Last Updated: June 21, 2021
Are you aware of the fact how easy it is to be hacked? All it takes for you to get hacked is just one wrong click; click on the link or open an email, and everything happens in the split of a second. Hacking groups have all prepared for us to fall into their trap. While getting hacked is easy, noticing that you are hacked takes much more time, 280 days, to be exact. Overwhelming, right?
If this got your attention, stick with us to learn more cybercrime statistics that will blow your mind and get you wondering if you protected all of your data, is your phone secure enough, and is your password easy to crack?
In the first half of 2020, almost 3,000 data breaches exposed over 36 billion records.
According to RiskBasedSecurity, at the same time in 2019, there were a little over 6,000 data breaches but considerably fewer data exposed – 8,354 million. 36,107 million records exposed in the first half of 2020 was double the number of exposed data in all of 2019. Cybercriminals are evolving alongside the technology needed to execute cybercrimes.
Cyber crime statistics reveal that the average cost of a data breach was nearly $4 million in 2020.
The global average cost of a data breach was $3.86 million. When it comes to the country with the highest average cost, numbers are significantly higher; the USA took first place with $8.64 million. The industry with the highest average cost of $7.13 million was healthcare. The average cost of a data breach in the financial services industry was also above the average, with $5.58 million.
In 2018, 70% of cyber fraud was executed through mobile devices.
From 2015 to 2018, there was a mind-blowing 680% upsurge in the number of fraud transactions coming out of mobile apps. The undeniable preference for mobile as a channel for cyber crime is also evidenced by RSA labelling an average of 82 rogue apps each day in 2018. Additionally, 1 out of 5 cyber attacks was ascribed to rogue mobile applications.
38% of malicious file extensions found in email attachments were Microsoft Office formats such as Excel, Word and PowerPoint.
Cisco’s Annual Cybersecurity Report for 2018 also detected that archive files such as .zip and .jar amounted to nearly 37% of all the malicious file extensions Cisco checked in their survey. Malicious PDF files accounted for 14% of all malicious file extensions checked.
Approximately two-thirds of financial services companies have over 1,000 sensitive files available for every employee.
Imagine the potential damage when every employee can view, copy, transfer, edit and eliminate sensitive employee and client data. In financial services organisations, an average of almost 11 million files is accessible to every employee, starting from the day they walk into the office. For companies with over 1,500 employees, the number is double, with 20 million files accessible to their employees. Many companies have entered our new working-from-home everyday life without proper cybersecurity preparation for this transition, and the already high risks of cyber attacks have increased significantly. Unquestionably cloud breaches will increase in 2021, with a remote workforce that uses unsecured networks, home computers and passwords that never expire.
59% of financial services corporations have over 500 passwords that never expire, and almost 40% have over 10,000 ghost users.
Ghost users– inactive but enabled user accounts, alongside passwords that never expire, are the easiest way for hackers to steal data or cause disturbance unnoticed, which is why these represent potential targets for hacker attacks. These probable cyber threats represent rarely prioritised vulnerabilities since their resolving needs to be done manually, and it requires a lot of time.
20% of organisations said they had a security breach caused by a remote worker.
2020 and compelled remote work had a significant impact on the organisation’s cybersecurity. Malwarebytes survey also revealed that 28% of surveyed employees use their own devices for work purposes more than they use their work-issued devices, creating more possibilities for cyber attacks.
In the third quarter of 2020, the average ransomware payment was $233,817, increasing by 31% from the second quarter of 2020.
This type of malware is showing a startling rise in ransom amounts. The average ransomware payment from the Q3 of 2020 increases immensely by 468% from Q3 of 2019. Over 70% of victims of a ransomware attack have less than 1,000 staff members. This cyber threat represents a significant problem for small businesses; they have slimmer chances to recover financially from a ransomware attack.
NHS (National Health Service) has declared that the WannaCry ransomware attack cost them over $100 million.
In 2017, WannaCry attacked thousands of companies via phishing emails in more than 150 countries, requiring a ransom of approximately $300 per attack. If the ransom stays unpaid, after some time, WannaCry deletes the decryption algorithm, and the victim’s data is lost for good.
In 2019, over 50% of the ProofPoint survey participants said their organisations were victims of, at the minimum, one spear-phishing attack.
55% is the global average of spear-phishing attacks that are targeting individuals. 65% of the USA organisations’ experienced successful spear-phishing attack. Japanese organisations had the lowest average of successful spear phishing attacks, standing at 42%.
Gmail blocked 18 million malware and phishing emails daily associated with COVID-19 in April 2020.
Alongside these, Google blocked more than 240 million daily spam messages associated with COVID-19. Google filters online threats and blocks more than 99.9% of them from reaching their users. These phishing attacks use fear and financial motivations to urge users to respond.
In 2020, personal data was embroiled in 58% of breaches.
This includes names, phone numbers, passwords, payment details, email addresses and physical addresses and any kind of data found in one’s email or saved in a misconfigured database. Have you ever wondered how much is your personal data worth to you? Because in 2018, it could have been sold for as little as $0.20, up to $15.
Coincheck lost $530 million due to hacking.
The biggest cryptocurrency heist to date took place in January 2018. Coincheck deals with a few cryptocurrencies, but the compromised one was NEM, and they fully refunded affected users from their own assets. In April 2018, Coincheck was acquired by the Monex Group, and in November 2018, they began exchanging again after complaining with Japanese cryptocurrency regulators.
9.9 billion malware attacks were executed in 2019.
This is a decrease from 10.5 billion attacks carried out in 2018, in which the USA was the most commonly targeted country. The United States, with over 5 billion attacks, accounted for almost half of the global total malware attacks that year.
The average time to detect and contain a data breach is 280 days.
Imagine the amount of data that cyber criminals can gather in over nine months, the damage they can do to a company. Certain industries, understandably, are more vulnerable to the attacks due to the importance of the data they hold. The average time for financial services to identify and contain a breach is 233 days.
In mid-2020, 130 Twitter accounts of some of the most high-profile and influential people, like Barack Obama, Joe Biden, Elon Musk, were compromised in a bitcoin scam.
Compromised Twitter accounts posted tweets inviting their followers to send bitcoin to a particular unknown address. Bad actors received a value of $121,000 in Bitcoin through more than 400 payments. Even the most famous and powerful people in the world can be hacked, so don’t go thinking that it can’t happen to you.
In the world of cyber crime, everyone is eligible to be the victim, which is the one thing that we must not forget. No one is untouchable, and everyone is fair game. As seen in our cyber crime statistics, even presidents and high-profile people can be victims of a hacker attack.
Cybercriminals are evolving, so we have to keep up and protect our data and devices, making sure to do everything at our disposal to improve our cybersecurity: use a strong password, change it from time to time, don’t use the same password for every account, use a VPN, make sure to update your devices regularly, etc.
We hope we helped spread awareness of cyber crime trends and made you a bit more wary and resistant to internet crimes. If we did, we did our job right; now, all you have to do is stay safe and sound.