55 Cybersecurity Statistics to Know in 2024

Andrew Lawson  - Streaming Expert
Last updated: June 20, 2024
Read time: 15 minutes Human Written
Share

Explore the alarming cybersecurity statistics, highlighting the need to employ sufficient measures to combat digital threats and protect sensitive data. Read these stats to learn what happened in the world and where it is projected.

Radar Rundown
  • Cyberattacks have increased significantly in the recent past.

  • There is a widening gap in the cybersecurity workforce.

  • Individuals and organizations suffer high financial costs due to cybersecurity incidents.

As we embrace the digital revolution, we are continuously sharing our personal information on social media platforms, online stores, online banking apps, and other web-based applications. Regardless of how trustworthy a web platform is, there is always a chance that your data may fall into the wrong hands.

Cybersecurity-Icon-1

Cybercriminals exploit system vulnerabilities using various techniques to steal your personal data and then use it for malicious purposes like conducting various attacks, identity theft, unauthorized access, and financial fraud. In this article, we will discuss cybersecurity statistics, the prevalence of cyberattacks, common vulnerabilities and threats, and why you should protect your personal information.

Cybersecurity fast facts and statistics

Cybersecurity fast facts and stats
  • There’s a projected 32% growth of information security jobs between 2022 and 2032.
  • In 2022, business emails alone accounted for $2.7 billion in losses.
  • 94% of organizations reported incidents related to email security in 2023.
  • 35% of malware was delivered via email in 2023, making it the most used delivery form.
  • The average loss caused by a data breach is $4.5 million.
  • There was a 72% increase in data breaches in 2023. The highest since 2021.
  • There were 343,338,964 cyberattack victims in 2023, resulting from 2,365 attacks.
  • In 2023, 17.5 million credit card information was sold in the black market.
  • Approximately 98% of cyberattacks involve social engineering tactics.
  • Over 1.51 billion Internet of Things data breaches were reported in the first half of 2022.
  • E-commerce fraud accounted for $48 billion of losses globally in 2023.
  • Between January and March 2023, ransomware attacks hit 56% of manufacturing companies.
  • About 20% of consumers stop buying from companies that have been hacked.
  • Over 700,000 cyber threats were detected in the education sector between April and June 2023.
  • In the first quarter of 2023, 23.6% of cyberattacks in the finance sector came from phishing scams.

The globalization and interconnection of people through digital platforms are the main reasons for the increase in cybercrime, which hit an all-time high in 2023. Cyberattacks affected more than 343 million people in 2023, leading to a 72% rise in data breaches—a new record.

Cybercriminals used emails to deliver malware. Emails are a very effective malware delivery method because they are used daily for personal and professional communication.

The consequences of a cyberattack can be devastating. A single data breach can cost an average of $4.45 million.

The most common types of cyberattacks

The most common types of cyberattacks

Cyberattacks target individuals and organizations, including governments. The high demand for skilled cybersecurity professionals has led to the emergence of cybersecurity boot camps and certifications to provide aspiring professionals with in-demand skills. However, the cybersecurity industry still faces a huge skill gap.

Here are some of the most common kinds of cyberattacks.

Phishing

Phishing is a deceptive technique that uses emails, text messages, websites, and other communication channels to trick users into revealing sensitive information or downloading malware.

These are the four main types of phishing.

  • Email phishing: Attackers send deceptive emails posing as legitimate individuals or organizations in an attempt to steal information. The attackers can target mass audiences.
  • Vishing: This is a type of phishing in which attackers make phone calls or leave voice messages pretending to be a reliable source to steal personal information or money.
  • Whaling: Attackers target high-profile individuals in the management of an organization and send them convincing messages trying to extract sensitive information about the organization.
  • Spear phishing: It is the most common type of phishing, in which attackers send targets personalized messages via text messages or emails. The attacker first obtains some public information about the target from public databases, social media, or previous breaches.

Phishing contributes to about three-quarters of user account takeovers. So, you must be cautious and keenly examine the legitimacy of each message sent via email, text, or other channels. Some of the common red flags include spelling errors, suspicious attachments, suspicious hyperlinks, and unusual senders.

Here are some of the high-profile companies mostly targeted by phishing.

  • Microsoft (33%)
  • Amazon (2%)
  • Google (4%)
  • Facebook (3%)
  • Home Depot (3%)
  • LinkedIn (3%)
  • Wells Fargo (3%)
  • DHL (2%)
  • Netflix (2%)

Malware

Malware is a broad term that refers to any malicious software developed to steal data and destroy or damage a computer system. Examples of malware include viruses, Trojans, worms, ransomware, etc.

Here are some exciting statistics about malware attacks


Distributed Denial of Service (DDoS)

This is a cyberattack in which the attackers flood the servers of the target system with internet traffic creating a network traffic jam that renders the platform inaccessible to legitimate users.

The tools and techniques for conducting a DDoS are becoming more accessible each day. Similarly, the frequency and scale of DDoS attacks are increasing. Criminals are testing sophisticated methods being tested daily. This is highlighted by the emergence of DDoS sites for hire.

Many organizations have recognized DDoS attacks’ threat and invested in DDoS mitigation systems to protect their networks.


Personal data breaches

  • In 2023, data breaches affected about 353,027,892 people worldwide.
  • In 2022, the consumer Sentinel Network received over 5.4 million reports, including 2,563,959 fraud reports, 1,107,197 identity theft reports, and 1,761,231 uncategorized data breach reports.

Social media websites and other online platforms have become hackers’ playgrounds due to the vast amount of personal information shared there. Attackers use various techniques, such as phishing emails, to gain unauthorized access to sensitive data such as financial information, login credentials, social security numbers, etc.

One of the biggest data breaches in history occurred in 2013 when hackers compromised more than 3 billion Yahoo user accounts. Facebook was the next big casualty in 2021 in a massive data breach that leaked more than 533 million users’ personal information.

The table below shows the most common types of identity thefts and their prevalence.

Theft typeNumber of reports in 2022
Credit Card Fraud440,672
Other identity theft326,511
Bank Fraud156,143
Loan or Lease Fraud153,583
Employment or tax-related fraud103,420

Source: Forbes Advisor through Federal Trade Commission Consumer Sentinel Network

The most common cases of identity theft include credit card fraud, loan or lease fraud, bank fraud, and employment or tax-related fraud. It is important to note that identity thefts can take different forms, like mortgage fraud, shopping fraud, and many more, depending on the tactics of a cybercriminal.

According to the table above, credit card theft was the most prevalent form of identity theft in 2022, closely followed by another form categorized as ‘other.’ Bank fraud came third with more than 150,00 cases reported, followed by loan and lease fraud with an almost equal figure.

The fifth most prevalent form of identity theft in 2022 was employment and tax-related fraud, accounting for 103,420 reports.


Social Engineering

Social Engineering is an umbrella term for all the techniques used to manipulate people into performing contrary actions without their awareness or suspicion. It mostly involves human interaction, where malicious people deceive innocent victims into revealing confidential information, performing unsanctioned actions, or providing access to restricted areas.

Here are some key digital security statistics about social engineering: 

Social engineering can target any individual or organization. One of the most high-profile social engineering attacks was when an attacker gained unauthorized access to Twilo’s internal systems and accessed the data of 125 customers.


IoT attacks

Here are some key facts about IoT and IoT attacks;

The IoT industry is growing fast, with over 15 billion devices operational worldwide. This has led to the emergence of a new cyber threat targeting IoT devices. In the first half of 2022, the number of IoT breaches exceeded 1.51 billion.

Surprisingly, about 51% of  IT teams did not know the types of devices connected to their networks. The cybersecurity workforce gap is also a major concern for most IoT companies.


Global cybercrime statistics

Global cybercrime statistics

Cybercrime affects each country globally, but its prevalence differs from country to country. The National Cyber Security Index (NCSI) measures a country’s ability to manage cybercrime incidents and prevent cyber threats. According to NCSI’s report, here’s a list of the countries with the highest cybersecurity scores in 2023.

  • Poland (90.83)
  • Estonia (85.83)
  • Ukraine (80.83)
  • Latvia (79.17)
  • United Kingdom (75.00)

The NCSI report also ranked various continents according to the cyberattacks reported by organizations in 2022, as shown below.

  • Asia (26%)
  • Europe (24%)
  • North America (23%)
  • Middle East and Africa (14%)
  • South America (13%)

Here are some interesting facts about cybercrime globally.

The cost of cybercrime

The cost of cybercrime

Some of the costs contributing to these enormous figures include reputation damage, operation disruption, intellectual property theft, regulatory fines, legal fees, and remediation efforts.

StateNumber Of VictimsVictim Loss In Millions
California80,766$2,013
Florida42,792$845
New York25,112$777
Texas38,661$763
Georgia13,415$323
New Jersey11,793$285
Illinois14,786$267
Pennsylvania14,714$251
Alabama4,893$248
Arizona11,882$241

California, Florida, New York, Texas, and Georgia are the top five states affected by cybercrime in the US. The FBI published a report in 2022 that ranked California as the worst state in terms of victim losses. In that year alone, there were more than 80,000 victims, and victim losses amounted to $2 billion. The other four states accounted for over $1 billion in combined victim losses.

Which are the most targeted industries?

Most targeted industries by online crimes

Cyberattacks are not limited to any single industry. However, the number and types of attacks vary across different industries. Here are some key cybersecurity statistics about the prevalence of cyberattacks in different industries.

Manufacturing

The cyberattack surface for manufacturing organizations has increased due to adopting automation systems and robotics. Cyberattacks reported in the manufacturing sector started as phishing scams, while 25% of attacks targeted automated systems, IoTs, and robots

Ransomware attacks also targeted manufacturing companies, with a third of the victims paying ransom to recover their data. Only one in four manufacturing companies could stop the ransomware attacks before they completed encryption.


Finance and Insurance

Cyberattacks in the financial and insurance sectors are highly rewarding and motivating to cybercriminals.

The losses resulting from cybercrime in the financial sector can be enormous. A good example is an incident where a hacker stole $29 million from Transit Finance


Consumer Business

Online retail business is booming, especially during and after the COVID-19 pandemic. Hackers are also finding new ways of compromising retail systems, resulting in devastating losses.

In 2022, 68% of retail companies encountered cyberattacks and lost data, with vulnerabilities in the customer-vendor relationship contributing to 63% of such data breaches. According to research by BDO, 34% of online retailers felt that cyber attacks and privacy breaches are the most dangerous threats.


Education

The education sector is also hit from cyberattacks.  Attackers try to steal sensitive data like financial information, research data, student records, intellectual property, employee records, etc. In 2022, there were an average of 2,000 attacks per institution weekly. 29% of these attacks attributed to exploited vulnerabilities, while 36% attributed to compromised credentials.


Healthcare

Cybercriminals may target healthcare organizations for various reasons like financial gain, identity theft, extortion, medical research intellectual property theft, etc. This is why the number of people affected by cybercrime in the sector increased from 31 million in the second half of 2022 to a new record 40 million in 2023.

In September 2022, the New York-Presbyterian (NYP) hospital was hit by a data breach that affected more than 12,000 people. Another healthcare organization, Aveanna Healthcare, suffered multiple phishing-related data breaches for which they paid victims $425,000 in settlements.


Cybersecurity jobs and career outlook

Cybersecurity jobs and career outlook
  • The most lucrative cybersecurity jobs as of January 2024 are:
    • Chief information security officer: $192,085 – $304,391
    • Director of Information Security: $154,082 – $229,357
    • Cybersecurity Architect: $94,555 – $230,982
    • Cybersecurity engineer: $122,000 – $188,000
    • Application security engineer: $92,456 – $206,498
  • The most popular cybersecurity certifications as of January 2024:
    • Certified Information System Security Professional 
    • Certified  Information System Auditor
    • Certified information system Manager
    • CompTIA security
    • Certified Ethical Hacker (CEH)
  • The number of cybersecurity professionals employed in the US between September 2022 and August 2023 was approximately 1.18 million, a 59% increase from 2010.
  • The median salary of information security analysts was $53.85/hour or $112,200 per year in 2022.
  • There was a cybersecurity workforce gap of 4 million in 2023.

The recent cyberattack increase has led to a high demand for cybersecurity professionals. The cybersecurity workforce gap reached 4 million in 2023 and continues to grow. For instance, the cybersecurity sector had 527,000 job openings between September 2022 and August 2023.

The high demand for cybersecurity professionals has also triggered a high demand for cybersecurity certifications. The most popular certifications include Global Information Assurance Certification, Certified Information Systems Security Professionals, CompTIA Security+, and some entry-level certifications.

How to protect yourself from cyber-attacks?

How to protect yourself from cyber-attacks?

There’s no single foolproof method of protecting yourself against cyberattacks. However, you can combine various security tools and configurations with proper online practices to stay safe. You should also take time and update yourself with the latest security threats, how criminals execute them and how to mitigate them. Here are some practical tips to protect your devices and personal data from cyberattacks.

  • Update your operating system and applications to the latest version. Updating software fixes vulnerabilities in the old versions and installs security patches to keep up with emerging threats.
  • Install a quality antivirus and a VPN. A quality security utility detects threats in the system and removes or quarantines them. In addition, a quality VPN encrypts your sensitive data and protects you while using the internet.
  • Use strong passwords that combine numbers, letters, and characters. The password should not be easy to guess, so avoid common passwords. You may also use a password manager to generate a strong password.
  • Avoid opening attachments from unknown sources or spam emails. Some attachments may contain malware that triggers when they open.
  • Do not open links from unknown sources or spam emails. Some links are phishing scams that may redirect you to suspicious websites or launch an attack on your system
  • Avoid oversharing personal information. Oversharing personal information compromises your privacy and may make you a target for identity theft and data breaches.
  • Confirm the URLs of the websites you visit. Some attackers clone popular websites in an attempt to steal your credentials. Do not continue if the web URL spelling looks suspicious.
  • Check your financial statements regularly. Report any unfamiliar transactions to your bank and change your login credentials on all your online banking platforms.

FAQs

Cybercrime continues rising and getting more sophisticated which creates a demand for cybersecurity professionals. There was a cybersecurity workforce gap of 4 million in 2023. The average salary of cybersecurity professionals’ range between $118,000 and $150,000. So yes, a cybersecurity career is quite lucrative but also demanding.

It is estimated that 2328 cyber attacks occur every day. The cyberattacks affected more than 6.5 million victims between 2000 and 2021, leading to losses of nearly $26 billion.

Russia is the leading country in cybercrime, with over 3.5 million breached users. The US closely follows it with 2.5 million breached users.

Cybercrime is estimated to affect 97 victims per hour, which translates to one victim every 37 seconds. Additionally, two internet users’ data was leaked every second in 2022.

The global cost of cybercrime was estimated to be $787,671 per hour in 2021, totaling $6.8 billion annually.

Share this article

About the Author

Andrew Lawson

Andrew Lawson

Streaming Expert

Andrew is a Brazilian-born professional, detail-oriented writer with over 3 years of experience. With time, he changed his niche and started writing articles and blogs about privacy, VPNs, security, and anonymity. Andrew has worked for several websites and boasts a bachelor's degree in Computer Science, which helps him spread his tech knowledge to the world through his words. His qualities, expertise, and techniques, are what align him as a perfect choice for any company.

More from Andrew Lawson

Comments

No comments.