30 Key Cybersecurity Statistics to Be Aware of in 2023
Published: January 1, 2022
With the threat of cyberattacks growing every year, we decided to compile this cybersecurity statistics list to prepare businesses and individuals for some of the most common cybercrimes.
The internet has brought so much convenience into our daily lives. But with billions of people exposing their personal information to the world, the internet also puts our online safety at risk. Common internet crimes, such as identity theft, phishing, and others, can only be stopped by educating internet users.
The Top 10 Cybersecurity Statistics for 2022
- The worldwide cybercrime cost may reach $6 trillion in 2021.
- 81% of organizations were affected by cybercrime last year.
- A malicious hacking attack occurs every 39 seconds.
- Routers and connected cameras account for 90% of attacked devices.
- Usernames such as “Root” and “admin” must be avoided, as well as passwords that duplicate the username or are a variation of it.
- 2013’s Yahoo data breach compromised 3 billion accounts.
- The average cost per lost record is $148.
- The largest internal data breach event lasted for 30 years.
- On average, only 5% of companies protect their folders.
- 28% of data breach victims in 2020 were small businesses.
Cybercrime Facts and Statistics
1. The first-ever computer virus was called “The Creeper.”
Security has been an issue ever since the first computers were invented. The Creeper is the first known computer virus, and it was created during the 1970s. It infected the ARPANET network and computers running the TENEX operating system, displaying the message, “I’m the creeper, catch me if you can.”
2. Recent cybersecurity breach data shows that 93% of companies experienced unauthorized use of cloud apps.
Cloud storage has become the standard for almost every industry. From software development firms to car manufacturers, 93% of companies have had to deal with someone accessing their cloud-stored data and apps without permission. The situation is similar to private cloud users: cybersecurity stats show that 82% have had a similar negative experience.
3. As much as 81% of organizations were victims of cyber attacks in 2020.
In case you’re wondering how common cyberattacks are in the business world, the answer is pretty common. The vast majority of organizations reported being the victim of a successful cyberattack during the last year.
4. A whopping 93.9% of Mexican organizations were affected by at least one successful cyber-attack in 2019.
Cybersecurity incidents have affected almost all of Mexico’s organizations in 2019. A whopping 93.9% of them reported falling victim to at least one successful cyberattack in the last 12 months that year. The list of the top five most-affected countries also includes Spain (87.5%), Italy (85.7%), Colombia (83.9%), and China (83.9%).
5. Around 63% of all cyber-attacks in 2020 were financially motivated.
(Source: Government Technology)
The main motive behind cyberattacks is financial gain. Other common motives include gaining insight into the competition, political reasons, and revenge.
6. The financial industry was the biggest victim of phishing in 2020, at 22.5%.
The business cybersecurity statistics for the financial industry had a phishing rate of 22.5% in 2020. Financial institutions, such as banks, receive tons of emails and phone calls every day, which are the common mediums for phishing attacks.
7. Some industries take up to 287 days to detect an attack.
It takes a staggering amount of time to detect a data breach; the average time across all industries is 197 days. The healthcare industry is the quickest to find one, while it can take the entertainment industry up to 287 days to catch a data breach.
8. A malicious hacking attack occurs every 39 seconds.
(Source: University of Maryland)
According to a study conducted at the University of Maryland that dealt with the data derived from recent cyberattacks, ill-intentioned hackers attacked the researchers’ target computers 2,244 times per day. On a global scale, an attack occurs every 39 seconds. Using scripts that try to guess usernames and passwords to get into a network, hackers target an increasing number of computers daily.
9. 90% of attacked devices are routers and connected cameras.
When looking for entry points, the cybersecurity statistics indicate hackers are most likely to choose either routers or IoT devices, such as cameras. Leaving the stock security settings on either of those is a bad practice.
10. In 2020, around 58% of compromised data consisted of personal information.
The most commonly targeted data is personal information. Hackers can sell your gender, name, email, and birthday to those running phishing scams—or even advertising agencies.
11. The most commonly attempted username is “Root.”
(Source: University of Maryland)
The same study that determined the average number of cyberattacks per day also found the usernames and passwords that the scripts use most. Researchers found that the username “Root” is attempted 12 times more often than the word “admin.” The rest of the commonly guessed usernames are “test,” “guest,” “info,” and “adm.”
12. 43% of password attempts are the same as the username.
(Source: University of Maryland)
In a lot of cases, the script will automatically re-enter the username in the password-designated field. After that, the username plus “123” is attempted. Cybersecurity statistics from recent years list other common password hacking attempts: these include number sequences and phrases such as “123456,” “1234,” “passwd,” and “1.” Avoid all of these—be more creative to stay safe online.
13. Credit card skimming is responsible for 24% of retail data breaches.
What’s credit card skimming, you may ask? Those looking to steal payment card info install a small device that clones the data stored in the card’s magnetic stripe and then uses the information to either make online purchases or produce a counterfeit credit card. According to cybersecurity stats, the retail industry experienced 24% of credit card skimming last year.
Credit cards are the most popular mode of payment in all online stores worldwide, making them the most vulnerable to such cybersecurity risks.
14. Around 35% of companies plan on increasing their cloud security budgets in 2021.
(Source: Threat Post)
People will continue to work remotely for as long as the coronavirus pandemic persists, so we will almost certainly see an increase in cyber attacks. Hence, 35% of companies plan to strengthen their cloud security this year.
15. The cost of cybercrime may reach $6 trillion worldwide in 2021.
(Source: Cybercrime Magazine)
Experts say that if cybercrime were a country, it would be the world’s third-largest economy, next to the US and China. It has a worldwide cost of $6 trillion in 2021 and may reach $10.5 trillion in 2025.
Crucial Data Breach Statistics to Know in 2022
16. The largest internal data breach event lasted for 30 years.
From 1976 to 2006, Boeing engineer Greg Chung collected crucial information related to the space shuttle program. Chung faced a trial for selling the information to China, earning a 15-year jail sentence. More than $2 billion worth of data, on over 300,000 pages, was discovered in his home.
17. The Yahoo data breach compromised 3 billion data records.
The data breach statistics prove that Yahoo is responsible for the largest data breach ever, with around 3 billion user accounts and passwords compromised in an incident revealed in 2017. The second-largest data breach incident was Aadhaar, India’s national ID database, which happened in 2018 when 1.1 billion private records were compromised.
We shouldn’t leave out the infamous Panama paper leak caused by poor plugin choices, as this data breach compromised over 4.8 million emails.
18. The average cost of a corporate data breach is $3.86 million.
According to the cyber attack statistics, the average loss per data breach is $3.86 million. When a corporation experiences a data breach, it can cost them a ton of money—in addition to potentially losing their clients’ trust. Every single lost or stolen user record costs the company $148.
19. Around 15% of companies give employees access to over a million business-related files.
This is one of the top reasons data breaches are so common. And based on the cybercrime statistics, 17% or more of all sensitive company files stored on the network is available to all employees — a data breach disaster is almost imminent. All it takes is one reckless employee falling for a phishing email, and the entire company can be in chaos.
20. The loss of one million records costs $40 million on average.
The cost of cybersecurity—or, more precisely, a lack thereof—is high for large businesses. An average company will suffer a loss of $40 million if they lose a million records from their network. Even for giants like Yahoo, this lost capital could be the final nail in the coffin. Worse, the loss of potential business after a breach is estimated at $4.2 million over the next year for US-based corporations.
21. On average, only 5% of companies protect their folders.
Large-scale cyber attacks on corporate entities will keep happening, especially considering the fact that only 5% of all companies worldwide protect their folders.
22. Companies typically tighten up their security after a large data breach.
IBM’s research from 2018 shows that the larger the data breach a company experiences, the lower the chances of another breach within the next two years. Most companies tend to wise up and increase their online safety after an incident.
23. Around 28% of all data breach victims are small businesses in 2020.
(Source: Small Business Trends)
Large corporations aren’t the only ones at risk of a data breach. In fact, hackers are more likely to focus on smaller victims. The small business cyber attack statistics show that 28% of these businesses became data breach victims last year. After all, small businesses use at least one digital technology. It will be wise to find one that will help them mitigate data breach risks.
24. As much as 27% of the global malware-based data breaches were caused by ransomware in 2020.
Ransomware has become one of the main tools in a cyber criminal’s arsenal. With 27% of all malware data breaches being caused by ransomware last year, organizations must dedicate more attention to it.
What is ransomware? After getting into a computer—usually, through a malicious email— ransomware software hijacks the data and demands money for its return.
25. Cyber attack trends show that 54% of ransomware attacks come from spam or phishing emails.
Emails that contain suspicious links and/or attachments should be ignored and reported. This especially applies to emails claiming you’ve won an award or are about to obtain an insane amount of money by just clicking on a link. That guy claiming to be a Nigerian prince definitely won’t make you rich.
On the other hand, cybersecurity stats show that many legit emails end up in the spam folder for reasons you’d never guess. One of the reasons is very low inbox usage, and there are 76 more of them. To be on the safe side, go through the list of reasons why your emails might be marked as spam emails. Keep in mind that email marketing is 40 times more effective than social, so marketers take advantage of it. You just have to be cautious about which ones are legit or not.
26. In 2017, WannaCry accounted for 53.92% of ransomware attempts.
WannaCry was officially the most-used ransomware in 2017. The cybersecurity statistics from 2020 show that it continued being the most common ransomware, with 18.77% of attempts in Q3 alone.
As with most ransomware, WannaCry infects victims’ computers and demands a payment in Bitcoin. The main distinguishing feature is that this specific ransomware targets computers running Windows OS, especially older versions that have weaknesses implemented by the NSA.
27. The average amount of money demanded in ransomware attacks is $1,077.
(Source: Safeatlast / TechCrunch)
Data hijackers typically ask for around $1,000 to return access to the data they took from their victims. The cyber attack statistics by year reveal that, in 2015, the average amount was $294.
28. Security experts expected ransomware attacks to quadruple in 2020.
(Source: Safeatlast / Comparitech)
Speaking of yearly statistics, the predictions for 2020 weren’t bright—a significant increase in the number of ransomware attacks was expected. With an increase of 400%, we’ll need to be more cautious online than ever before. In 2021, the projected cost of ransomware will reach $6 trillion annually.
29. Next-gen supply chain attacks surged up to 430% in the past year.
Supply chain attacks are the type of cyber attack that looks for an opening into a network through the supply network, which is notorious for its lack of security. The malware statistics show that these are on the rise in all industries, including finance, oil, and the government sector, so ensuring your suppliers keep their online databases safe is a must.
30. 17% of data breaches were caused by human errors in 2020.
Employee education on internet safety might be the key to preventing cyber attacks. With 17% of all data breaches in 2020 being caused by human error, we seem to be a key factor in maintaining online safety.
The cybersecurity statistics listed above are intended to be a wake-up call for professionals whose businesses rely on storing sensitive information online. After seeing how common and devastating cyber attacks and data breaches can be, we hope everyone starts paying more attention to their online security.