55 Cybersecurity Statistics to Know in 2024

Radar Rundown

Cyberattacks have increased significantly in the recent past.
There is a widening gap in the cybersecurity workforce.
Individuals and organizations suffer high financial costs due to cybersecurity incidents.

As we embrace the digital revolution, we are continuously sharing our personal information on social media platforms, online stores, online banking apps, and other web-based applications. Regardless of how trustworthy a web platform is, there is always a chance that your data may fall into the wrong hands.

Cybercriminals exploit system vulnerabilities using various techniques to steal your personal data and then use it for malicious purposes like conducting various attacks, identity theft, unauthorized access, and financial fraud. In this article, we will discuss cybersecurity statistics, the prevalence of cyberattacks, common vulnerabilities and threats, and why you should protect your personal information.

Cybersecurity fast facts and statistics

There’s a projected 32% growth of information security jobs between 2022 and 2032.
In 2022, business emails alone accounted for $2.7 billion in losses.
94% of organizations reported incidents related to email security in 2023.
35% of malware was delivered via email in 2023, making it the most used delivery form.
The average loss caused by a data breach is $4.5 million.
There was a 72% increase in data breaches in 2023. The highest since 2021.
There were 343,338,964 cyberattack victims in 2023, resulting from 2,365 attacks.
In 2023, 17.5 million credit card information was sold in the black market.
Approximately 98% of cyberattacks involve social engineering tactics.
Over 1.51 billion Internet of Things data breaches were reported in the first half of 2022.
E-commerce fraud accounted for $48 billion of losses globally in 2023.
Between January and March 2023, ransomware attacks hit 56% of manufacturing companies.
About 20% of consumers stop buying from companies that have been hacked.
Over 700,000 cyber threats were detected in the education sector between April and June 2023.
In the first quarter of 2023, 23.6% of cyberattacks in the finance sector came from phishing scams.

The globalization and interconnection of people through digital platforms are the main reasons for the increase in cybercrime, which hit an all-time high in 2023. Cyberattacks affected more than 343 million people in 2023, leading to a 72% rise in data breaches—a new record.

Cybercriminals used emails to deliver malware. Emails are a very effective malware delivery method because they are used daily for personal and professional communication.

The consequences of a cyberattack can be devastating. A single data breach can cost an average of $4.45 million.

The most common types of cyberattacks

Cyberattacks target individuals and organizations, including governments. The high demand for skilled cybersecurity professionals has led to the emergence of cybersecurity boot camps and certifications to provide aspiring professionals with in-demand skills. However, the cybersecurity industry still faces a huge skill gap.

Here are some of the most common kinds of cyberattacks.

Phishing

Phishing is a deceptive technique that uses emails, text messages, websites, and other communication channels to trick users into revealing sensitive information or downloading malware.

These are the four main types of phishing.

Email phishing: Attackers send deceptive emails posing as legitimate individuals or organizations in an attempt to steal information. The attackers can target mass audiences.
Vishing: This is a type of phishing in which attackers make phone calls or leave voice messages pretending to be a reliable source to steal personal information or money.
Whaling: Attackers target high-profile individuals in the management of an organization and send them convincing messages trying to extract sensitive information about the organization.
Spear phishing: It is the most common type of phishing, in which attackers send targets personalized messages via text messages or emails. The attacker first obtains some public information about the target from public databases, social media, or previous breaches.

Phishing contributes to about three-quarters of user account takeovers. So, you must be cautious and keenly examine the legitimacy of each message sent via email, text, or other channels. Some of the common red flags include spelling errors, suspicious attachments, suspicious hyperlinks, and unusual senders.

Here are some of the high-profile companies mostly targeted by phishing.

Microsoft (33%)
Amazon (2%)
Google (4%)
Facebook (3%)
Home Depot (3%)
LinkedIn (3%)
Wells Fargo (3%)
DHL (2%)
Netflix (2%)

Malware

Malware is a broad term that refers to any malicious software developed to steal data and destroy or damage a computer system. Examples of malware include viruses, Trojans, worms, ransomware, etc.

Here are some exciting statistics about malware attacks

Malware attacks increased by 71% between 2016 and 2021.
24% of malicious attacks are caused by ransomware.
In 2023, 7% of ransomware attacks resulted in financial losses. The median ransom payment was $10,000.
The average cost of a ransomware attack is $5.13 million.
Approximately 4.1 million websites are infected with malware at any given time.
The number of people attacked by ransomware increased by 128% between 2022 and 2023.

Distributed Denial of Service (DDoS)

This is a cyberattack in which the attackers flood the servers of the target system with internet traffic creating a network traffic jam that renders the platform inaccessible to legitimate users.

Amazon Web Service (AWS), GitHub, and Dyn are some of the prominent victims of DDoS attacks.
20% of DDoS-for-hire websites emerged in 2023 alone.
Microsoft mitigates an average of 1,700 DDoS attacks daily.

The tools and techniques for conducting a DDoS are becoming more accessible each day. Similarly, the frequency and scale of DDoS attacks are increasing. Criminals are testing sophisticated methods being tested daily. This is highlighted by the emergence of DDoS sites for hire.

Many organizations have recognized DDoS attacks’ threat and invested in DDoS mitigation systems to protect their networks.

Personal data breaches

In 2023, data breaches affected about 353,027,892 people worldwide.
In 2022, the consumer Sentinel Network received over 5.4 million reports, including 2,563,959 fraud reports, 1,107,197 identity theft reports, and 1,761,231 uncategorized data breach reports.

Social media websites and other online platforms have become hackers’ playgrounds due to the vast amount of personal information shared there. Attackers use various techniques, such as phishing emails, to gain unauthorized access to sensitive data such as financial information, login credentials, social security numbers, etc.

One of the biggest data breaches in history occurred in 2013 when hackers compromised more than 3 billion Yahoo user accounts. Facebook was the next big casualty in 2021 in a massive data breach that leaked more than 533 million users’ personal information.

The table below shows the most common types of identity thefts and their prevalence.

Theft type	Number of reports in 2022
Credit Card Fraud	440,672
Other identity theft	326,511
Bank Fraud	156,143
Loan or Lease Fraud	153,583
Employment or tax-related fraud	103,420

Source: Forbes Advisor through Federal Trade Commission Consumer Sentinel Network

The most common cases of identity theft include credit card fraud, loan or lease fraud, bank fraud, and employment or tax-related fraud. It is important to note that identity thefts can take different forms, like mortgage fraud, shopping fraud, and many more, depending on the tactics of a cybercriminal.

According to the table above, credit card theft was the most prevalent form of identity theft in 2022, closely followed by another form categorized as ‘other.’ Bank fraud came third with more than 150,00 cases reported, followed by loan and lease fraud with an almost equal figure.

The fifth most prevalent form of identity theft in 2022 was employment and tax-related fraud, accounting for 103,420 reports.

Social Engineering is an umbrella term for all the techniques used to manipulate people into performing contrary actions without their awareness or suspicion. It mostly involves human interaction, where malicious people deceive innocent victims into revealing confidential information, performing unsanctioned actions, or providing access to restricted areas.

Here are some key digital security statistics about social engineering:

An average organization encounters over 700 social engineering attacks per year.
A report released by Verizon in 2023 revealed that social engineering contributed to 10% of security incidents and 17% of data breaches.
Approximately 98% of cyberattacks involve social engineering tactics.
75% of security professionals feel social engineering is the most dangerous threat.

Social engineering can target any individual or organization. One of the most high-profile social engineering attacks was when an attacker gained unauthorized access to Twilo’s internal systems and accessed the data of 125 customers.

IoT attacks

Here are some key facts about IoT and IoT attacks;

According to Market Watch, the IoT security market will probably reach $13.36 billion by 2028.
There was a 37% global increase in IoT malware attacks in 2023, with 77.9 million attacks in the first half alone.
127 new IoT devices are connected to the internet every second according to a survey by Tech Jury.
Over 1.51 billion Internet of Things data breaches were reported in the first half of 2022.

The IoT industry is growing fast, with over 15 billion devices operational worldwide. This has led to the emergence of a new cyber threat targeting IoT devices. In the first half of 2022, the number of IoT breaches exceeded 1.51 billion.

Surprisingly, about 51% of IT teams did not know the types of devices connected to their networks. The cybersecurity workforce gap is also a major concern for most IoT companies.

Global cybercrime statistics

Cybercrime affects each country globally, but its prevalence differs from country to country. The National Cyber Security Index (NCSI) measures a country’s ability to manage cybercrime incidents and prevent cyber threats. According to NCSI’s report, here’s a list of the countries with the highest cybersecurity scores in 2023.

Poland (90.83)
Estonia (85.83)
Ukraine (80.83)
Latvia (79.17)
United Kingdom (75.00)

The NCSI report also ranked various continents according to the cyberattacks reported by organizations in 2022, as shown below.

Asia (26%)
Europe (24%)
North America (23%)
Middle East and Africa (14%)
South America (13%)

Here are some interesting facts about cybercrime globally.

Cybercrime increased by 168% in the Asia-Pacific region between May 2020 and 2021
The number of accounts breached in Q3 2022 increased by 70% compared to Q2 of the same year,
Sri Lanka (-99%), Myanmar (-82%), and Iraq (-78%) recorded the largest decrease in data breaches in 2022.
China (4852%), Japan (1423%), and South Korea (1007%) suffered the largest increase in data breaches between Q2 and Q3 of 2022.
E-commerce fraud accounted for $48 billion of losses globally in 2023.
Online payment fraud will probably cause a $343 billion loss between 2023 and 2027.

The cost of cybercrime

The cost of cybercrime is projected to hit $10.5 trillion by 2025.
An average data breach causes $1.3 million in losses to an organization.
An organization spends $1.58 million on average to detect and mitigate a data breach.

Some of the costs contributing to these enormous figures include reputation damage, operation disruption, intellectual property theft, regulatory fines, legal fees, and remediation efforts.

State	Number Of Victims	Victim Loss In Millions
California	80,766	$2,013
Florida	42,792	$845
New York	25,112	$777
Texas	38,661	$763
Georgia	13,415	$323
New Jersey	11,793	$285
Illinois	14,786	$267
Pennsylvania	14,714	$251
Alabama	4,893	$248
Arizona	11,882	$241

California, Florida, New York, Texas, and Georgia are the top five states affected by cybercrime in the US. The FBI published a report in 2022 that ranked California as the worst state in terms of victim losses. In that year alone, there were more than 80,000 victims, and victim losses amounted to $2 billion. The other four states accounted for over $1 billion in combined victim losses.

Which are the most targeted industries?

Most targeted industries by online crimes

Cyberattacks are not limited to any single industry. However, the number and types of attacks vary across different industries. Here are some key cybersecurity statistics about the prevalence of cyberattacks in different industries.

Manufacturing

63% of respondents in a survey by Gartner reported that their organization experienced a supply chain attack in the past year.
In 2023, 85% of manufacturing attacks were due to weaponized phishing.
Between January and March 2023, ransomware attacks hit 56% of manufacturing companies.

The cyberattack surface for manufacturing organizations has increased due to adopting automation systems and robotics. Cyberattacks reported in the manufacturing sector started as phishing scams, while 25% of attacks targeted automated systems, IoTs, and robots.

Ransomware attacks also targeted manufacturing companies, with a third of the victims paying ransom to recover their data. Only one in four manufacturing companies could stop the ransomware attacks before they completed encryption.

Finance and Insurance

In the first quarter of 2023, 23.6% of cyberattacks in the finance sector came from phishing scams.
In 2023, cybercriminals registered over 42,000 imposter domains for conducting large-scale phishing scams.
17.5 million credit card data was sold on the black market in 2023.
Organizations in the financial sector suffered an average loss of $5.9 million per attack.
About 80% of financial organizations encountered at least one breach due to weak authentication.
71% of finance and insurance organizations were victims of payment fraud or attempts.

Cyberattacks in the financial and insurance sectors are highly rewarding and motivating to cybercriminals.

The losses resulting from cybercrime in the financial sector can be enormous. A good example is an incident where a hacker stole $29 million from Transit Finance.

Consumer Business

About 20% of consumers stop buying from companies that have been hacked.
25% of retail cyberattack victims had their credentials harvested, while 50% were extorted.
A single data breach on retail systems led to an average loss of $3.28 million.

Online retail business is booming, especially during and after the COVID-19 pandemic. Hackers are also finding new ways of compromising retail systems, resulting in devastating losses.

In 2022, 68% of retail companies encountered cyberattacks and lost data, with vulnerabilities in the customer-vendor relationship contributing to 63% of such data breaches. According to research by BDO, 34% of online retailers felt that cyber attacks and privacy breaches are the most dangerous threats.

Education

Ransomware attacks increased by 44% in 2023, double of experienced in 2022.
Over 700,000 cyber threats were detected in the education sector between April and June 2023.
According to IBM, the average cost of data breaches in higher education institutions dropped from $3.9 million in 2022 to $3.7 million in 2023.

The education sector is also hit from cyberattacks. Attackers try to steal sensitive data like financial information, research data, student records, intellectual property, employee records, etc. In 2022, there were an average of 2,000 attacks per institution weekly. 29% of these attacks attributed to exploited vulnerabilities, while 36% attributed to compromised credentials.

Healthcare

707 ransomware attacks hit healthcare organizations in 2023.
Phishing attacks accounted for 45% of all healthcare data breaches in 2023.
The US Government’s OCR shows 145 data breaches were reported by healthcare firms in Q1 2023.

Cybercriminals may target healthcare organizations for various reasons like financial gain, identity theft, extortion, medical research intellectual property theft, etc. This is why the number of people affected by cybercrime in the sector increased from 31 million in the second half of 2022 to a new record 40 million in 2023.

In September 2022, the New York-Presbyterian (NYP) hospital was hit by a data breach that affected more than 12,000 people. Another healthcare organization, Aveanna Healthcare, suffered multiple phishing-related data breaches for which they paid victims $425,000 in settlements.

Cybersecurity jobs and career outlook

The most lucrative cybersecurity jobs as of January 2024 are:
- Chief information security officer: $192,085 – $304,391
- Director of Information Security: $154,082 – $229,357
- Cybersecurity Architect: $94,555 – $230,982
- Cybersecurity engineer: $122,000 – $188,000
- Application security engineer: $92,456 – $206,498
The most popular cybersecurity certifications as of January 2024:
- Certified Information System Security Professional
- Certified Information System Auditor
- Certified information system Manager
- CompTIA security
- Certified Ethical Hacker (CEH)
The number of cybersecurity professionals employed in the US between September 2022 and August 2023 was approximately 1.18 million, a 59% increase from 2010.
The median salary of information security analysts was $53.85/hour or $112,200 per year in 2022.
There was a cybersecurity workforce gap of 4 million in 2023.

The recent cyberattack increase has led to a high demand for cybersecurity professionals. The cybersecurity workforce gap reached 4 million in 2023 and continues to grow. For instance, the cybersecurity sector had 527,000 job openings between September 2022 and August 2023.

The high demand for cybersecurity professionals has also triggered a high demand for cybersecurity certifications. The most popular certifications include Global Information Assurance Certification, Certified Information Systems Security Professionals, CompTIA Security+, and some entry-level certifications.

How to protect yourself from cyber-attacks?

There’s no single foolproof method of protecting yourself against cyberattacks. However, you can combine various security tools and configurations with proper online practices to stay safe. You should also take time and update yourself with the latest security threats, how criminals execute them and how to mitigate them. Here are some practical tips to protect your devices and personal data from cyberattacks.

Update your operating system and applications to the latest version. Updating software fixes vulnerabilities in the old versions and installs security patches to keep up with emerging threats.
Install a quality antivirus and a VPN. A quality security utility detects threats in the system and removes or quarantines them. In addition, a quality VPN encrypts your sensitive data and protects you while using the internet.
Use strong passwords that combine numbers, letters, and characters. The password should not be easy to guess, so avoid common passwords. You may also use a password manager to generate a strong password.
Avoid opening attachments from unknown sources or spam emails. Some attachments may contain malware that triggers when they open.
Do not open links from unknown sources or spam emails. Some links are phishing scams that may redirect you to suspicious websites or launch an attack on your system
Avoid oversharing personal information. Oversharing personal information compromises your privacy and may make you a target for identity theft and data breaches.
Confirm the URLs of the websites you visit. Some attackers clone popular websites in an attempt to steal your credentials. Do not continue if the web URL spelling looks suspicious.
Check your financial statements regularly. Report any unfamiliar transactions to your bank and change your login credentials on all your online banking platforms.

FAQs

Is cybersecurity a good career?

Cybercrime continues rising and getting more sophisticated which creates a demand for cybersecurity professionals. There was a cybersecurity workforce gap of 4 million in 2023. The average salary of cybersecurity professionals’ range between $118,000 and $150,000. So yes, a cybersecurity career is quite lucrative but also demanding.

How many cyberattacks happen in a day?

It is estimated that 2328 cyber attacks occur every day. The cyberattacks affected more than 6.5 million victims between 2000 and 2021, leading to losses of nearly $26 billion.

Which country has the most cybercrime?

Russia is the leading country in cybercrime, with over 3.5 million breached users. The US closely follows it with 2.5 million breached users.

How often does cybercrime occur?

Cybercrime is estimated to affect 97 victims per hour, which translates to one victim every 37 seconds. Additionally, two internet users’ data was leaked every second in 2022.

How much does cybercrime cost the economy?

The global cost of cybercrime was estimated to be $787,671 per hour in 2021, totaling $6.8 billion annually.

Share this article

About the Author

Andrew Lawson

Streaming Expert

Andrew is a Brazilian-born professional, detail-oriented writer with over 3 years of experience. With time, he changed his niche and started writing articles and blogs about privacy, VPNs, security, and anonymity. Andrew has worked for several websites and boasts a bachelor's degree in Computer Science, which helps him spread his tech knowledge to the world through his words. His qualities, expertise, and techniques, are what align him as a perfect choice for any company.

Comments

No comments.