directly believe these subjective emails or download the attachments in them. Once confirm the email objective, they don’t provide any details or open them.
29. Phishing Attack Awareness
Phishing attacks aren’t the same in every country or occur to the same extent. As per the Proofpoint sources, most phishing attacks happen in the US, though it’s aware of the phishing attacks.
The United Kingdom stands second with 69% attacks & awareness. Also, there are some other countries like Australia, Japan, France, and Germany.
30. Frequency of Phishing Attacks
Source: Cisco Cyber Security
Cisco Talos Intelligent group reports that at least one person in 87% of the organizations clicked a phishing link, these data sources also say that 90% of phishing leads to data breaches. The research found that there is a 7.3% increase in email attacks during Q2 2021 and there is a 2% point rise in phishing attacks during 2019-2020.
These Phishing attacks are at their peak during holiday times like Black Friday,
31. DDoS Attacks are on rising in 2023
DDoS attacks are steadily spreading their wings along with Cyber attacks as per CouldFare reports. They increased by almost ~75% by Q4 2021 compared to previous years. Though the year 2020 witnessed a high spike in DDoS attacks, they continued as a large part of users are still working from home. So, it’s quite surprising to foresee the spike.
32. Ransomware can Encrypts 100k files within 42 minutes and 54 seconds
It takes 42 minutes and 54 seconds to encrypt about 100k files for a median ransomware variant as per a study by Splunk.
33. Largest Social Media Platform Breaches
Though Facebook was the most hacked social media platform, here are some other platforms that faced the largest data breach ever. Surprisingly, LinkedIn appears in the list back in 2012 “where 117 million users’ data is comprised”. Also, there are other platforms in the list which you might be not aware of.
34. Countries that are more vulnerable
Source: CyberSecurity Insiders
According to the surveys, China is most vulnerable to malware infection with 50% of their people’s devices getting infected. Whereas Taiwan takes a second stand with -a 47.34% infection rate followed by Turkey, Russia, Mexico, Brazil, and Poland.
Now coming to Cyberattacks, Belgium is more vulnerable compared to all followed by Dominican Republic, Hong Kong, Samoa, China, Afghanistan, Tajikistan, South Africa, and Australia.
35. More than a Billion Emails are Compromised
A well-known tech company reveals that more than a billion emails are compromised in a data breach which could be the beginning of a cyber era. This isn’t the first time, back in 2014 there were 33 million emails are compromised. The rapid increase in cyber attacks on websites where you logged in with your email makes it easy to fetch data for cybercriminals.
Check whether your 📧email is compromised or not on HaveIBeenPwened
36. Increase in Internet Traffic Became Driving Force For Cyber Attacks
There is a huge spike of 60% difference in internet traffic before & after the pandemic where everyone is working remotely. This became a new Driving force for Cybercriminals as people who are not aware of online security became victims resulting in new Cyber Attacks.
37. More than 0.5 Million Zoom Users’ Data is sold on Dark Web
Reports say that more than 500000 zoom user accounts were sold in criminal marketplaces (Dark Web). Also, 2000 sets of user login credentials were found online for free. In 2020, many banks officially warns their employees to not use Zoom or Google Hangouts for remote meetings.
Hackers also tried to sell two zero-day vulnerabilities of Zoom software officially for $500,000 online.
38. 20% of the Security Breaches in the Pandemic were due to Remote Workers
Many companies & organizations adopted remote work during the pandemic. Employees who are not aware of these Cyber Attacks and their compromised devices in the work environment caused 20% of the security breach in the companies.
39 30% of the Malware comes through PDFs and Microsoft Office Files
In a recent survey of files by SonicWall, it was observed nearly 11% of the malware comes through Microsoft office files and 18% of the malware comes through PDFs. Cybercriminals choose these mediums since these are the most common files that every organization uses.
While the Executable .exe files are the most common hideouts of malware files since 2012 till date. So, beware before downloading anything from the internet & check the files once before you open or install them into your device.
40 3.8 million warnings were shown to users in Safe browsing (Google)
Source: Google transparency report
By August 2022, Google transparency reports claim that more than 3.8 warning messages were shown to users in the web browsers (Safe browsing). While only 1.8 million users are cautious and followed the warning message and avoided opening the site, whereas the rest of the users opened the site and were infected by the malware.
It’s also observed that over the period the count is drastically down as the harmful sites are being blocked on google. Though it feels safe, make sure that you check out the google warnings before opening the site.
😉Tips To Reduce Cyber Attack Risk
Avoid Clicking Suspicious Links:- Most of the attacks are from phishing, be careful while opening any insecure links or trusting them.
Use Stronger Password:- Using weak passwords & sharing them with your friends might leak it or become easy to get it. Use tough passwords and enable two-factor authentication (if available), so you can reduce the risk.
Create stronger Email protection:- Spam emails and attachments are the hideouts for Cyberattacks, so be careful while providing your email during signup (provide if you trust). Filter unwanted attachments & mails (try to report them as spam).
Keep a backup of your data:- Backup might help you when some ransomware tries to destroy or cripple your whole data. It always comes in handy when you need it (offline backups)
Monitor for data breach:- Keep an eye out for any signature for a breach, so that you can uproot its spread to other systems without your consciousness.