Courses
Cloudwards Video Courses New

Cloudwards.net may earn a small commission from some purchases made through our site. However, any earnings do not affect how we review services. Learn more about our editorial integrity and research process.

67 Cyber Security Statistics, Facts & Trends: Data on Attacks, Breaches & Threats for 2024

Globally, over 4.7 million cyber security professionals were working in the field by the end of 2022. Even though digitizing industries like gambling, retail and education came with many benefits, it also opened up new exploit routes for cybercriminals. Read on to understand the major cyber security statistics and the threat landscape that you should note.

Titus KamunyaAleksander HougenIgor Kurtz

Written by Titus Kamunya (Writer)

Reviewed by Aleksander Hougen (Co-Chief Editor)

Facts checked by Igor Kurtz (Fact-checking editor)

Last Updated: 2024-07-05T16:34:41+00:00

All our content is written fully by humans; we do not publish AI writing. Learn more here.

Key Takeaways: Top 10 Cyber Security Statistics
  1. The average global data breach cost $4.45 million in 2023.19
  2. Finance is one of the industries that cybercriminals target most, with 95.7% of financial institutions being hit by at least one successful attack in 2023.2
  3. Cryptojacking jumped by 659% in 2023.1
  4. The number of cyber security intrusions has risen 613% from 2013 to 2023.1
  5. Researchers from SonicWall Capture Labs recorded 6.06 billion malware attacks and 317.6 million ransomware attacks in 2023.1
  6. There were 7.6 trillion intrusion attempts in 2023.1
  7. There were 15.7 million encrypted attacks in 2023. Such attackers use encryption to go undetected. They can use different approaches like malware, ransomware and spear phishing.1
  8. There is a global shortage of about 3.4 million professionals in the cyber security industry.4
  9. A malicious actor deployed on average 11.5 attacks per minute, and 1.7 of them were novel malware samples, from March to May 2023.5
  10. Americans lost $40 billion in phone phishing scams in 2022.11

Trends & Key Analysis on Cyber Security: 

  • Ransomware is a growing threat: Even though there are over 10 types of cyberattacks, one-third of cyber security attacks are ransomware. In fact, there are almost 20 ransomware attempts every second.7
  • There is a skill gap in cyber security: Cyber security is a very diverse field that employs millions of professionals. However, there is a shortage of about 3.4 million professionals in the cyber security industry.4
  • AI usage in cyber security is on the rise: Both cyber security experts and attackers have been using artificial intelligence to their benefit. Attackers use AI to detect vulnerabilities and automate attacks. On the other hand, defenders are using AI to detect and respond to cyber security threats effectively.

Online data security is a serious concern — there were 7.6 trillion intrusion attempts in 2023, a 20% increase from 2022.1 This cyber security statistics roundup shares some cyber security figures that can help you better understand the cyber security threats, and how industries are grappling with security breaches and the increasing risk of outside actors gaining access to sensitive information.

by the numbers cybersecurity
Cybersecurity: By the Numbers
  • 03/22/2024

    We updated this statistics article to include an expert opinion on cyber attacks and the best way to protect yourself from them.

  • 07/04/2024

    We rewrote this article with recent statistics and a new structure.

Cyber Security Statistics: General  

First, let’s take a look at some general trends within the cyber security industry.

  • From March 2023 to May 2023, threat actors deployed 11.5 successful attacks per minute,5 and one-third of them were ransomware.13
  • State-sponsored entities like Russian APT28 and the North Korean Lazarus Group were particularly active in 2023.5
  • The number of hacking intrusions has risen 613% from 2013 to 2023.1

Hacking Statistics

Hacking, or intrusion, is the unauthorized access or exploitation of networks or computer systems. Hackers have different motives and can disrupt operations, steal confidential data or manipulate systems. Today, hacking is among the major cyber security concerns, with cyber criminals mostly exploiting vulnerabilities in a system or codebase.

  • There were 7.6 trillion hacking intrusion attempts in 2023, a 20% increase from 2022.1
  • There were 11.3 billion successful malicious intrusions in 2023.1
  • The prime target of hackers in 2023 was the finance industry, and there was a 47% increase in intrusions in 2023.1

Statistics About Malware Attacks

Malware is malicious software designed to damage or gain unauthorized access to a network or computer system. Malware can take the form of adware, viruses, trojans and so much more. Attackers can send malware through email attachments, exploit software vulnerabilities or post malicious ads.

Achieve Online Privacy and Security Even as a VPN Novice

  • Comprehend the essential role a VPN plays in safeguarding your digital life
  • Gain a deep understanding of how VPNs function under the hood
  • Develop the ability to distinguish fact from fiction in VPN promotions
Please enable JavaScript in your browser to complete this form.

Malware is malicious software designed to damage or gain unauthorized access to a network or computer system. Malware can take the form of adware, viruses, trojans and so much more. Attackers can send malware through email attachments, exploit software vulnerabilities or post malicious ads.

  • 71% of malware attackers have specific targets.6
  • 17% of malware attacks target individuals.13
  • There were 5.4 billion malware hits globally in 20217; in 2023, there were 6.06 billion malware attacks recorded — the highest global attack volume since 2019.1
  • North America recorded the largest numbers of malware attacks in 2023, with over 3.17 billion attacks, followed by Europe, with over 1.4 billion malware attacks.1

Global Malware by Region, in Millions

Phishing Attacks Statistics 

A phishing attack is a cyberattack where hackers deceive users into providing sensitive data such as usernames, passwords and bank details. Hackers may execute phishing attempts using copycat websites, emails and social media platforms. Users are led to believe they are browsing legitimate websites or receiving official emails, and they end up giving data to malicious individuals.

  • More than half of phishing attacks in 2021 were executed for identity theft.9
  • Americans lost $40 billion in phone phishing scams in 2022.11
  • Hackers execute 85% of mobile phishing attacks through games, social messaging platforms or social networks.10

Phishing Attach Methods

Statistics on Ransomware Attacks

Ransomware is a type of malware attack that encrypts files and systems. The hackers usually ask for a ransom in the form of payment to decrypt such files. Hackers execute ransomware attacks using approaches like social media platforms, fake promotions and false job adverts, but there are even Ransomware as a Service options on the dark web. 

  • Ransomware is the top action type for breaches. This means that most attackers mainly use ransomware to achieve their goals.8
  • In a SonicWall survey, two-thirds of respondents indicated that business email compromise (BEC) attacks are an area of concern.7
  • BEC attacks led to $1.8 billion in losses in 2020.12
  • There are almost 20 ransomware attempts every second.7
  • Global ransomware attacks peaked in 2021, with over 623 million ransomware attacks. In 2023, there were over 317 million ransomware attacks.1
  • Of the organizations that had their data encrypted by ransomware attackers in 2021, 46% of them paid the ransom.14 

Percentage of Organizations That Paid Ransoms.

If you want to learn more ransomware stats, check out our full ransomware statistics article.

DDoS Attacks Statistics

Distributed denial of service (DDoS) attacks involve malicious individuals sending lots of traffic to a target system or website. The attack is meant to overuse the available resources and make the site unavailable to legitimate users. DDoS attacks can slow down a system, shut it down or cause downtime.

  • Microsoft intercepted 1,955 DDoS attacks per day between mid-2021 and mid-2022.15
  • Malware-based DDoS attacks are the most common threat to Linux-based systems.5
  • The U.S. and China accounted for over a quarter of all the DDoS attack traffic globally in 2023.16
  • There was a 117% year-over-year increase in DDoS attacks in Q4 2023.16
  • There was a 61,839% surge in DDoS attack traffic directed to environmental services websites in Q4 of 2023, coinciding with COP 28, the UN Climate Change Conference.16 

Largest HTTP DDoS Attacks per Second by Cloudflare, in Millions

Statistics on Personal Data Breaches

A personal data breach is the unauthorized access or disclosure of personal data. Such breaches can lead to the alteration, destruction or loss of personal data. Cybercriminals seek confidential data like their victims’ bank account information, social security numbers and health records. You can read more data in our data privacy statistics article.

  • Data breaches in the U.S. increased by 20% from 2022 to 2023.17 
  • Increased exploitation of vendor systems, cloud misconfiguration and new types of ransomware attacks are the major causes of the increase in personal data theft cases.17 
  • Over 1.5 billion records were breached in 2022.17 
  • Over 360 million people experienced institutional and corporate data breaches in the first eight months of 2023.17
  • Globally, over 80% of data breaches involve data stored in the cloud.17

Attacks on Government Agencies

Cybercrimes targeting government agencies are common, especially on bodies governing elections, healthcare and international trade. The motives behind such attacks vary, ranging from differences in personal ideologies and money demands to getting government secrets.

  • About 4.5% of ransomware attacks target government agencies.18
  • In May 2022, a ransomware attack forced the Costa Rican government into an emergency after it crippled various government operations and caused about $200 million in losses.15

Cyber Security Statistics by Industry

Hackers target different industries aiming to harvest different forms of valuable data or manipulate systems. Certain sectors, such as government agencies, finance, banking and healthcare institutions, are the biggest targets of cyberattacks. Let’s check the stats and trends for various industries.

Cybersecurity Victim Attack Categories

1. Healthcare Industry 

Healthcare is one of the most important industries in an economy — and it’s also one of the most targeted. Attackers understand that the simple manipulation of healthcare systems can lead to loss of life. Thus, hospitals and those in the medical field will likely pay ransoms when such attacks occur.

  • The U.S. healthcare industry had the highest cyber security breach costs at $10.93 million in 2023.19
  • Data breach costs in healthcare increased by 53.3% from 2020 to 2023.19
  • Hacking contributed to over 75% of the healthcare industry’s data breaches in 2023.21
  • 62% of data breaches in the healthcare industry target healthcare providers.21
  • 25% of the breaches target business associates in the healthcare industry, while 13% target business associates.21

2. Education

Cyberattacks in the education industry have become common recently due to an increase in online education programs. Ransomware is one of the most common attacks, where attackers ask for ransoms and threaten to delete databases. Educational platforms also carry lots of data that hackers can use for identity theft and other malicious activities.

  • Cyberattacks targeting U.S. schools lead to learning losses lasting from three days to three weeks. It also takes two to nine months to recover from such attacks.22
  • About 647,000 students in U.S. K-12 schools and school districts were reportedly affected by ransomware attacks in 2021.22
  • Almost half of the higher education schools in the U.K. experience an attack or breach at least weekly.23
  • After a cyber security incident, 61% of higher education centers experience negative outcomes, such as data or money losses.23
  • Social engineering attacks accounts for 69% of the attacks that target educational institutions in the U.K.24 
  • In a study by the London Grid for Learning (LGfL) and the National Cyber Security Centre (NCSC), 83% of the schools they interviewed had experienced at least one cyber security incident.24

3. Financial Sector

Most cybercriminals are after money, which explains why the financial sector is their best target. Banks and financial institutions store a lot of personal data that hackers can use to commit fraud. Users also hold deposits in some institutions, and hackers will target such funds.

  • Data breaches cost the financial sector $5.90 million in the U.S. in 2023.19
  • Data breaches in the financial sector are among the most expensive to fix.19
  • In the first quarter of 2022, 23.6% of all phishing attacks targeted financial institutions.18
  • Blackberry Cybersecurity Solutions stopped 17,000 attacks targeting financial institutions from March 2023 to May 2023.5

4. Retail Industry 

Countless transactions are happening in the retail industry. This industry processes a lot of data when customers register, order, pay and add their shipping details. Cyberattackers can target customer data, disrupt business operations and demand ransoms. 

  • 52% of retail businesses worldwide have a cyber strategy in place.29
  • Malware is the leading cyber security threat in retail.30
  • Ransomware is the second leading cyberattack in retail.30
  • A data breach in the retail sector costs $2.9 million on average.28
  • The online retail market was worth over $1.09 trillion in 2022.28

5. Banking

Banks process a large amount of data as they enable deposits and let customers transact on their platforms. Cyberattackers can target customer deposits or personal details to perform financial fraud. Banks are also legally obligated to ensure their users don’t engage in money laundering schemes.

  • The global cyber security market size in banking was $74.3 billion in 2022 and is expected to reach $282 billion by 2032.33
  • An employee of a financial institution has access to 13% of the company’s files.25
  • A typical employee of a large financial services organization can access over 20 million files.25

6. Small Businesses

Small businesses store and process lots of data that cybercriminals can use to their benefit. Unfortunately, most small businesses don’t invest in the best cyber security, making them an easy target for criminals. Social engineering, phishing, insider threats and ransomware are some of the cyberattacks that cybercriminals use to target small businesses.

  • 43% percent of all cyberattacks target small businesses.32

Cyber Security Statistics by Country

Cyberattackers target different countries based on the resources that they own. 

  • The following are the countries and regions that had the highest average data breach costs in 2023.19
    • 🇺🇸 The United States at $9.48 million 
    • 🇦🇪 The Middle East at $8.07 million
    • 🇨🇦 Canada at $5.13 million
    • 🇩🇪 Germany at $4.67 million
    • 🇯🇵 Japan at $4.52 million
  • The U.S. has incurred the most costs related to containing data breaches for 13 years in a row.19
  • The U.K. saw a drop of 16.6% in its average data security breach costs in 2023, taking it out of the top five.19 
  • Japan also saw a decrease in the average data breach costs, but it wasn’t as drastic, leading it to take the U.K.’s spot in the top five.19

Cyber Security Job Statistics 

Cyber security has become one of the most sought-after professions in the 21st century. Small and large businesses seek professionals to protect their business and customer data. Individuals are also being educated on how to keep their data safe by enabling two-factor authentication (2FA) or multi-factor authentication, creating strong passwords and browsing safe websites.

  • According to the National Institute of Standards and Technology (NIST), there were 663,434 cyber security job openings in the U.S. by June 2023.4
  • By June 2023, about 1,129,659 people in the U.S. were employed in the cyber security space.4
  • There is a shortage of about 3.4 million professionals in the cyber security industry globally.4
  • Information security analysts in the U.S. were earning a median annual wage of $120,360 in 2023.31

Human Error Statistics

Some human error incidents can enable hacking. For instance, using a combination of your names as a password makes it easy for hackers to access your accounts.

  • 88% of data breaches are caused by human error.27
  • 45% of phishing scam victims cite distraction as the top reason for such attacks.27

Top Reasons for Clicking Phishing Emails

How Much Does Cybercrime Cost Victims?

A cybercrime attack can cost individuals and organizations in two ways: the cost of countering the attack and the loss of revenue during the attack. Businesses hire security experts to deal with attacks and inform users of their effects. The time it takes to contain a cyberattack depends on the severity of the breach and the expertise of the professionals you contract.

  • The average cost of a data breach was $4.45 million in 2023.19
  • For organizations that have suffered more than one data breach, 57% will likely pass the incident costs to consumers.26

Final Thoughts 

Cyber threats can target individuals or organizations. Cyberattacks come in different forms, like phishing, malware, ransomware and DDoS. How individuals and organizations react will depend on the type of breach and the systems in place. Invest in cyber security if you want to stay safe online. You can also familiarize yourself with cyber insurance and take the proper precautions.

Are there some cyber security statistics or trends we may have missed? Which stats did you find compelling? What should internet users do to remain vigilant against cyber threats? Share your views in the comments sections. Thanks for reading.

FAQ: Cybercrime Statistics

  • Statista estimates that the global cost of cybercrime will hit $13.82 trillion by 2028.

  • Malware is the biggest cyber security threat today. Malware can come in different forms, such as spyware, ransomware, trojans, worms, keyloggers and more.

  • Data from memoori.com indicates that only 15% of all cybercrimes are reported. Most companies fail to report as they fear damaging their reputation, while others don’t know the exact steps to follow in such cybersecurity incidents.

  • It is estimated that there are 2,200 cyber attacks per day.

Sources:

  1. SonicWall — 2024 Cyber Threat Report
  2. Cyber Edge — Report Defense Cyberthreat 
  3. Verizon — 2023 Data Breach Investigations Report
  4. NIST — Cybersecurity Workforce Demand
  5. BlackBerry — Quarterly Global Threat Report — August
  6. Positive Technologies — Cybersecurity threatscape: Q2 2022 / Sophos — AI Cybersecurity
  7. SonicWall — 2022 Cyber Threat Report
  8. Verizon — 2023 Data Breach Investigations Report (DBIR)
  9. APWG — Phishing Activity Trends Report 4th Quarter 2021
  10. CyberNews — Mobile phishing attacks are scary and on the rise
  11. Truecaller Insights — 2022 U.S. Spam & Scam Report
  12. FBI — IC3 Internet Crime Report 2020 
  13. Positive Technologies — Cybersecurity threatscape: Q2 2022
  14. Sophos — Ransomware Hit 66% of Organizations Surveyed
  15. Microsoft — Digital Defense Report 2022
  16. Cloudflare Blog — DDoS threat report for 2023 Q4
  17. Apple — The Continued Threat to Personal Data: Key Factors Behind the 2023 Increase 
  18. Phishing Activity Trends Report, 1st Quarter 2022
  19. APWG — Phishing Activity Trends Report 1st Quarter 2022
  20. U.S. Department of Health and Human Services Office for Civil Rights — Breach Portal 
  21. HMP Global Learning Network — Report: Cybersecurity Threats Increasing for Healthcare Organizations 
  22. U.S. GAO — Critical Infrastructure Protection: Additional Federal Coordination Is Needed to Enhance K-12 Cybersecurity
  23. UK Department for Science, Innovation & Technology — Cyber security breaches survey 2023: education institutions annex
  24. GDPR Blog — The worrying state of cyber security in schools 
  25. Varonis — 2021 Data Risk Report Financial Services
  26. IBM Report — Half of Breached Organizations Unwilling to Increase Security Spend Despite Soaring Breach Costs
  27. CISOMAG — “Psychology of Human Error” Could Help Businesses Prevent Security Breaches
  28. Trustwave Spiderwebs Blog — The 2023 Retail Services Sector Threat Landscape
  29. Grant Thornton — Cyber security concerns in the retail sector
  30. BRC — How Retailers Can Address the Rising Cybersecurity Threat
  31. US Bureau of Labor Statistics — Information Security Analysts
  32. University of North Carolina — Cybersecurity: A Global Priority and Career Opportunity
  33. Allied Market Research — Cybersecurity in Banking Market Size, Share, Competitive Landscape and Trend Analysis Report
↑ Top