30 Crucial Cybersecurity Statistics [2023]: Data, Trends And More

Cybersecurity research summary. Cybersecurity threats pose a greater risk than ever before. More and more people rely on modern technology, and an increasing number of U.S. and international businesses use digital devices and web-based software. After extensive research, our data analysis team found the following cybersecurity facts and data breach statistics:

• Cyberattacks happen once every 39 seconds.

• 95% of cyberattacks are due to human error.

• Cybercrime cost people in the United States an estimated $6.9 billion in 2021.

• Globally, an estimated 30,000 websites are hacked each day.

• 43% of Cyberattacks target small businesses.

• Only 5% of company folders and files are properly protected.

For further analysis, we broke down the data in the following ways:
Corporate | Cyberattack Methodology | Hacking Statistics | Trends and Projections

General cybersecurity statistics

Cybersecurity was likely a concern for you whether you know how many people get hacked a year or not. Regardless, knowing the facts can really drive home just how big of an issue cybersecurity has become in the modern world. Here are some general statistics around cybersecurity you should know:

• Cybercrime costs the global economy $6 trillion each year.

  The cost of cybercrime is increasing significantly and is expected to grow by as much as 15% over the next five years. It’s estimated that by 2025, cybercrime will cost the world roughly $10.5 trillion every year.

• Almost all cybersecurity breaches are due to human error.

  It’s estimated that a whopping 95% of all cybersecurity breaches are a result of human error. Cybercriminals often target small businesses, infiltrating their websites and distributing malicious code to web users who view or interact with the site.

  As such, although these security breaches are usually tied to human error, business owners and their customers are often unaware of any threat.

  Today, many experts view cybersecurity breaches as one of the biggest threats to mankind.

  Some of the best ways of avoiding a cyberattack include keeping your web server software up to date, encrypting web traffic when transferring personal information, performing routine virus scans, and frequently backing up your website.

• It’s estimated that the United States spends about $3.5 billion annually on cybersecurity.

  In 2019, the United States spent a reported $3.5 billion combating cyberattacks, according to the Federal Bureau of Investigation.

  Although that number represents the yearly average spent by the U.S. on cybersecurity, the actual dollar amount is likely much higher as many attacks go unnoticed and unrecorded.

  In fact, one security firm estimated that ransomware alone costs the U.S. an estimated $9 billion yearly.

  In addition, the cost of cybersecurity is only increasing. In 2020, U.S. businesses spent about 23% more on cybersecurity than the previous year.

  However, the increasing dollar amount was still met with increasing digital security breaches. Meanwhile, across the world, cybersecurity is expected to cost $10.5 trillion by 2025.

• Across the world, the United States spends the most on cybersecurity.

  Averaging a $3.5 billion (or more) average annual cybersecurity budget, the U.S. tops every other country in the world when it comes to cybersecurity preparedness and spending.

  This year, in fact, the American government is expected to allocate an additional $18.78 billion investment in cybersecurity.

  Behind the United States, other top spenders include Israel, Iran, Canada, Malaysia, Australia, France, Spain, and the United Kingdom.

• The FBI’s Internet Crime Complaint Center (IC3) reported 847,376 complaints in 2021. This is a 7% increase from 2020. Top complaints involved ransomware, business e-mail compromise (BEC) schemes, and the criminal use of cryptocurrency.

• The IC3 reported a $6.9 billion loss for the American public in 2021. This is up from $4.2 billion in 2020. This number has been steadily increasing since 2017, when it was at $1.4 billion.

Reported cybercrime and financial losses

Year	Reported Complaints	Financial Loss
2021	847,376	$6.9 Billion
2020	791,790	$4.2 Billion
2019	467,361	$3.5 Billion
2018	351,937	$2.7 Billion
2017	301,580	$1.4 Billion

Corporate cybersecurity statistics

Cybersecurity is an issue for corporations all over the world. Of the accounts that get hacked and data that gets breached, those at the corporate level are some of the least explored and most damaging incidents. Here are some crucial examples of the harm poor cybersecurity can do at the corporate level:

• More than half of all U.S. companies have experienced phishing.

  Roughly 62% of organizations in the United States have experienced social engineering and phishing attacks.

  In cybersecurity, phishing refers to the practice of attempting to gain access to sensitive information by sending a company or individual an online scam that appears to come from a reputable source.

• On average, 5% of a company’s files are properly protected from cyber threats.

  At just 5%, only a very small amount of an average business’ sensitive and private files are properly protected from hackers, according to the 2019 Varonis Global Data Risk Report.

  Moreover, data suggests that 22% of all folders in a given company are open to every employee, and as many as 53% of companies have more than 1,000 sensitive files open to every employee.

• 43% of cyberattacks target small businesses.

  While just shy of 50% of all cyberattacks targeting small businesses, only 14% of those organizations are prepared to defend themselves against digital attacks. In fact, six out of every ten small businesses have no cybersecurity protection in place.

  Although small businesses are a top target for data breaches, 66% of senior decision-makers at small businesses in the United States believe they are not at risk.

Cyberattack methodology statistics

Cyberattacks can some from many different sources, and under many different strategies. Here are some hacker statistics that dive into the methodology behind Cyberattacks:

• More than 40% of data breaches involved internal actors.

  Data suggests that 43% of data breaches involve internal actors, including employees, contractors, and third-party suppliers. It’s estimated that half of all data breaches that involve internal actors are intentional, while the other half are accidental.

  During cyberattacks, internal actors are more likely to target employee information, including identification and health data, as opposed to customer data, according to Mcafee’s Grand Theft Data report.



• Email is the most common method hackers use when delivering malware.

  In the first six months of 2021, roughly 75% of all cybersecurity threats were delivered via email, according to the HP Wolf Security Threat Insights Report. Data suggests that 49% of phishing emails are about business transactions, while 16% consist of generic names, numbers, and letters.



• Mobile devices account for 60% of cyber fraud.

  Phishing attacks on mobile devices are becoming more and more common, with cell phones now accounting for 60% of cyber fraud.

  Increased international reliance on cell phones, mobile banking, and the use of mobile devices for sensitive business have all contributed to the growing rate of mobile cyber fraud.

• Most malware attacks target Windows systems.

  Roughly 83.45% of malware was detected on Windows devices in the first quarter of 2020. Meanwhile, 11.09% is detected on browsers, and 3.24% is detected on Androids. Roughly 1.91% of malware is detected on other systems.

• Thousands of ransomware attacks occur each day.

  Since 2016, roughly 4,000 ransomware attacks have happened every day. In the United States, ransomware represents the fastest growing malware threat, according to the Federal Bureau of Investigation.

• The FBI’s IC3 reports the top internet crime in 2021 was phishing. There were 323,972 reported phishing incidents in the U.S. in 2021. Additionally, non-payment/nondelivery, personal data breach, identity theft, and extortion make up the next four most common forms of cybercrime.

Top 5 reported internet crimes in 2021

Internet Crime	Reported Incidents
Phishing	323,972
Non-Payment/Non-Delivery	82,478
Personal Data Breach	51,829
Identity Theft	51,629
Extortion	39,360

Hacking target statistics

Hackers can target almost anyone, but there are certain targets more vulnerable to cybersecurity threats than others. Here are some common hacking target trends:

• Approximately 3.8 million records are exposed by hackers every day.

  From 2013 through today, it’s estimated that 3,809,448 records have been and continue to be exposed by hackers every single day.

  At this rate, 158,727 documents are exposed every hour, 2,645 documents are exposed every minute, and as many as 44 records are exposed every second.

• Hackers primarily target government, retail, and technology industries.

  Roughly 95% of all cybersecurity breaches happen in government, retail, and technology markets.

  Experts suggest this high-risk rate is due to the fact that these markets have a large number of personal records and sensitive information, including credit card information, social security numbers, and computer passwords in their digital files.

  Outside of these three markets, the healthcare industry is also often targeted by digital hackers. In 2020 alone, 75% of healthcare facilities in the United States were infected with malicious software at some point during the year. Individuals have much lower chances of getting hacked.

• Approximately 111.7 million Americans are hacked each year.

  Records indicate that as many as one in three Americans have their data breached every year, totally roughly 111.7 million individuals. Most personal data breaches on U.S. citizens can be linked to insecure usernames and passwords and a lack of digital literacy.

• The average cost of a digital data breach in the U.S. is $200,000.

  For all companies, big and small, a cybersecurity attack costs, on average, $200,000. While more American companies have become proactive in their mission to ward off cyberattacks, the rate at which breaches happen continues to increase.

  Due to the debilitating costs associated with digital data breaches, an estimated 60% of American businesses are forced to shut their doors within six months of being attacked.

• The average ransom demand is more than $150,000.

  Today, the average ransom demand is $178,254 — 60% more than the early 2020 average of $111,605. It’s estimated that more than one-third of all companies who are attacked with ransomware pay that price (or a similar one) within 16 days.

• Roughy 1 million new pieces of malware are made each day.

  Historical data suggests that more than 317 million computer viruses, or malware, are created every year. At that rate, nearly 1 million new viruses are created each day.

Cybersecurity trends and projections

Cybersecurity trends and projections are always changing along with technology an the new strategies deployed by hackers. Knowing that, we’ve gathered all of the latest cybersecurity trends:

• Cyberattacks rose 400% during the pandemic.

  During the height of the COVID-19 pandemic, cyberattacks were up as much as 400%, according to the Federal Bureau of Investigation. Prior to the pandemic, the FBI received approximately 1,000 daily complaints to its Internet Crime Complaint Center.

  COVID-19 closures and the transition to a remote work environment, meanwhile, caused those complaints to rise to 3,000 to 4,000 per day.

• Cybersecurity costs are projected to grow by 15% per year over the next five years.

  Globally, cybersecurity is expected to cost roughly $6 trillion this year. Over the next several years, that number is estimated to grow by at least 15% per year, totaling $10.5 trillion in 2025.

• There has been a recorded 151% increase in ransomware attacks in early 2021.

  In the second quarter of 2021, ransomware attacks totaled 304.7 million, with the FBI warning that there are 100 new strains circulating the world. Meanwhile, in 2020 a total of 304.6 million ransomware attacks were recorded for the entire year.

Cybersecurity FAQ

1. How many Cyberattacks happened in 2020?

   155.8 million digital U.S. records were exposed as a result of cyberattacks, and approximately 1,001 major data breaches were recorded in the United States in 2020. Meanwhile, globally an estimated 30,000 websites were hacked each day.

   In addition, every year since 2016 — 2020 included — have seen roughly 4,000 international ransomware attacks, representing a 300% increase since 2015.

2. What does social engineering mean in cybersecurity?

   In cybersecurity, social engineering refers to the practice of manipulating vulnerable parties to forfeit private and sensitive information online. When hackers use social engineering, they aim to exploit human errors in order to access confidential data and spread malicious malware and computer viruses.

3. How many accounts are hacked each day in the US?

   About half a million U.S. accounts are hacked every day. Since 2015, an average of 199.17 million digital records have been exposed each year in the United States Overall, it’s estimated that about one in three Americans are hacked every year.

4. Are cybersecurity threats increasing?

   Yes, cybersecurity threats are increasing. Early 2021 saw a 151% increase in ransomware attacks alone, reaching 304.7 million attacks. That’s more attacks than there were in all of 2020, which saw 304.6 million ransomware attacks.

   Other cyberattacks increased during 2020 and 2021 as well. As a significant portion of the U.S. workforce shifted to remote work during the COVID-10 pandemic, cyberattacks increased by 400%, and the FBI went from receiving about 1,000 cyberattack complaints a day to up to 4,000.

   The number of cybersecurity threats is only expected to increase, as experts estimate that there are 1 million new pieces of malware (aka computer viruses) being created each day and that to combat these and other threats, cybersecurity costs will increase by 15% each year from 2020 to 2025.

   This means global cybersecurity costs will grow from $6 trillion in 2021 to $10.5 trillion in 2025 as governments and private businesses alike work to protect themselves from cyberattacks of all kinds.

5. How many data breaches happened in 2021?

   1,862 data breaches happened in 2021. This set a new record previously held by 2017 and its 1,506 data breaches. This 2021 figure was also a 68% increase from the 2020s 1,108 breaches.

   Experts believe that cybercriminals shifted their focus toward smaller, more precise attacks rather than trying to steal as much data as possible in 2021, which resulted in a 5% decrease in the number of people who were affected by these attacks. Still, 294 million people were impacted by data breaches.

   Ransomware attacks accounted for 22% of reported cyberattacks in 2021. This kind of attack has been growing rapidly over the past few years, putting it on pace to surpass phishing as the most common cause of data breaches.

   The military is the only sector that didn’t report a single data breach during 2021, while manufacturing and utilities saw the number of breaches they experienced more than double from 2020 to 2021.

   CNet. “Data Breaches Break Record in 2021.” Accessed on April 1, 2022.

6. What is the most common data breach?

   Phishing is the most common data breach. In 2019, this form of cybercrime accounted for almost one-third of all Cyberattacks, and the number of phishing attacks increased during the COVID-19 pandemic.

   Phishing is when someone sends a malicious link via email, text, or social media that looks legitimate but is designed to steal information or install malicious software when opened.

   During the first half of 2021, about 75% of all cybersecurity attacks were made via email, the majority of which was likely some form of phishing. However, social media is becoming a more popular site for phishing schemes, as people are often more willing to trust the direct messages they receive on those platforms.

   95% of all cyberattacks are due to human error, and more than half of U.S. companies have experienced phishing, which shows just how big of a threat this is. Ransomware attacks are becoming increasingly common, though, accounting for 22% of cyberattacks in 2021, and they’re slated to continue to grow until they surpass phishing as the number one type of data breach.

   Safeguard Cyber. “Phishing Attacks Are What Percentage of Cyberattacks?” Accessed on April 1, 2022.

7. Are data breaches increasing?

   Yes, data breaches are increasing. 2021 saw a 68% increase in the number of reported data breaches, which added up to 1,862 breaches. This even beat 2017’s previous record of about 1,500 breaches.

   As people moved to more remote work during the COVID-19 pandemic, they began using more mobile devices, which are often more susceptible to data breaches. (Mobile phones account for 60% of cyber fraud.) As a result, the number of breaches was able to increase exponentially.

   While phishing is still widely considered the most common cyberattack method, the number of ransomware attacks is increasing rapidly. This type of cyberattack made up 22% of 2021’s breaches and is continuing to grow, putting it on pace to take over phishing’s spot as the most common type of cyberattack.

   294 million people were affected by 2021’s data breaches, so companies and governments are working hard to improve their cybersecurity so they can protect the information people have entrusted them with. As a result, though, it’s expected that cybersecurity costs will increase by 15% year over year from 2021 to 2025.

Conclusion

Cybersecurity breaches remain one of the biggest threats to economic and financial stability, business success, and the protection of personal property and information.

While spending on cybersecurity protection increases, cyberattacks show no real sign of slowing down.

The U.S. spends roughly $3.5 billion per year on cybercrime costs, a number which is only expected to increase this year after a record 400% increase in cyberattacks during the peak of the coronavirus pandemic. Also climbing are global costs, which are expected to reach as much as $10.5 trillion by 2025.

With an international cyberattack happening once every 39 seconds, knowledge could be the nation’s greatest digital protection, as an estimated 95% of attacks are directly linked to human error.

References

1. Cobalt. “Business Cost Of Cybercrime.” Accessed on November 14, 2021.

2. Bank Info Security. “Ransomware Payday: Average Payments Jump To $178,000.” Accessed on November 14, 2021.

3. Cybercrime Magazine. “Cybercrime To Cost The World $10.5 Trillion Annually By 2025.” Accessed on November 14, 2021.

4. Forbes. “30,000 Websites Hacked A Day. How Do You Host Yours?” Accessed on November 14, 2021.

5. University Of North Georgia. “Cybersecurity: A Global Priority And Career Opportunity.” Accessed on November 14, 2021.

6. Analytics India Magazine. “Top Cybersecurity Budgets Around The World.” Accessed on November 15, 2021.

7. Varonis. “2019 Varonis Global Data Risk Report.” Accessed on November 15, 2021.

8. CNBC. “Cyberattacks Now Cost Companies $200,000 On Average, Putting Many Out Of Business.” Accessed on November 15, 2021.

9. CNN Business. “Nearly 1 Million New Malware Threats Released Every Day.” Accessed on November 15, 2021.

10. Statista. “Cyber Crime: Number Of Breaches And Records Exposed 2005-2020.” Accessed on November 15, 2021.

11. Mcafee. “Grand Theft Data.” Accessed on November 16, 2021.

12. ZDNet. “HP Finds 75% Of Threats Were Delivered By Email In First Six Months Of 2021.” Accessed on November 16, 2021.

13. Reader’s Digest. “Top Security Threats Of Smartphones (2021).” Accessed on November 16, 2021.

14. Statista. “Distribution Of Malware Detections Q1 2020, By OS.” Accessed on November 16, 2021.

15. Federal Bureau Of Investigation. “How To Protect Your Networks From Ransomeware.” Accessed on November 16, 2021.

16. Threat Post. “Ransomware Volumes Hit Record Highs As 2021 Wears On.” Accessed on November 16, 2021.

17. The Hill. “FBI Sees Spike In Cyber Crime Reports During Coronavirus Pandemic.” Accessed on November 16, 2021.

18. PR Newswire. “Top Cyber Security Experts Report: 4,000 Cyber Attacks A Day SInce COVID-19 Pandemic.” Accessed on November 16, 2021.

19. Federal Bureau of Investigation “Internet Crime Report 2021” Accessed on February 27, 2023.

Author

Elsie Boskamp

Elsie is an experienced writer, reporter, and content creator. As a leader in her field, Elsie is best known for her work as a Reporter for The Southampton Press, but she can also be credited with contributions to Long Island Pulse Magazine and Hamptons Online. She holds a Bachelor of Arts degree in journalism from Stony Brook University and currently resides in Franklin, Tennessee.