40+ Terrifying Cybersecurity Statistics You Need to Know for 2024

Interested in learning about trends in data loss prevention, ransomware, and cybercrime? These cybersecurity statistics from the last 5 years will outline contemporary cybersecurity trends and provide a preview of what is being predicted for the future of cybersecurity.

1) 58% of companies have over 1,000 inactive user accounts

This shocking cybersecurity statistic comes from the 2019 Varonis Global Data Risk Report. What’s even more troubling is how prevalent inactive user accounts are in financial services; the Varonis 2021 Financial Services Data Risk Report discloses that nearly 40% of financial services companies have more than 10,000 inactive users.

These inactive accounts increase the attack surface of the network as they are a potential entry point for an attacker. To prevent the proliferation of inactive user accounts it is critical that employees are deprovisioned from the network during offboarding.

2) 86% of breaches in 2020 were financially motivated

Being aware of the top motivations of threat actors will help you prioritize the data that needs to be prioritized as part of your data loss prevention strategy. These findings from the 2020 Verizon Data Breach Investigations Report confirm that the monetary value of sensitive data is a key motivator for insider threats, malicious hackers, and other threat actors. 

58% of the victims studied in the report had personal data compromised during the attack. Personally identifiable information (PII) is incredibly valuable as it can be readily sold and traded amongst cybercriminals.

3) Global cybercrime is expected to inflict a total of $6 trillion USD in damages in 2021

As reported by Cybersecurity Ventures the financial impact of cybercrime is expected to reach $6 trillion USD in 2021 and rise to $10.5 trillion USD annually by 2025.

To put these damages into perspective the United States was the world’s largest economy in 2020, with a nominal GDP of $21.44 trillion. If cybercrime was measured as a country, it would be the world’s third-largest economy after the US and China.

4) 59% of buyers are likely to avoid companies that suffered from a cyberattack in the past year

This finding from the Arcserve 2020 Data Attack Surface Report is of little surprise. Cybersecurity is a significant competitive advantage; after all, would you leave your sensitive personal data with someone who doesn’t prioritize data security?

The report goes on to state that 25% of consumers across North America, the United Kingdom, France, and Germany would go so far as to abandon a product or service in favor of a competitor following a single ransomware-related service disruption, failed transaction, or instance of inaccessible information.

As the threat landscape continues to evolve organizations of all sizes need to ensure that cybersecurity is a top priority. The rapid proliferation of security vulnerabilities greatly increases their attack surface, providing threat actors with ample opportunity to compromise sensitive data and networks.

5) Global ransomware damage costs are predicted to reach $20 billion by 2021

The very same Arcserve report as before reveals that damages caused by ransomware have risen dramatically in recent years; the $20 billion USD in ransomware damages that are predicted for 2021 are 57x greater than the damages that occurred in 2015. 

Prime examples of financial damages inflicted by ransomware include NotPetya (est. $10 billion USD) and WannaCry (est. $4 billion USD), both of which used the EternalBlue exploit in their attacks. 

Ransomware attacks have steadily been on the rise over the last 5 years. Further research from the Beazley Breach Response (BBR) Services found that ransomware attacks increased by 131% between 2018 and 2019 alone. Cybersecurity Ventures predicts that there will be a ransomware attack on businesses every 11 seconds in 2021, up considerably from every 40 seconds in 2016.

Ransomware is incredibly profitable for cybercriminals. Accenture found that from the first quarter to the second quarter of 2020 there has been a 60% increase in the average ransom payment (US$178,254).

Why is ransomware so profitable? Simply put, victims are willing to pay; even against FBI recommendations. Cybercriminals prioritize their targets based on the perceived odds of receiving a ransom payment from their victim. Researchers from IBM Security’s X-Force surveyed executives at 600 businesses and found that 70% of those that were hit with ransomware have paid the ransom. 

Common ransomware targets

• Emergency Services: Entities that provide critical services are under considerable pressure to provide ransom payments so they can return to full operational capacity as fast as possible. 
• Managed Service Providers: MSP are responsible for the security, support, and maintenance of mission-critical IT services. MSPs are likely ransomware targets as their entire customer base could be lost to an attack should they not remediate the attack.
• Manufacturing: While any valuable sector with any sort of legacy infrastructure is at risk for a ransomware attack, a survey from Darktrace found that cyberattacks against manufacturers increased 7x from January 2020 to April 2020. 

6) 70% of consumers believe that businesses aren’t doing enough to secure their personal information

The Arcserve report confirms that organizations of all sizes simply cannot afford to neglect investing in cybersecurity if they want to earn and keep the trust of their customers. Unfortunately, the surveyed consumers aren’t feeling hopeful about corporate cybersecurity standards; 70% stated that they feel that businesses simply aren’t doing enough to adequately secure their personal information.

Their feelings on the matter are entirely valid, too. The 2019 Varonis Global Data Risk Report found that a disappointing average of only 5% of companies’ folders are properly protected against cyber security risks. Should an insider threat or external actor break into their network the potentially sensitive data contained within these folders can be readily stolen for financial or strategic gain.

7) 90% of UK cybersecurity breaches in 2019 were caused by human error

A 2019 CybSafe analysis of data from the UK Information Commissioner’s Office (ICO) found that 90% of cybersecurity breaches in the UK were in some way attributable to human error. 

The critical role that security training has on data security cannot be understated. The 2020 Webroot Threat Report found that running 11 or more training courses over the course of 4-6 months reduces the click-through rate of phishing emails by 65%. 

To prevent your employees from becoming the weakest link in your organization’s security strategy you need to ensure that you combine critical data security controls with ongoing security training for all staff. 

8) 93.6% of malware observed in 2019 was polymorphic

This finding from the 2020 Webroot Threat Report provides an overview of how sophisticated malware has become. Polymorphic malware has the ability to constantly modify its code in order to evade detection. Many of the common malware variants can be polymorphic including viruses, worms, bots, trojans, or keyloggers

Malware is in no way rare, either. According to the Malware Statistics & Trends Report dashboard from AV-TEST 15,224,388 new malware and potentially unwanted applications were found in January 2021 alone. 

9) From 2018 to 2019 there was a 125% increase in malware targeting Windows 7

Windows 7 reached its End-of-Life stage on January 14, 2020. Since Windows 7 is no longer supported with patches for critical security vulnerabilities any computer that is currently running Windows 7 should no longer be considered protected.

This cybersecurity statistics from the 2020 Webroot Threat Report further emphasizes this truth. If you have not yet upgraded your operating system you can visit our guide on what options you have for transitioning from Windows 7 to Windows 10. 

10) The likelihood of organized cybercrime entities being detected and prosecuted is estimated to be as low as 0.05% in the U.S

As you can see, the successful detection and prosecution of cybercriminal organizations is exceedingly rare. 

While organizations such as the Internet Crime Complaint Center (IC3) in the US and The National Cybercrime Coordination Unit (NC3) in Canada exist to assist with the investigation of cybercrimes, there are a variety of factors that make gathering evidence and prosecuting offenders difficult.

Why is cybercrime difficult to prosecute?

• Jurisdiction: Even with sufficient evidence to prove who is responsible for a cyberattack, if the cybercriminal operates across jurisdictional boundaries it will be difficult to prosecute them unless there is full cooperation of allied countries to honor arrest warrants.
• Legality: Cybercrime is a relatively new phenomenon in contrast to laws that have been enacted in the pre-internet days. In some cases there simply isn’t a legal precedent to properly address whether or not a given action is prosecutable under current legislation.
• Underreporting: Simply put, the majority of cybercrimes aren’t even reported. The reporting of cybercrimes is increasing, though. Since COVID-19, the The FBI’s Internet Crime Complaint Center reported a 300% increase in reported cybercrimes. In Canada, police-reported cybercrimes increased by 12% from 2017 to 2018.

Looking for more cybersecurity statistics, data, and information? These 5 cybersecurity statistics reports provide a wealth of information so you can learn more about the global cybersecurity landscape.

1) Verizon Data Breach Investigations Report

Every year Verizon releases a new Data Breach Investigations Report with data breach statistics, security incident insights, and cybersecurity statistics from organizations of all sizes. | Learn More

2) 2018 Varonis Global Data Risk Report

The 2018 Global Data Risk Report from the Varonis data lab examined Data Risk Assessments performed by Varonis engineers throughout 2017 to gauge the prevalence and severity of exposed critical information and sensitive files, and evaluate what companies are doing (or not doing) to secure their most critical data. | Learn More

3) 2020 CIRA Cybersecurity Report

For this report the Canadian Internet Registration Authority (CIRA) contracted The Strategic Counsel to interview 500 workers with responsibility for IT security. This report was created to further the understanding of how Canadian companies approach cybersecurity. In total, 64% of businesses in the sample indicated they do business exclusively in Canada. | Learn More

4) Cisco Cybersecurity Report Series

Over the past decade, Cisco has published security and threat intelligence information for security professionals interested in the state of global cybersecurity. These comprehensive reports provide detailed accounts of threat landscapes and their effects on organizations, as well as best practices to defend against the adverse impacts of data breaches. In their most recent Cybersecurity Report Cisco explores the ins and outs of threat hunting and provides a how-to guide for creating a threat-hunting team at your organization. | Learn More

5) Accenture 2020 Cyber Threatscape Report

This latest report from Accenture Cyber Threat Intelligence aims to help their clients, partners and community members by offering cybersecurity information that allows them to stay ahead of threats relevant to their businesses, industries and geographies. | Learn More

6) CurrentWare: Keep Data Safe When Offboarding Employees

Are you concerned about the damage a terminated employee could cause with access to sensitive corporate information, account passwords, and other proprietary data? In this white paper you will learn the best practices for deprovisioning employees from your network and preventing data theft during a termination. | Learn More: Security tips for offboarding employees

Why should I not pay a ransomware demand?

Organizations that pay ransomware demands prove that they are willing to pay, increasing risks for future attacks. Furthermore, there is no guarantee that data can be recovered following payment. Although the attackers may be motivated to maintain a reputation that they will honor their end of the deal, there is no guarantee that data can be recovered after a payment.

As for reporting a ransomware attack, in the United States the FBI urges organizations to report the attack to law enforcement, such as the FBI’s Internet Crime Complaint Center (IC3).

In Canada the National Cybercrime Coordination Unit (NC3) and the Canadian Anti-Fraud Centre are working on implementing a new cybercrime and fraud reporting system for Canadians and businesses

How can I prevent ransomware attacks?

Need to prevent ransomware attacks? Follow these ransomware prevention tips from the Beazley 2020 Breach Briefing.

1. Lock down RDP: Remote Desktop Protocol is regularly used as an attack vector for ransomware. You should disable RDP when it is not required and apply secure configurations when RDP is enabled, including the use of strong, unique passwords and multi-factor authentication (MFA). 
2. Require MFA: MFA must be enabled for internal administrative accounts and for accounts with external access to applications. This is particularly true for sensitive accounts such as email, RDP and VPNs.
3. Disable PowerShell: Update PowerShell to the latest framework and disable PowerShell on workstations where possible. Where PowerShell cannot be disabled, logging and continuous monitoring of PowerShell activity is critical.
4. Patch systems: Enable automatic patching for all operating systems and internet browsers. Ensure that anti-virus signatures are up-to-date so that your security software can detect known emerging threats.
5. Apply web filtering: Use a web filter to block connections to malicious websites. Ransomware infections can occur through malicious websites or malicious advertisements that redirect the user to a dangerous website. 
6. Limit administrative rights: Admin rights should be limited to employees with IT roles. These privileged accounts must be protected with MFA and IT staff must use non-privileged accounts for day-to-day activities, limiting the use of admin accounts to an as-needed basis.
7. Conduct security awareness training: Train employees on how to recognize common threats and scams. Conducting phishing exercises periodically enhances security awareness and improves employee responses to cyber attacks.
8. Backup Data: Restoring from backups has been found to be significantly faster than providing a ransom payment, especially considering the risk that the attackers could maintain a backdoor into the organization’s infrastructure if the systems is not reimaged.

How many businesses are targeted by spear-phishing attacks each day?

• 62% of businesses experienced phishing and social engineering attacks in 2018 with a new organization falling victim to ransomware every 14 seconds in 2019. (PurpleSec 2020 Cyber Security Statistics: The Ultimate List Of Stats, Data & Trends)
• 88% of organizations worldwide experienced spear phishing attempts in 2019. (Proofpoint 2020 State of the Phish Report)
• 65% of groups used spear-phishing as the primary infection vector. (Symantec Internet Security Threat Report (ISTR) 2019)
• 64% of organizations have experienced a phishing attack from 2018-2019 (Check Point Research Security Report 2018)
• Targeted emails, or spear phishing, is reported by businesses to be used in 91% of successful data breaches and 95% of all enterprise networks. (PurpleSec 2020 Cyber Security Statistics: The Ultimate List Of Stats, Data & Trends)
• There has been a 600% increase in malicious emails due to the COVID-19 pandemic (U.N. disarmament chief Izumi Nakamitsu)

Phishing attacks are part of what percentage of cyberattacks?

• 22% of breaches in 2020 involved phishing (Verizon Data Breach Investigations Report 2020)
• 70% of cyber attacks in 2016 used a combination of phishing and hacking. (Verizon Data Breach Investigations Report (DBIR) 2016)
• 70% of breaches associated with a nation-state or state-affiliated actors involved phishing (Verizon Data Breach Investigations Report (DBIR) 2018)

What will the projected cost of cybercrime be in 2021?

• Ransomware damage worldwide is expected to reach $21 billion by 2021 (Cybersecurity Ventures – Cybercrime Facts And Statistics, 2021 Report: Cyberwarfare In The C-suite)
• Cybercrime as a whole is expected to inflict a total of $6 trillion USD in damages globally in 2021. Estimates expect this to rise to $10.5 trillion USD annually by 2025. (Cybersecurity Ventures – Cybercrime Facts And Statistics, 2021 Report: Cyberwarfare In The C-suite)

Conclusion

These must-know cybersecurity statistics for 2021 demonstrate significant trends in the cybersecurity landscape. Ongoing security threats such as ransomware, advanced persistent threats (APT), nation-state hacker groups, and insider threats will continue to evolve their tactics to bypass security measures and compromise critical infrastructure. Business owners and consumers alike simply cannot afford to forgo investing in critical security measures and best practices. 

Stock Illustrations from Stories by Freepik