How Often Does Cybercrime Happen in 2024?

How Often Does Cybercrime Happen in 2024? A Lot More Than You Think.

If you‘re like most people, you may not fully grasp the sheer scale and frequency of cybercrime today. The fact is, cyber attacks are occurring every 39 seconds on average – a number that‘s rising rapidly as more aspects of life move online. This guide pulls together the latest data to provide much-needed context on just how often cybercrime happens globally, regionally and to businesses like yours in 2024.

On an average day in 2024, the following cybercrimes will take place worldwide:

• 2,244 successful cyber attacks will occur each hour of the day. That‘s one cybercrime every 2 seconds.

• 5 billion records will be stolen through data breaches, account takeovers and theft.

• 4,000 ransomware attacks will be launched to extort money from victims.

• 70% of all malware attacks will target small and mid-sized businesses specifically.

• 90% of cyberattacks will involve phishing attempts through email, texts or fraudulent sites.

• $50 million will be paid out in ransomware payments, with the average payment around $540,000.

• 63 million online users in India will fall victim to things like identity theft and hacking.

As you can see, cybercrime is rampant across the globe. And these figures highlight only the attacks that are identified – countless others go undetected daily. But just how rapidly has the online threat landscape escalated?

The Rising Costs of Cybercrime

Five years ago, the estimated global cost of cybercrime was "just" $445 billion annually. Flash forward to 2022, and the cost has climbed to a staggering $8 trillion as attacks proliferate. That represents a nearly 18X increase in just half a decade.

Several key factors account for this exponential rise:

• Ransomware attacks have become much more common, with the average payment increasing by 171% last year alone. Crippling critical infrastructure like hospitals and schools, these attackers are ruthless.

• Cryptocurrencies now allow cybercriminals to more easily conceal payments and launder money across borders.

• Data itself has become tremendously valuable on the black market, leading to escalating leaks and privacy violations. Our personal details can destroy lives.

• Cybercrime-as-a-service has blossomed into a $1.6 billion industry, allowing novice hackers to buy turnkey tools like DDoS services.

• The shift to remote work during COVID created a feast of security gaps for cyber thieves to exploit. Unsecured home networks and devices became a goldmine of vulnerabilities.

According to Cybersecurity Ventures, global cybercrime costs will grow by 15% annually over the next 5 years, reaching a staggering $10.5 trillion USD annually by 2025. That‘s more than the GDPs of most countries on earth. And it doesn‘t factor in unquantifiable damages like reduced trust and lost opportunity costs.

Most Affected Regions and Industries

Cybercrime may be borderless, but some countries face disproportionately more attacks based on factors like digitalization, security awareness and wealth.

India sees the highest overall cybercrime frequency, with 63 million consumers victimized in 2021 – from online scams to identity theft and more. The U.S. came second with 37 million cybercrime victims last year as an attractive target given high rewards. Japan and Brazil rounded out the top geographies.

However, the most sophisticated attacks still target richer nations. For instance, the average U.S. data breach in 2021 involved 36,500 records, while India‘s involved just 6,700. Hackers covet the troves of consumer and business data concentrated in advanced economies.

In terms of industries, mid-size businesses saw the highest cybercrime rates in 2021, with 43% of all attacks targeting SMBs specifically. Their security is often lax compared to large enterprises. Finance, healthcare, tech, education and government frequently attract targeted hacking campaigns too. Basically, any organization with valuable data and infrastructure faces elevated risk.

Top Threat Vectors to Safeguard Against

Not all cybercrimes are equally likely. Here are 5 of the most common attack types representing over 90% of threats that your organization should urgently safeguard against:

Phishing – Deceptive emails, texts and sites designed to trick users into handing over credentials. Verizon‘s research shows 36% of breaches involve phishing, making it the #1 threat vector. Ongoing employee education is key.

Ransomware – Malware that locks systems until a ransom is paid, now hitting thousands of organizations weekly. Having recent backups offline can limit damage.

DNS Hijacking – Cyber thieves compromise domain name systems to divert traffic and steal data. Strong DNS passwords and multi-factor authentication adds protection.

DDoS Attacks – Bombarded with junk traffic, DDoS attacks overload servers and websites. Cloud filtering services can block these attacks.

IoT Hacking – From smart TVs to WiFi cameras, insecure IoT devices are gateways for network intrusion. Isolate and update all IoT gadgets.

While the list of potential attack vectors expands yearly, tried-and-true security measures like access controls, vulnerability management and employee training remain indispensable. Integrating emerging safeguards like deception technology further advances prevention.

Just a Small Sampling of Recent Cyber Attacks

To drive home the real-world impacts of rampant cybercrime, here is just a small sampling of notable security incidents from 2022:

• JBS Foods shut down plants impacting 20% of US beef processing after a ransomware attack. $11M in ransom was paid.

• Uber reported that a teenage hacker breached its network and accessed sensitive technical data.

• Over 37 million customer records were stolen from the popular Shopify ecommerce platform.

• Costa Rica declared a state of emergency after Conti ransomware took down government systems nationwide.

• Candy giant Mars was forced to temporarily halt production at factories in multiple countries following a cyberattack.

• Over half a billion Facebook user records were sold on a hacker forum after being stolen via web scraping.

The takeaway is that organizations of every size and sector are in the crosshairs. Proactive measures to boost cyber resilience have become an imperative.

What Can Businesses Do?

Given the extreme costs of data breaches, ransom payments and infrastructure attacks today, cybersecurity can no longer be an afterthought for leaders. Every 39 seconds, a business somewhere is falling victim. Here are 5 best practices to reduce your risk substantially:

1. Train employees relentlessly on threat awareness – things like identifying phishing and using strong passwords. Ongoing education is invaluable.

2. Maintain patched systems and software with the latest security updates across the board. Unpatched flaws invite trouble.

3. Install layered defenses combining firewalls, endpoint detection, access controls and other safeguards. Defense-in-depth works.

4. Have an incident response plan ready because many attacks will sidestep prevention. Minimizing damage is key.

5. Back up your critical data regularly and keep it offline. Backups limit the impact of malware and ransomware.

While threats continue evolving, the fundamentals above enable organizations to shrink the target on their backs substantially. Coupling skilled staff with advanced security tools and services increases resilience in the face of cyberattacks happening every 39 seconds. The risks will only grow, but preparation can make organizations an unlikely prospect for cybercriminals eyeing weaker prey.

The Bottom Line

Given the tens of billions lost to cybercrime annually, awareness of the sheer frequency of threats today remains low. Businesses cannot operate with blinders on any longer. The reality is that a cyber attack occurs every one to two seconds globally, inflicting damage that is only multiplying.

Proactivity and vigilance have become mandatory to avoid joining the ranks of the millions hit by things like ransomware and data theft daily. With the right layered defenses and response capabilities in place before disaster strikes, organizations can dramatically turn the odds in their favor. By implementing the fundamentals covered here, you can avoid learning this cybercrime frequency lesson the hard way.

Sources:

RiskBased Security: https://www.riskbasedsecurity.com/2021/01/07/a-breakdown-and-2020-forecast-of-hack-stats-by-the-numbers/

IBM: https://www.ibm.com/security/data-breach

PurpleSec: https://purplesec.us/resources/cyber-security-statistics/#How_often_do_cyber_attacks_occur

Tessian: https://www.tessian.com/research/annual-cybersecurity-statistics-2022/

Cybint: https://www.cybintsolutions.com/cyber-security-facts-stats/

Cybersecurity Ventures: https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/

Verizon: https://www.verizon.com/business/resources/reports/2022/2022-data-breach-investigations-report.pdf

Norton Cyber Safety Insights: https://us.norton.com/cyber-safety-insights-report

Fortinet: https://www.fortinet.com/blog/industry-trends/top-cyber-security-companies-and-startups-to-watch-in-2021#:~:text=Based%20on%20revenue%2C%20the%20top,billion%2C%20respectively%2C%20in%202020.

Related:

• How Ransomware Became a Billion Dollar Nightmare
• Securing Your Small Business from Cyber Attacks
• Phishing Attack Examples and How to Spot Them
• 10 Must-Have Cyber Security Protections
• Could Your Organization Afford a Major Cyber Attack?