Cybersecurity Statistics and Trends for 2022
Cybersecurity Statistics – 2022 Key Findings
- More than half (60%) of consumers reported an increased concern for data safety due to the COVID-19 pandemic.
- In 2022, the total damage by cyberattacks reached $6 trillion.
- Cybercrimes caused $2 trillion in damages so far.
- There’s a cyberattack every 39 seconds.
- A ransomware attack happens every 14 seconds.
- On average, small businesses spend less than $500 on cybersecurity.
Cybercrime Statistics & Trends
Companies are targeted by a ransomware attack every 14 seconds.
For hackers, the most lucrative type of malware is ransomware. Therefore, it’s no surprise that these attacks are now the most common and that they are targeted toward companies big and small. Every minute, four of these attacks are launched around the world.
A cyberattack happens every 39 seconds.
(University of Maryland)
An unsecure computer connected to the internet can become a target of more than 2,000 cyberattacks per day, cyber security stats revealed this year. Hackers targeting institutions manage to do it not by hand, but by employing scripts and automated tools that probe their targets for vulnerabilities.
Analysts believe the United States will become the target of more than 50% of worldwide cybercrime attacks in the next five years.
American companies should look into reinforcing their defenses against cyber security attacks. Statistics and predictions from analysts place the US as the hottest target of cybercrime. Recent cyber security breaches and ransomware attacks show the signs of the growing threat.
In the US, only 10% of cybercrimes get reported.
Even though the United States is home to many IT giants and a large part of the internet industry, there aren’t that many reports on cybercrime. The reason is simple – often times it’s difficult or even impossible to prove that a digital crime actually happened. Reported cyber crime statistics are therefore much lower than the actual number of attacks.
Phishing accounts for 37% of all cyberattacks directed toward businesses.
More than one-third of all cyberattacks suffered by businesses involve phishing. These social engineering attacks exploit the possibility of human error, with hackers masking their malicious emails as legitimate messages from well-known companies and brands.
More than 90% of successful attacks against businesses originate from phishing.
Taking a deeper look into the phishing statistics, it becomes more obvious why this method is still the most popular one. It works. It works a little too well – not because it’s sophisticated or complex, but because it exploits human nature.
The largest DDoS attack was 1.3 terabytes per second.
In February 2018, a massive distributed denial of service attack struck down software depository platform GitHub. The hackers were sending 127 million packets every second, resulting in 1.3 TB of data transferred. The attack lasted for 10 minutes.
DDoS attacks are 39% more frequent than last year.
Cyber security statistics reveal that hackers are using DDoS attacks more than ever before. In fact, there was a 776% growth of attacks that used 100-400 Gbps of data in just one year. The usual targets of these attacks are satellite and wireless communications companies.
Hackers need just $1 to acquire their tools.
Hacking statistics are on the rise for one very simple reason – it has never been so affordable to become a hacker. A basic malware toolkit can be obtained for just $1, with many other tools costing a few hundred dollars or less. Data’s for sale too: You need just $25 to obtain a million compromised emails or passwords.
American companies are the least likely to pay a hacker’s ransom.
“Don’t negotiate with terrorists” is definitely a mantra among the American companies when dealing with ransomware. Only 3% of companies in the US paid ransom to hackers. On the other end of the cybersecurity statistics scale, companies in Canada have paid ransom to hackers in 77% of the time, followed by the UK at 42%.
Every other ransomware attack in 2018 targeted healthcare industry.
Ransomware statistics per industry paint a sad picture for the healthcare sector. This industry has been the most frequent target of hackers and malware, with 2018 seeing an increase of ransomware infections. By 2020, analysts believe, malware attacks on healthcare will quadruple.
More than 4 billion user accounts were exposed via data breaches in 2019.
(Risk Based Security)
Data breaches are on the rise. In the first half of 2019 there were more than 3,000 breaches, 54% more than in the same period of 2018. All told, these breaches exposed 52% more records and user accounts compared to the previous year.
A data breach in 2021 will typically cause $13 million worth of damage.
Predictions are pretty grim when it comes to cyber attack stats. Not only will the costs of corporate cybersecurity continue to grow – including investments in cyber insurance – but data theft will continue to rise as well. Recent hacking events show that malicious internet users keep finding holes in digital defenses.
The biggest security breach in history affected 3 billion user accounts.
Internet company Yahoo! suffered a data breach of unmatched proportions in 2013. Reported in 2017, this breach was confirmed to be the biggest in the history of the internet according to cyber security breach statistics. The second biggest breach happened this year. It targeted 885 million accounts at First American Financial Corp.
95 user logins get stolen every second.
Whether through data breaches or malware, more than 3 billion passwords and credentials end up in the wrong hands each year. More services, especially e-banking, now require regular password updates, while experts recommend having different passwords for every website and app.
Many companies don’t believe they’re properly secured from cyberattacks.
(Insurance Information Institute)
A vast majority of businesses are well aware of the growing cyberattack threat, and more than half of interviewed companies expressed concern about possible breaches. That being said, most companies believe they need even more protection and countermeasures against hackers.
A cyberattack could hurt the company’s reputation in addition to causing direct financial loss.
(Insurance Information Institute)
This is the internet age, so there’s much more than the money on the line for modern companies. One devastating hack attack could impact employees and clients due to data loss, that’s clear. But the company’s public image can suffer too. And there can be legal issues down the line. Surveys show that most businesses are, first and foremost, concerned about the financial hit.
Human error is still the greatest cause of data breaches and security failures.
Cybersecurity statistics in 2019 are led by one major factor when it comes to causes for breaches – humans. Specifically, a single human error is enough to bring down the whole system, so properly educating employees and practicing healthy cybersecurity habits reduces the potential risk.
300 billion passwords will be generated by 2020.
Even though there are efforts to remove the need for traditional login (with biometrics and similar cutting-edge tech), we’ll have to type passwords for years to come. With more user logins and credentials in the wild, there’s a greater chance for hackers to obtain them.
58% of companies have more than 100,000 unprotected folders.
Network firewalls are only the first line of defense, and they’re not impenetrable. Once hackers get inside your company’s system, they can’t do much if you have additional file and folder protection. For nearly 60% of companies, this unfortunately isn’t the case – and that is a massive preventable vulnerability.
4 out of 10 companies have over 1,000 unprotected sensitive files on their servers.
Health records, Social Security numbers, even credit card numbers. These are all stored in files across many companies, but a significant number of companies haven’t properly protected these sensitive files from hackers. Among the business cyber security statistics in 2019, unprotected files are a significant security risk.
Every third user account is stale.
Once an employee leaves a company, in one of three cases their old account remains enabled even though it’s no longer in use. This is called a “stale account” and it poses a risk for the company as a potential entry point for hackers. Deactivating stale accounts reduces the number of logins in circulation.
More than 60% of companies have more than 1,000 stale user accounts.
It’s alarming how many companies keep hundreds, even thousands of obsolete user accounts. Removing or deactivating these accounts is a security step a lot of companies skip. Data breaches, statistics show, are enabled by these kind of accounts.
Just 1 in 5 Americans update their passwords after hacks are exposed in news reports.
Many people won’t change their passwords until they forget them. This is actually the most common reason for updating passwords among Americans. Only 20% of American users update their passwords after reading news about security breaches.
IoT devices can be hacked just minutes after they’re connected.
The idea of a smart home might not sound as amazing in the near future. IoT devices like smart TVs, thermostats, cars, and speakers are great, but not as safe as we might be led to believe. Current statistics on cybersecurity point toward IoT as the biggest and easiest entry point for hackers. These devices have no integrated protection from hackers, so relying on strong network firewalls is the only solution.
Cloud-based storage and apps need protection, too.
A growing trend of moving files and software from local devices to the cloud creates new risks. Cloud computing should be treated with equal care as traditional computer security, especially since one misconfigured server could cause millions of dollars of damage.
ICE Consulting is an IT and cybersecurity service provider dedicated to helping the Life Science Community grow. For over 25 years we have helped biotech companies scale from startup to commercialization. We are proud members and service providers for the California Life Science (CLS), Biocom, and SoCalBio communities.