Info@NationalCyberSecurity
Info@NationalCyberSecurity

Cyber Stats

90+ Cyber Crime Statistics 2024: Cost, Industries & Trends

 

By Nivedita James Palatty

Cybercrime statistics show that a minimum of 422 million individuals were impacted, according to the FBI’s internet crime records with 800,944 complaints registered in 2022. Nearly 33 billion accounts will be breached in 2023 with the cost of these breaches predicted at $ 8 trillion.

This Blog Includes show

The cost of cybercrimes is projected to reach $10.5 trillion by 2025. It is said that 80% of reported cyber crimes are generally attributed to phishing attacks. At 16% phishing was the 2nd common reason for data breaches and the costliest averaging $ 4.91 million in breach costs.

How often does cybercrime happen?

33 billion accounts will be breached in 2023 which converts to 2328 per day, 97 cybercrime victims per hour. Cyber attacks of 8,00,000 have been recorded in total, and on average, there is a hacker attack every 39 seconds.

Over the last 21 years from 2001 to 2021, cyber crime has claimed at least 6.5 million victims with an estimated loss of nearly $26 billion over the same period.

Top Cyber Crime Statistics 2024

Cybercrime Statistics 2024 infographic
  1. The next five years will see a 15% increase in cybercrime costs reaching 10.5 trillion by 2025. – Cybercrime Magazine
  2. The global annual cost of cybercrime will reach $8 trillion annually in 2023.
  3. Cybersecurity Ventures predicts crypto crime will cost the world $30 billion annually by 2025.
  4. Ransomware will cost its victims around $265 billion (USD) annually by 2031. – Cybersecurity Ventures
  5. 80% of reported cyber crimes are generally attributed to phishing attacks in the technology sector.

Cyber Crime Statistics Worldwide 2024

This section will list some of the major cybercrime statistics from the 2018-2024 period. This is relevant as there has been a steady increase in cyber attacks during this period which is contributing to the increase in cyber insurance claims.

1. General Cyber Crime Statistics

Cybercrime count projection

Key Takeaways

  1. The highest cost of a data breach was $5.09 million in the U.S.A. in 2023.
  2. Phishing attacks were the most common cause of data security incidents in 2023 at 41%.
  3. Spear-phishing is used by 96% of threat actors to gather intelligence.

57% of breached organizations are likely to pass cybersecurity incident costs to customers.

IBM’s 2023 report shows that 95% of organizations have faced at least one cybersecurity-related incident. Out of which only 51% are likely to increase security investments. 57% of organizations preferred to pass the incident costs to consumers.

Data breach lifecycle 108 days shorter with extensive use of AI and automated security. 

AI and automation in cybersecurity had a major impact on the speed of identification and containment of vulnerabilities. The data breach lifecycle was 214 days for companies that deployed AI measures versus 322 days for companies that didn’t, a reduction of 108 days.

Ransomware victims that involved law enforcement saved $470,000 (IBM 2023 Report)

Ransomware victims that involved law enforcement saved $4.7 million in average costs of a data breach. Despite the large savings, only 37% of organizations choose to involve law enforcement after a ransomware attack.

Only 1/3rd of data breaches were detected internally by company security. 

One-third of data breaches were detected by the studied companies’ internal teams. While a staggering 27% was disclosed by the attacker itself. These attacks cost nearly 1 million dollars when compared to companies that self-identified breaches (IBM 2023 Report).

Organizations that deploy AI and automation in security had lower data breach costs at $1.8 million. 

Organizations that use AI and automation in their organization’s security measures experienced lower data breach costs, saving $1.8 million as opposed to companies that didn’t deploy these measures. This was the biggest cost saver according to IBM’s 2023 Report.

Cybersecurity Ventures predict 3.4 million unfilled jobs in cybersecurity jobs in 2024

Unfilled jobs in cybersecurity are predicted to reach 3.4 million in 2024 according to Cybersecurity Ventures. This is a stark increase from Cisco’s previous 2014 estimate of 1 million job openings in cybersecurity.

Q2 2023 saw an average wire transfer amount of $293,359 in BEC attacks

First quarter of 2023 the average wire transfer amount requested in BEC attacks was $187,053. This saw a drastic 57% increase in the second quarter of 2023 where the average was $293,359.

APWG observed 1,286,208 phishing attacks in the second quarter of 2023

The second quarter of 2023 saw 1,286,208 phishing attacks. This was the third-highest quarterly total. However, phishing is seen to be on a downward trend. The first quarter of 2023 on the other hand only saw 1,624,144 phishing attacks.

2023 saw an 8% increase in weekly cyberattacks globally. 

With the 8% increase in weekly cyberattacks, phishing attacks stood out at 41% as the most common cause of infections.  Extortion was noted to be the main aim of 27% of cyberattacks and data theft factored into 19% of all cybersecurity incidents.

Cybercrime is a trillion-dollar industry for criminals with 43% of attacks targeting SMBs

The highest cost of a data breach was $5.09 million in the U.S.A in 2023. Cybercrime earns cybercriminals $1.5 trillion every year. Small businesses account for 43% of cyber attacks annually. According to IBM, phishing was one of the top attack vectors in cybercrime at 16%.

Cyber Claims increased from 69% to 83% for SMEs

Criminal activities that increased cyber claims increased from 69% in 2018 to 83% in 2020 for SMEs. A Cyber claims Study by NetDiligence evaluated 5,797 claims data from 2016 to 2020 and found 32% for ransomware affecting SMEs, 10% hacking, and another 9% for business email compromise to be the root cause of losses sustained.

6.7 hours – Average time spent resolving a cybercrime

Globally, those who experienced cybercrime in the past year spent an average of 6.7 hours resolving it for an estimated 2.7 billion hours lost in total.

62% of cyber attacks are carried out through data gathered by spear-phishing

Intelligence is gathered using spear-phishing by 96% of threat actors. 62% of attacks that did not stem from a cybersecurity error or misuse usually were carried out through the usage of stolen personal information obtained through phishing and or brute-force attacks.

Top choice for phishing website domains and email attachments

According to PurpleSec half the phishing e-mail attachments that are received are in the form of Microsoft documents like Word (39.3%), Executable (19.5%), Rich Text (14%), and Excel (8.7%).

Phishing websites were generally hosted on .com domains (40%), but threat actors also used other reputable domains like .org (1.8%) and .net (3%). Nearly 32 percent of phishing websites made use of HTTPS in 2020 to portray an image of assured security.

2. Cyber Crime Statistics By Year (Updated January 2024)

Cyberscrime stats - 8 trillion by 2023

Key Takeaways

  1. 72.7% of organizations fell victim to ransomware attacks in 2023.
  2. Healthcare industry was affected by data breaches more than any other industry for 13 consecutive years. 
  3. Cybercrime victim count increased drastically by 69% in 2020 during the COVID-19 pandemic

The average cost of healthcare data breaches was up to $11 million in early 2023.

This statistic showed an 8% leap from 2022. IBM’s annual security report shows that the healthcare industry has surpassed all other industries for the 13th consecutive year. The healthcare industry was followed by finance at an average cost of $5.9 million and the third by the pharmaceutical industry at $4.8 million.

2023 saw almost 72.7% of companies globally falling prey to ransomware attacks.

 72.7% of organizations fell prey to ransomware attacks in 2023. Ransomware is predicted to cost victims $265 billion annually by 2031, a stark increase from 2021’s 20 billion. However, in 2023 ransomware only constituted 17% of security incidents, a decrease from 21% in 2021 (IBM).

93% of breaches in 2021 involved phishing attacks and 65% were through spear-phishing

Cofense’s Q3 2021 phishing review shows that nearly 93% of modern breaches involve phishing attacks. Symantec’s 2019 Threat Report shows that 65% of cyber-attacks are perpetrated through spear phishing.

Cybercrime damages and losses between 2020 and 2021

By 2021, global cybercrime rates involving damages amounted to $6 trillion per year, $500 billion per month, $115.4 billion per week, $16.4 billion per day, $684.9 million per hour, $11.4 million per minute, and $190,000 per second.

2021 was one of the costliest years in terms of data breaches through phishing attacks in the last 17 years. In 2020, internet crime victims over the age of 60 experienced $966 million in losses, while victims under 20 experienced almost $71 million in losses.

Leading causes of Cyber Attacks in 2020 & 2021 – Ransomware, BEC, Phishing

Ransomware and business email compromise (BEC) attacks were the leading cause of losses from the five years of 2017-2021 at 44% and 50% between the periods of 2020 and 2021 alone.

IBM’s Cost of Data Breach Report for 2021 found that phishing attacks were the second most expensive type of attack costing around $4.6 million.

Cybercrime victim counts increased during COVID-19  from 2019 to 2020. 

The cybercrime victim count increased drastically by 69% in 2020 during the COVID-19 pandemic when compared to 2019 from nearly 467k victims a year to 792k.

The number of people under 20 falling victim to cybercrimes increased by 100% during the pandemic due to online studying from an average of 10,000 per year in 2019.

3. Cyber Crime Statistics in the United States & United Kingdom 2024

Key Takeaways

  1. The average cost of cybercrime in the U.S. is $27.37 million.
  2. Shields healthcare data breach is the largest data breach reported in 2022 having affected over 2 million individuals.
  3. FBI from 2020 to 2021, UK’s cybercrime density increased by over 40% when compared to 2020.

USA had the highest rate of costly data breaches in 2021 at $9.05 million according to IBM. Around 817 data breaches have been reported in the U.S. since H1 2022. The average cost of cybercrime in the U.S. is 27.37 million US dollars.

Ransomware complaints and phishing-related data breaches are prevalent cybercrimes

Ransomware complaints in the US increased by 82%, with a 449% rise in ransom payments between 2019 to 2021. Nearly 22 percent of all data breaches are accounted for by phishing thus securing it a position as one of the most prevalent cybercrimes in the FBI’s 2021 IC3 Report.

Cost of data breaches and phishing attacks in major companies like Facebook, Google, Shields Healthcare.

Data breaches in the U.S. cost up to 9.44 USD on average. The cost of phishing attacks on companies has significantly risen through the years, with the $100 million loss faced by Facebook and Google in 2017 perhaps being one of the most infamous examples. The Shields healthcare data breach is the largest data breach reported in 2022. The data breach affected over 2 million individuals.

UK reported 654 ransomware attacks in 2021 double the number from 2020.

There were 654 reported ransomware attacks in the UK in 2021, double the 326 that were reported in 2020. According to crimes reported to the FBI from 2020 to 2021, UK’s cybercrime density increased by over 40% when compared to 2020.

5. Cybercrime Cost Statistics

Cybercrime stats - Ransomware cost 2023

Key Takeaways

  1. Globally cybercrime damage costs $190,000 per second.
  2. Tech support frauds cost $146 million, a 171% increase in losses from 2019.
  3. The difference in cost between compliant and non-compliant companies is around $2.3 million.

Cybercrime cost, loss to victims, and the average cost of ransomware attacks

$6 trillion was the cost of cybercrime in 2021. There was a $4.2 billion loss for victims in 2020 due to internet crimes. $1.85 million was the average cost of a ransomware attack. $13 million is the average cost of cybercrime for organizations (IT Governance USA).

Cybercrime damages per second are around $190,000, and 47% of victims lose money. 

According to Cybersecurity Ventures, global cybercrime damages per second cost around $190,000. 47% of cybercrime victims lose money as a result of the cyber crimes committed.

Tech support fraud cost $146 million, compromised email accounts cost $1.86 billion – Federal Bureau of Investigation

Tech support frauds amounted to over $146 million, a 171% increase in losses from 2019. Victims of compromised personal and business email accounts experienced a loss of $1.86 billion in 2021. – Federal Bureau of Investigation.

Mid-size organization avg. ransom pay is $170,404. An average of $25,000 is lost by SMEs.

The average ransom paid by mid-sized organizations is $170,404. The difference in cost between largely compliant companies and those that are non-compliant is around $2.3 million. An average of $25,000 is lost by SMEs.

The pandemic and remote work breach cost $5.01 million. 

The average data breach cost during remote working was $1 million higher than the pre-pandemic scenario. Organizations that did not evolve their IT to cope with the pandemic faced a breach that cost an average of $5.01 million.

Cyber Crimes Statistics Worldwide 2022 -2023 With Details

Here are some of the serious cyber crimes that happened in 2022-2023 with specific details.

HCA Healthcare

HCA Healthcare disclosed a data breach that affected 11 million patients between February 26th to March 7th, 2023. The company stated that an unauthorized party released patient information to an online platform.

The information included patient names, addresses, dates of birth, and other details. The breach, however, did not include sensitive social security numbers, diagnoses, or payment information.

Marriot Hotel

In 2022, June the hotel chain Marriot was hacked by a hacker stealing 20 GB worth of guest information. The hotel chain Marriot was hacked in 2020 resulting in the leak of over 5.2 million guests’ personal information.

War In Ukraine

The war in Ukraine has been a major scope for scammers and other malicious attackers to take advantage of through donation and fundraising scams. Subject lines such as “ Help save children from Ukraine” are used to target victims via emails. Ukraine war-related cyber crime statistics:

Phishing emails in the Slavic language have seen a 7-fold increase since the onset of the war.

The malware was placed on Ukrainian systems under the offer of free data decryption but was to wipe out the systems.

Shields Health Care Group

The Shields healthcare data breach is the largest data breach reported in 2022. Shield Health Care Group, a Massachusetts-based company detected suspicious network activity on March 28th of 2022.

Further inquiry revealed that a malicious actor gained access to certain Shields systems. It affected major partners like Tufts Medical Center and UMass Memorial MRI.

The data breach affected over 2 million individuals revealing their social security numbers, diagnoses, billing information, medical records, and PII like addresses, dates of birth, patient IDs, and more.

Broward Health

Broward Health based in Florida reported a data breach affecting 1.35 million people on January 2nd 2022.

It was reported that the breach occurred through gaining access from a third-party medical provider.

The health system said the intruders accessed private data including patient names, dates of birth, and Social Security numbers.

Novant Health

Novant Health reported that a misconfiguration in Meta pixel code potentially led to the unauthorized disclosure of protected health information (PHI) of 1,362,296 individuals.

Meta, Facebook’s parent company faces two lawsuits in lieu of this since the evidence was found that improper configuration of Meta Pixel has led to the disclosure of sensitive information to Meta.

Novant Health notified its patients and physicians and facilities regarding the possibility of information disclosure. However, there was no reported usage of the disclosed information by Meta or any third party.

Emerging Cyber Crime Statistics and Trends

This section will analyze the most popular trends in cybercrime and the statistics related to them.

Phishing Scams

Cyberscrime stats - Phishing

Key Takeaways

  1. Phishing is the second most common reason for data breaches at 16%.
  2. Phishing and other types of cybercrimes have seen a 75% increase since 2021.
  3. 30% of all phishing emails are opened, out of which 88% are opened by healthcare workers. 

Phishing scams are a form of social engineering designed to retrieve data from unsuspecting users through the impersonation of reputable websites and authorities to whom victims might reveal information.

Phishing continues to be common cybercrime for three years in a row. 2021 saw a total of 323,972 phishing victims. The most common reasons mentioned as motivations for phishing are 10% for disruption of site services and 6% for financial gains.

On average phishing, victims lost the least amount of money at $136 per victim when compared to other types of attacks like investment fraud (AAG IT Services). Phishing and other forms of cyber attacks have seen a 75% increase in 2021.

Nearly thirty percent of phishing emails are opened increasing the chances of opening or downloading from malicious links that contain ransomware or malware. 88% of healthcare workers opened phishing emails. Most used words for phishing e-mails are important (5.4%), attention (2.3%), urgent (8%), and important updates (8%).

The HIMSS survey revealed 36% of non-acute care organization representatives claimed their organization didn’t conduct phishing tests. A report analyzed by Health IT revealed that nearly 24% of health employees in the U.S. hadn’t received cybersecurity awareness training to help identify phishing scams.

BEC Attacks

Key Takeaways

  1. Nearly 1.2% of emails sent are malicious, translating to almost 3.4 billion phishing emails a day.
  2. 60% of healthcare professionals said emails were the most common cause of data compromise.
  3. 24% of BEC scams in 2021 aimed to divert payroll deposits of employees.

Business email compromise attacks are email blasts that mimic authenticated websites and services but are phishing mail targeted to make individuals reveal personal information.

1,153 cyber insurance claims in 2022 were due to BEC scams. 57% of these BEC attacks occurred in 2020 and 2021. Business email compromise showed about 10% of the total incident cost in case of cyber insurance claims in 2022.

It was seen that nearly 24% of BEC scams in 2021 aimed to divert employee payroll deposits. The average BEC attacks requesting wire transfers increased from $71,000 to $106,000 from 2020 to 2021.

It is suggested that nearly 1.2% of all emails sent are malicious, which in numbers translates to 3.4 billion phishing emails a day. One of the most expensive phishing attacks was through compromised emails with around 19,369 complaints having a loss of $ 1.8 billion (FBI).

Healthcare email frauds have seen exponential growth at 473%. A 2019 survey by HIMSS Cybersecurity revealed that nearly 60% of hospital representatives and healthcare IT professionals said that emails were the most common cause of data compromise.

Healthcare organizations were targeted at an average of 96 email frauds every quarter. 70% of the fraud emails to healthcare institutions were sent during office timings between 7 A.M. and 1 P.M (HIPAA Journal).

Social Media Scams – LinkedIn, Facebook

Key Takeaways

  1. 8% of social media cyberattacks happen through phishing.
  2. 47% of all social media phishing attempts are accounted for by LinkedIn phishing messages.

According to FTC, social media is a golden goose for scammers. 1 in 4 individuals report that they started losing money to fraud through social media.

Social media platforms such as Instagram, LinkedIn, and Facebook are prime targets for malicious attackers who take over accounts and leave phishing scams on strangers’ messages.

Nearly 8% of social media cyberattacks are through phishing. LinkedIn phishing messages account for 47% of all social media phishing attempts. In 2019, Facebook breaches were a major cause of data leakages.

50,000 and more Zoom account details were sold on the dark web for as little as $0.0020 per account. A large percentage of online fraud (70%) is now accomplished through mobile applications.

DDoS Attacks 

Key Takeaways

  1. DDoS attacks are the fifth leading cause of cyber attacks.
  2. 73% of DDoS attacks targeted education, finance, government and healthcare.

DDoS attacks can take down even the largest websites by overloading a server with a maximum number of junk requests. Here are some relevant DDoS statistics.

DDoS attacks are the fifth leading cause of cyber threats at 3.63/5. 2021 saw upwards of 9.84 million DDoS attacks, with 73% targeting education, finance, government, and healthcare. DDoS attacks breached the 10 million mark for annual attacks in 2020.

In a week, Friday is the busiest day of attacks with 15.36% while the percentage of DDoS attacks was lowest (12.99%) on Thursday. Kaspersky states that 43.25% of the world’s DDoS attacks in the 2nd quarter of 2022 were directed at the US.

During the COVID-19 period, the month of May saw the most DDoS attacks with 929,000 recorded. Bitcoin was threatened by a DDoS attack unless a ransom of 5-10 Bitcoins was paid in 2020.

Ransomware Attacks

Annual ransomware cost statistics.

Key Takeaways

  1. 74% of ransomware attacks were aimed at hospitals.
  2. 560 healthcare facilities fell prey to ransomware attacks during the global pandemic.
  3. Ransomware is estimated to cost victims $265 billion annually by 2031.

Ransomware is malicious malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware is spread mainly through phishing emails.

In 2018 it was estimated that by 2022 a ransomware or phishing attack will occur every 11 seconds. It was estimated that ransomware attacks would quadruple from 2017 to 2020 and grow 5x by 2021.

Ransomware was the top cause of loss in SMEs at 51% of total incident cost followed by hacking at 18%. Malware and ransomware are increasingly targeting businesses having claimed over 4.5k victims in 2021.

2,123 claims in 2022 were due to ransomware, 45% of which occurred in 2020 and 2021. 55% of 1500 claims from 2019 to 2021 occurred due to ransomware.

74% of ransomware attacks were aimed at hospitals, and 26% at secondary institutions like dental services and nursing homes. 2020 saw nearly 560 healthcare facilities fall victim to ransomware attacks.

Conclusion

These cybercrime statistics for 2024 clearly show the current trend and cases of cyber crimes. Healthcare institutes face an increasing amount of attacks in terms of ransomware, phishing, & BEC.  Ransomware cybercrime costs to victims are predicted to increase to $265 billion by 2031.

It is high time to ensure that your organization, whether you’re in healthcare, finance, technology, or education, is kept safe. Conduct employee awareness classes and deploy cybersecurity testing tools like Astra Security to assess your security posture. Keep a lookout and stay constantly updated on cybersecurity so your organization doesn’t end up as a statistic.

cyber security statistics
cybercrime statistics
data breach statistics
healthcare data breaches statistics
phishing statistics
ransomware attack statistics
Small business cyber security statistics
3rd party data breaches
cyber insurance claims statistics

FAQs

Why is cybercrime increasing and how much has cybercrime increased?

Cybercrime is increasing continuously since cybercriminals are difficult to catch and since the COVID pandemic, the opportunities for cybercrime have increased to an all-time high, by 69% in 2020.

How many cyber crimes are committed each year?

With over 2328 attacks per day, an average of 8,00,000 occur in a year and on average, there is a hacker attack every 39 seconds. It is estimated that 2023 will face around 33 billion account breaches.

Who does cybercrime happen to?

Cybercrime can be targeted at any individual or organization of any size that has assets in cyberspace. It is perpetuated by cybercriminals for monetary gain or other malicious intent.

National Cyber Security

FREE
VIEW