While once a great theme for cutting edge movies in the 1990s, cybercrime is now a subject that poses a very real and present danger to most businesses. With data breaches and cyber crime statistics on the rise, many companies are running on empty, devoid of consistent peace of mind and lacking in real security of their data or that of clients.

Studies clearly show that:

Most companies are not only vulnerable to cybersecurity issues (externally from hackers or internally from their own employees), but they are also easy targets.

Which is why:

It’s imperative that companies make cybersecurity awareness, prevention, and security best practices a part of their culture. By doing this, companies will at least stand a chance of fighting against data loss, something which the majority of companies around the world do not have.

With that said, let’s dive in.

Worrying Cyber Crime Statistics (Editor’s Choice)

  • It took 206 days on average to identify a breach in 2019.  
  • 95% of malware is delivered via email.
  • In 2019, over 43% of data breach victims were small businesses.
  • The banking industry incurred the most cybercrime costs in 2018 and 2019, the average cost of which (2019) was $18.3 million.
  • By 2021, cybersecurity services are expected to account for well over 50% of budgets.
  • 69% of companies see compliance mandates driving spending.
  • 53% of companies had over 1,000 sensitive files open to every employee.
  • Cyber crime statistics worldwide show that 22% of all folders were available to every employee.
  • Equifax was found liable for their 2017 breach and was fined $425 million by the Federal Trade Commission (FTC) in 2019.

Global Cybercrime Statistics

1. Worldwide spending on cybersecurity is forecast to reach $133.7 billion in 2022.

With cybercrime on the rise, more money is being spent on its prevention and also on dealing with the effects of its aftermath. 2022 is expected to see a worldwide annual spend of nearly $134 billion, a figure that is set to rise further, according to cyber crime prosecution statistics.

2. Over 60% of businesses experienced phishing and social engineering attacks in 2019.

The increase in phishing and social engineering attacks in 2019 has led to studies reflecting that 63.8% of businesses have been victims of cybercrime.

3. Nearly 70% of business leaders feel their cybersecurity risks are increasing.

A set of studies carried out toward the end of 2019 led to results indicating a total of 68.4% of business leaders expressed concerns that they’re becoming more vulnerable to cybercrime. This figure of cybercrime trends means that many leaders anticipate 2020 to be a time in which vigilance must be exercised.

4. Only 5% of company folders are properly protected.

Many businesses fail to incorporate or keep up with folder security protocols within their corporate structure. As a result of this negligence, statistics on cybercrime suggest that only a tiny minority of US companies have effectively instigated measures within their businesses that will actually protect company files.

5. Data breaches exposed over 4 billion records in the first six months of 2019.

In 2019, social media crimes statistics showed a whopping 4.1 billion records were compromised. As shocking as the figure is, what is even more mind-boggling is that these figures only reflect breaches occurring in the first half of 2019. By the end of 2019, this figure more than doubled to reach 9.6 billion.

6. The majority of breaches were financially motivated and over one-quarter were motivated by espionage.

Cyber crime statistics 2019 show that the majority (72%) of cybersecurity breaches in 2019 were financially motivated and were instigated by cybercriminals looking for financial gains. However, 26% of cybercrimes were motivated by intentions traced to espionage and other such reasons.

To be precise, 52% of breaches featured hacking, 28% involved malware, and 32–33% included phishing or social engineering.

8. 8,854 breaches were recorded in the US between 2005 and 2018.

Between January 1, 2005, and April 18, 2018, 8,854 recorded breaches took place. 

While computer crime stats show that overall ransomware infections were down 52%, enterprise infections were up by 12% in 2018.

9. The .exe email type is one of the most malicious.

The top malicious email attachment types are .doc and .dot, which make up 37% of problematic attachments. The next highest is .exe at 19.5%.

10. 300 billion passwords will be used online by 2021.

By 2021, cyber crime facts show that the estimated number of passwords used by humans and machines worldwide will grow to a mind-blowing 300 billion. What’s more, that figure is set to continue rising, so hackers will have numerous targets.

Data Breach Statistics

Many companies experienced data breaches in 2019. From small businesses having data leaked and taken to large companies like Zynga which was hacked and had a breach of 218 million records, studies show that security breaches are on the rise.

Below we’ve collated some breach statistics gathered from cyber crime stats to give you an overview of the effects of these attacks.

11. Security breaches in 2019 were 11% higher than in 2018.

Cyber crime statistics by year reflect that the instances of security breaches have risen by 11% since 2018 and 69% since 2015. Additionally, cyber attacks statistics show that 43% of breach victims were small businesses. 

12. Every 32 seconds, a hacker attacks someone online.

Hackers attack people worldwide roughly every half a minute. This translates to a cybercrime being committed on an average of 2,244 times per day, according to internet security statistics. Smaller organizations (1–250 employees) have the highest targeted malicious email rate at 1 in 323.

13. Most breaches go unnoticed for over 200 days at most companies.

According to studies and cybercrime stats, the average time it took most companies to identify a breach in 2019 was a surprisingly slow 206 days. Which means a lot more has to be done to investigate and safeguard companies from hackers. This is of particular concern to the healthcare industry, as it’s the industry with the highest number of attacks as these ransomware statistics show. 

14. In the last 5 years, over 500 million online gamers have had their data comprised.

An incredible half a billion online gamers have had their data comprised over the last 5 years, and this staggering figure is just the tip of the iceberg. The current computer crime statistics only factor in the instances that were reported. However, hacking statistics and analysts estimate that reported instances only make up a quarter of the actual occurrences of data being comprised.

15. Approximately 67% of Americans have never checked to see if they were affected by a security breach.

Cyber crime rates show that about two-thirds of Americans have never actually checked to see if they have ever been affected by a data breach. With the current climate we live in, not performing such checks is negligent and ultimately irresponsible, something that could leave people open to cybercrime and add to cyber security spending trends.

16. Over half of Americans do not know what to do in the case of a security breach.

56% of Americans have no idea who to contact or what to do if they become the victim of a security breach, lending to cyber crime increase statistics.

17. Breaches can cost $3.92 million.

Statistics on cyber crime conducted in 2019 to analyze breaches and their impact show that an increasing number of breaches are costing companies figures in the millions of dollars ballpark. Financial and Manufacturing services have the highest percentage of exposed sensitive files at 21%. Financial services had 352,771 exposed sensitive files on average, while Healthcare, Pharma, and Biotech have 113,491 files on average — the highest among industries.

18. The biggest data breach of all-time compromised 3 billion accounts.

Yahoo was the victim of one of the largest breaches of all time. In 2016, cybercriminals were able to access over 3 billion accounts of Yahoo users, making the incident one of the largest in cyber crime statistics and trends.

19. A small percentage of companies have tried and failed to keep breaches quiet.

In the last decade, some larger companies have tried to keep breaches quiet, but have failed.

Of the 5% of companies that have tried to keep breaches quiet, Uber has featured as a prominent example of what not to do.

In 2016, Uber was attacked by cybercriminals, and over 57 million records of driver and riders were compromised.

But instead of raising their hands, admitting to their poor security protocols, and working on improving security, Uber decided to try to pay off the cybercriminals to delete the data they had stolen in order to keep the breach quiet.

This move backfired, as the whole issue came to light. In turn, this became a public relations nightmare for Uber, something that has cost millions of dollars to fix.

20. 2017 saw over 400 million user accounts stolen from a singular source, cyber crime statistics reveal.

In 2017 alone, millions of user accounts were stolen from Friendfinder’s sites. The issue amounted to 412 million accounts being breached in total.

21. Some breaches have been known to cost $4 billion dollars.

Equifax was affected by a breach in 2017. It resulted in 147 million consumer records being compromised, which forced the company to spend $4 billion dollars to fix the problem.

22. Under Armor was unable to protect 150 million of its users.

Cyber crime facts and statistics show that in 2018 Under Armor fell foul to cybercrime, as its “My Fitness Pal” product was targeted and successfully hacked by criminals. The breach saw 150 million user records being compromised.

23. 2019 saw a 9% rise in espionage against the US.

Espionage against the US is nothing new. However, 2019 saw a significant rise in cybercrime espionage, with 19 Russian individuals, 15 Chinese individuals, a group of 11 Iranians, and 1 North Korean all found guilty of alleged state-sponsored espionage against the United States.

Cyber Crime by Type

To understand cybercrime, we must first have a grasp of the general landscape of types of attacks that criminals use.

Some of the most common cybercrime attacks come from phishing malware, social engineering, and ransomware. But attacks are by no means limited to these and can come in many different shapes and forms.

24. Nearly 100% of all malware is delivered via email.

In 2019, 94% of all malware was delivered by email, making it the weapon of choice for most cybercriminals, according to cyber crime statistics by country.

25. 2018 saw a rare decline in phishing.

Phishing rates dropped from 1 in 2,995 emails in 2017 to 1 in 3,207 emails in 2018. However, this decline was temporary, as going into 2019, phishing levels rose by 5% in total.

26. 53% of businesses experienced denial-of-service attacks in 2019.

A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the internet. FBI cyber crime statistics show that an estimated 53% of businesses experienced this type of cybercrime in 2019.

27. Occurrences of malicious PowerShell scripts blocked in 2019 increased by 1000%.

PowerShell is a powerful scripting language that provides unprecedented access to a machine’s inner core, including unrestricted access to Windows APIs. It also offers the benefit of being an inherent part of Windows that’s completely trusted, so the commands it executes are usually ignored by security software.

In 2019, instances of these attacks, according to cyber fraud statistics, exceeded those of 2018 by 1000%, which shows that this type of attack is becoming increasingly popular.

28. In 2017, one specific virus cost over $4 billion to remedy.

2017 saw the advent of the Wannacry virus. The virus infected 400,000 machines and spread over 150 countries. Eventually, it resulted in an eye-watering $4 billion cost of cybercrime reparation.

29. IoT devices experience an average of 5,300 attacks monthly.

This may sound like a worryingly high figure, but experts say it is only going to go up. This is because these devices are being used more and more frequently, which means cybercriminals will be honing and fine-tuning their approaches to reflect this trend.

30. Cryptomining is the main target area for 90% of remote code execution attacks.

Remote code execution attacks have been very prevalent recently, especially with cryptomining becoming so popular. Remote code execution is a system by which an attacker exploits vulnerabilities in web applications, allowing them to run their own code on the applications and giving them control over the server and system that possesses the weakness.

Cyber crime victim statistics show that cybercriminals use this method within the sphere of cryptomining, as remote code execution attacks are the easiest to implement in this area.

31. The average cost of a ransomware attack on businesses is $133,000.

Ransomware is a particularly heinous type of malware that hijacks data and threatens its victims with publishing it unless a ransom is paid.

The cost to a business in 2019 from ransomware was estimated to be $133,000 on average.

32. 92% of malware is delivered by email.

Malware statistics indicate that most malware is primarily delivered via email. That’s why businesses and individuals alike need to check carefully before opening emails sent by unfamiliar and/or suspicious-looking addresses. 

33. Nearly 50% of malicious email attachments were MS Office files.

Global cyber crime statistics show that 48% of malicious email attachments in 2019 were MS Office files. Although Office is by far the most popular in the world, it clearly has flaws. Apple and its OS showed less than a quarter of malware incidents that MS Office users experienced.

34. 69% of organizations don’t believe the threats they’re seeing can be blocked by their anti-virus software.

Surprisingly, more than two-thirds of organizations were found to question the capabilities of their current antivirus software. This means that either these companies bought software with little or no research, or they simply are oblivious to the amount of money they can save by investing in good antivirus software.

35. 1 in 36 mobile devices had high-risk apps installed.

Since we all use our mobile devices for anything from making calls to playing games and browsing the Web, it would be logical to assume that we would safeguard the data that we have on them. However, US cyber crime statistics show that’s not the case across the board.

36. In 2019, nearly 11,000 malicious mobile apps were blocked per day.

To be precise, 10,878 malicious mobile apps were blocked per day in the US throughout 2019. What’s more, the number is set to increase by 3.9% per year.

37. 65% of criminal groups are reported to have used spear-phishing.

Spear-phishing is a fraudulent attempt is made to obtain sensitive information such as usernames, passwords, and credit card details by disguising oneself as a trustworthy entity in an electronic (mainly email, though sometimes Instant Message or SMS) communication.

In 2019, statistics of cyber crime in usa show that nearly two-thirds of hackers used spear-phishing techniques as part of their methodology.

38. 1 in 13 web requests leads to malware.

This may not seem like a lot, but the danger is very real. Especially since about 20% of malicious domains are very new and used around 1 week after they are registered.

39. Ransomware is saturated and 5x more likely to occur in countries with larger online populations.

Bearing that stat in mind, it should come as no surprise that the United States ranks highest with having 23.6% more ransomware attacks than any other country.

Cyber Crime: The Way Ahead

As you can see from the statistics, there is no question that the situation regarding cybercrime is dire. Luckily, by assessing your personal and business’s cybersecurity risk, making company-wide changes, and improving overall security behavior, it’s possible to protect your business from most data breaches.

Which effectively means that:

If you make sure that you’ve done everything you can do to avoid becoming a victim of an attack, you can safeguard yourself or your business from cybercrime.