Cybercrime continues to evolve and increase each year, impacting individuals, businesses, and governments around the world. With more daily activities moving online and increased digital connectivity, opportunities for cybercriminals also grow. Recent statistics help highlight the scope, scale, and impact of cybercrimes globally.
According to experts, cybercrime damages are expected to reach $10.5 trillion annually by 2025, up from $3 trillion in 2015. This dramatic rise demonstrates the increasing frequency and severity of attacks. Cybersecurity Ventures predicts that a business will fall victim to a ransomware attack every 11 seconds in 2024, up from every 14 seconds in 2021.
Cyberattacks are also becoming more sophisticated, making them harder to detect and stop. Attackers are leveraging emerging technologies like artificial intelligence to create more advanced malware and evasion techniques. Businesses and individuals must remain vigilant and keep pace with the latest cybersecurity best practices.
This article provides an overview of key cybercrime statistics and trends in 2024, broken down into worldwide and U.S. data. Keep reading for a comprehensive look at the current cyberthreat landscape.
Contents
Global Cybercrime Statistics
Cybercrime impacts organizations around the world. According to Accenture, the global average cost of cybercrime has increased by 15% since 2018 to $4.35 million per company in 2021. Here are some other notable worldwide cybercrime statistics:
-
The global cybersecurity market is expected to grow by 10-15% annually, reaching over $400 billion by 2027 (Fortune Business Insights).
-
Cybercrime damages are predicted to hit $10.5 trillion annually by 2025, up from $3 trillion in 2015 (Cybersecurity Ventures).
-
91% of cyberattacks start with a phishing email (PurpleSEC).
-
70% of businesses say cyberattacks have become more sophisticated (Accenture).
-
There was a 12% increase in data breach volumes globally in the first half of 2022 compared to the same period last year (IdentifyForce).
-
Over 80% of all data breaches are motivated by financial gain, not espionage (Verizon 2022 Data Breach Investigations Report).
-
Insider threats accounted for 15% of breaches in 2022, highlighting the need for internal security controls (IBM).
-
The average cost of a ransomware attack is estimated at $133,000 (Cybersecurity Ventures).
These statistics indicate that cybercriminals remain very active worldwide and the threat to businesses continues to grow. Companies must take cybersecurity seriously and implement defenses across their IT infrastructure and staff training programs.
Cybercrime Statistics for the United States
The United States experiences significant losses from cybercrime each year. According to the FBI, total losses from cybercrime exceeded $56 billion in 2021. Here are some other notable U.S. cybercrime statistics:
-
Around 1,300 publicly-disclosed breaches exposed over 164 million U.S. records in the first half of 2022 (IdentifyForce).
-
There was a 300% increase in cybercrime reports to the FBI from pre-pandemic levels (FBI 2021 Internet Crime Report).
-
Phishing attacks targeted 52% of U.S. organizations in 2021 (Proofpoint).
-
The average U.S. company takes 287 days to identify and contain a data breach (IBM Cost of a Data Breach Report 2022).
-
Insider threats were responsible for 21% of breaches at U.S. organizations, highlighting the need for internal access controls (IBM).
-
Human error accounted for 17% of U.S. breaches, while compromised credentials were behind 20% of incidents (IBM).
-
The top two causes of data breaches reported by U.S. companies were phishing (36%) and improper data handling (35%) (Varonis).
-
93% of breaches within U.S. companies could have been prevented with appropriate cybersecurity measures (Varonis).
Cybercriminals pose a significant threat within the U.S., as evidenced by rising cybercrime losses each year. Organizations must educate employees and implement cybersecurity controls like zero-trust access and multifactor authentication. Proactive monitoring to identify threats early is also essential.
Costs and Impacts of Cybercrime
Cyberattacks inflict heavy costs on targeted organizations. Between business disruption, information loss, recovery efforts, and reputation damage, cybercrime can seriously impact a company‘s bottom line.
According to IBM, the average total cost of a data breach in the U.S. reached $4.35 million in 2022, up 12% from 2021. Their global data breach study also found:
-
The average cost per lost or stolen record was $170 in 2022 globally.
-
Breaches cost $4.82 million on average for U.S. companies, compared to $4.21 million globally.
-
U.S. healthcare organizations face the highest breach costs at $10.1 million on average.
Cyberattacks inflict damage beyond just direct financial costs too. A Verizon study found that around 40% of breached organizations lost business after cyber incidents. Additionally, 29% of victims said their reputation was damaged. Losing customer trust and future revenue opportunities greatly expands the true impact of cybercrime.
Types of Cybercrime
Cybercriminals utilize many different techniques and attack vectors to target networks and data. Here are statistics on some of the most prevalent cybercrimes today:
Ransomware
-
Ransomware accounts for over 40% of all cyber insurance claims, with average payouts of around $226,000 (Coalition Cyber Insurance Claims Report 2022).
-
The total amount paid by ransomware victims increased by 79% year over year to over $602 million (Unit 42 Ransomware Threat Report).
-
The number of global ransomware attacks grew by 105% in 2021 compared to 2020 (SonicWall).
-
99% of ransomware enters through email – 60% from spam and 39% from targeted phishing attacks (Verizon).
Cryptojacking
-
Cryptomining malware detections increased by 29% in 2021 (Microsoft Security Signals Report).
-
55% of businesses surveyed reported at least one cryptomining attack in 2021 (ThreatLocker).
-
Cryptomining malware targeted over 2 million users per month and generated $1.9 billion for hackers in 2021 (Atlas VPN).
Distributed Denial of Service (DDoS)
-
DDoS attacks increased by 151% year over year in 2021 (NETSCOUT Threat Intelligence Report).
-
The total number of DDoS attacks exceeded 15 million globally in 2021 (Kaspersky DDoS Threat Report).
-
Extortion attempts involving DDoS increased by 282% in 2022 (Neustar International Security Council).
-
58% of businesses experienced a DDoS attack in 2021 (NETSCOUT).
Malware
-
New malware samples increased to over 688 million in 2021, representing a 42% increase over 2020 (AV-TEST).
-
Malware was detected on 28% of all Mac computers worldwide in 2021 (Malwarebytes State of Malware Report).
-
Mobile banking malware attacks grew by 1,318% in 2021 compared to 2020 (Zimperium zLabs).
These statistics demonstrate the variance in cybercrime techniques and surge in threats like ransomware and DDoS attacks. Companies must implement layered defenses capable of blocking multiple attack vectors.
Most Targeted Industries
Some industries face greater cybersecurity challenges and risks than others. Based on recent breach statistics, the most targeted sectors include:
Healthcare
-
Healthcare has the highest average breach costs at $10.1 million per incident (IBM).
-
90% of healthcare organizations have experienced data breaches (Innovaccer).
-
45% of healthcare providers have been impacted by ransomware attacks (CyberMDX Hospital Ransomware Study 2021).
Finance
-
The financial sector continues to be the most targeted industry, with over 1,100 publicly reported breaches in 2021 (IBM).
-
Phishing attacks against financial firms increased by 156% in 2022 compared to 2021 (Tessian Phishing Report 2022).
-
Financial services firms spend over 10% of their IT budgets on cybersecurity, the most of any sector (Gartner).
Retail
-
The retail sector suffered 155 publicly disclosed breaches resulting in 282 million stolen records in 2021 (Identity Theft Resource Center).
-
Cybercriminals target point-of-sale systems, loyalty programs and supply chain networks within retail companies.
-
Nearly 80% of retail businesses lack key security tools like encryption (Thales Data Threat Report – Retail Edition).
Technology
-
Information services and data processing organizations recorded 169 breaches exposing 35 million records in 2021 (Identity Theft Resource Center).
-
Tech sector breaches cost an average of $5.4 million per incident, 36% above the cross-industry average (IBM).
-
Insider threats accounted for 25% of breaches within tech companies, one of the highest of any sector (IBM).
Understanding which industries face the greatest risks allows security professionals to focus limited resources on protecting their most important assets and vulnerable access points.
Conclusion
Cybercrime statistics in 2024 highlight the growing threats to businesses and individuals worldwide. Damages continue to rise dramatically each year as attackers become more sophisticated and access to hacking tools spreads online. Phishing, ransomware and DDoS attacks are particularly on the rise.
Certain industries like healthcare and finance face elevated risks. However, companies in every sector must take cybersecurity seriously and implement layered defenses. Measures like zero-trust access, malware scanning, security awareness training, encryption and network monitoring all help reduce an organization‘s attack surface and minimize potential impacts if breached.
With cyberattacks gaining in frequency, severity and costs, proactive vigilance and adapting cybersecurity strategies to address emerging threats remains critical. Understanding the current threat landscape through cybercrime statistics and trends allows security teams to develop informed defenses to protect their organizations.
