These Cybersecurity Statistics Prove That Your Security Matters

Cybersecurity statistics have shown that cyber-attacks are not to be treated lightly as they are constantly on the rise, growing yearly with millions of new victims. These people fall for the trap of the hacker and end up losing money and personal data.

Table of Content

1 . Data Breaches Hits a New Milestone

2. The Cost of a Data Breach

3. Developed Countries and Cyberattacks

4. The Rise of Cybercrimes During COVID-19

5. Ransomware Statistics

6. Phishing Statistics

7. Malware Statistics

8. DDoS Attacks

9. How to Protect Yourself from Cyber Attacks

They have been cybersecurity improvements to make it smarter and more difficult for an attacker to achieve their goal, but they too keep finding new ways to bypass these. We have several data breaches and statistics for hacking to help you understand better how widespread cybercrime is in society.

Data Breaches Hits a New Milestone


In 2019, as much as 15.1 billion records were exposed and that is a significant increase of 284% compared to the statistics of the previous year. The number of data breaches however only grew by 1% compared to the previous year, indicating that cybersecurity measures may be becoming more effective in combating these crimes (Risk Based Security).

Statistics of data breach usually skyrocket especially if the hackers put the stolen data on a platform like the dark web. They don’t immediately put it up but do so months or years after it has been stolen so it’s even more difficult for the authorities to know the source of the hack, or catch those behind the hack. So don’t be too comfy with the service you are using as it may have also been compromised and the attackers are waiting for the best time to strike.

Interesting Read : How Can You Tell If Hackers Are Controlling Your Phone or Tablet?

In 2019, the biggest breach according to cybersecurity statistics affected 1.2 billion people. This large data which was allegedly mainly harvested from People Data Labs and Oxydata was found in an unsecured server. Its content included names, phone numbers, email addresses, Facebook profile information, and LinkedIn amounting to 4 billion records in total.

Apart from this, other major data leaks in 2019 include:

1 . Orvibo which is a smart home technology company that lost 2 billion records

2. TrueDialog is an SMS texting solutions provider and they lost over 1 billion records of customer data

3. First American Financial Corporation is a financial services company and they lost 885 million records

4. “Collection #1” lost 773 million records (HIBP) but the source of the breach hasn’t been identified

A decade ago, this vast number of breaches was insignificant as only 986 breaches were reported, and only 103 million records were exposed. With cybersecurity statistics showing tremendous growth in data breaches, experts believe that cybercrime expenses worldwide will be more than $6 trillion yearly from 2021.

The Cost of a Data Breach


On average, the cost of a data breach is $3.86 million but it depends on the country as it varies in different countries. US companies have much more expenses as it can go up to $8.64 million (IBM). However, it all depends on the scale of the hack and the company’s size.

The personal details of about 500,000 British Airways customers were exposed in 2018, and this included data like names, credit card numbers, expiration dates, CCV, codes, and email addresses. Since British Airways failed to comply with GDPR (General Data Protection Regulation) to secure customer data, British Airways were fined to the tune of £183 million. They are still appealing the fine in court and expect that it gets reduced to £22 million.

According to IBM, it takes an average of 280 days to identify a breach and to contain it. Companies that could detect a data breach in less than 200 days spent less than $1.1 million on average to recover showing that time is of the essence in hacking situations. The consequences of data breaches can continue to haunt a company for years after the incident as only 61% of the cost shows up in the first year after the incident. 24% comes up in the next year, and 15% comes up two years later. Apart from the price implication, there is also a bad reputation and loss of customers leading to loss of revenue that the company may suffer.

Developed Countries and Cyberattacks


Developed countries stand at a higher risk of cybercrime and this is not at all because of their poor digital security. Countries like Denmark, Sweden, or Norway have high incomes, widespread smartphones, constant commuting, and a high rate of shopping from eCommerce websites and all of these are what make these countries particularly appealing to cybercriminals.

India on the other hand is considered the least likely to get a cyberattack because of their low usage of the internet. Only 1 out of 3 Indians use the internet but the 1 that uses is at higher risk of getting hacked than some developed countries because of their very active online activities.

A rough estimate shows that 20% of the world population has fallen victim to cybercrime at one point in time.

The Rise of Cybercrimes During COVID-19


During the rise of the COVID-19 pandemic which had the whole world united to fight the deadly virus, cyber criminals saw it as an opportunity to launch strikes. It was even easier with a lot of remote workers due to the pandemic.

Cybercrimes increased by 400% in March 2020 in comparison to previous months, and this cybersecurity statistic showed that COVID-19 led to one of the biggest threats to cybersecurity ever. The attacks came in different forms like phishing, email compromise, malicious links, ransomware, malware, and fake landing pages (Reedsmith).

Google announced in April that the number of phishing emails and malware that they were blocking daily during the COVID-19 pandemic was at 18 million. The scams included an impersonation of government and health organizations like WHO. Even though 99% of the emails were blocked and never reached their target, many people still fell for it.

Zoom saw a rise in new users due to the rise in remote work, but they were under criticism for having weak security. About 530,000 Zoom accounts were discovered as up for sale on the dark web and they had usernames, passwords, host keys, email addresses, and personal meeting web addresses.

Of the 1.2 million analyzed hostnames in March and April, it was found that 86,600 were malicious or at high risk. (Palo Alto’s Unit 42). The US was at the top of that list, followed by Italy, Germany, and Russia. Hackers are familiar with the opportunities that come with a crisis and never fail to exploit it.

Ransomware Statistics


Just as the name implies, ransomware occurs when hackers encrypt your data and prevent your access to it unless you pay a ransom. It’s a booming cyber business and even though experts discourage any forms of payment to these cybercriminals, many victims go ahead to make payments.

According to one report, 1 out of 4 organizations have paid a ransom to have their data unencrypted and most got their data back. In some cases, however, the hacker would refuse to unlock the data even after the ransom has been paid. (Sophos).

Interesting Read : How to Secure Your Customers’ Data Over Insecure Public Wi-Fi?

Compliance with paying for ransomware to be removed also varies with country. India has a significant level of compliance as 66% of organizations comply, while only 4% of organizations in Spain comply. Worldwide, 56% of companies get their seized data back through the backups they had done and it points to the need to always being prepared for the worst that could happen at every point.

The following are ransomware attack techniques:

1 . An email or a downloaded file with a malicious link – 29%

2. Remote attack on the company’s server – 21%

3. Emails containing malicious attachment – 16%

4. Remote Desktop Protocol (RDP) – 9%

5. Misconfigured public cloud

6. Through a supplier working with an organization – 9%

7. Through a USB or any other removable media device – 7%

Windows users have the highest rate of ransomware attacks at 87%, while macOS only has 7% of such attacks. The WannaCry ransomware attack is one of the most notorious and it infected 200,000 windows OS computers in 150 countries. Each user was asked to pay $300 – $600 in bitcoin to get their data back. National Health Service hospitals in England and Scotland got the hardest hits with 70,000 of their computers affected. WannaCry is still active and running to date.

How Much a Ransomware Attack Costs

The Baltimore city government was hit by a ransomware attack in 2019 and was asked to pay $76,000 in bitcoin to get their data back. This attack crippled public services and the estimated cost of recovery was around $18 million.

FedEx suffered even more in 2017 when they were hit by NotPetya ransomware. It put a hold on the company’s operations and they lost $300 million.

Facts About Ransomware

1 . In 2019, there were 188 million ransomware attacks 

2. In 2020 the first ransomware related death in a hospital in Germany was recorded

3. NotPetya ransomware costs about $10 billion

4. WannaCry ransomware caused a cancellation of 19,000 appointments in a week in the UK’s National Health Service

5. A victim falls victim to a ransomware attack every 14 seconds

Phishing Statistics


Phishing is a cyberattack that is used to steal sensitive information from people through fake emails or text messages. In phishing, hackers pretend to be who they are not by acting as representatives from a reputable company and manipulate you to click on malicious links or attachments.

According to a report by Verizon, 88% of organizations worldwide had their share of phishing attacks in 2019 with the healthcare and manufacturing industries at the highest risk. Phishing attacks are however not for corporate bodies only as they also target individuals. The tendency for someone to click on a malicious link increases with the number of emails that are sent.

Some brands are more frequently impersonated than others and they include:

1 . Apple

2. Yahoo

3. Netflix

4. PayPal

5. WhatsApp

6. Amazon

7. Microsoft

8. Chase

9. Facebook

10. eBay

These brands are mostly used because an email from such companies asking for a change of password or renewal of credit card details hardly raises any suspicions and hackers capitalize on it. Due to the COVID-19 pandemic, hackers favored Zoom mostly and impersonated the brand a lot.

Some hackers prefer to be specific in their attacks and they get personal. 65% of hackers went with spear-phishing which means they did good research on their target before launching the attack. The research could include data gotten from data breaches, social media, or anything they can find online on the target.

Many internet users see phishing attacks as something they can’t fall for but studies have discredited this. 38% of internet users without cyber awareness training could fall for phishing attempts as they fail phishing tests.

Cost of A Phishing Attack

According to this report from the FBI, there were over 166,0000 phishing incidents between June 2016 and July 2019. A total of $26 billion was lost worldwide by victims of the attacks and US citizens had a larger share with $10 billion in losses from 69,000 victims. It is estimated that a new phishing site is launched after every 20 seconds.

Tech giants can also fall victim to phishing attacks. Between the years 2013 and 2015, google and Facebook lost over $100 million to scammers. The hackers impersonated a Taiwanese company, created fake email accounts, and sent invoices with those accounts to Google and Facebook’s employees. It may seem easy to detect this now, but nobody noticed anything malicious at that time as they made money transfers to the scammer.

Facts About Phishing

1 . 30% of sent phishing emails are opened by the target

2. 58% of phishing websites also use SSL/TLS and HTTPS to fool the victim into thinking they are legit

3. 15% of those who have fallen victim to phishing scams get targeted at least one more time within the same year

4. The most popular file formats in phishing attacks are PDFs and Microsoft Office files

5. Intelligence gathering is what drives 96% of spear-phishing attacks

Malware Statistics

Just like the name, malware is software that is built for malicious purposes like stealing your data, damaging your device, or monitoring your internet activity. Examples of malware include a virus, spyware, worms, ransomware, and adware.

You get 94% of malware via email. macOS had been thought to be malware resistant for many years but with hackers growing with the trend, things are changing. With Apple devices being more popular and having more users, the malware cases on macOS have seen a significant increase of 400% in the last years. Windows however still has the largest of malware reported cases at 84%.

Interesting Read : How Secure Is A VPN and What Does It Protect You From?

IoT devices have also been growing in popularity and hackers are shifting their focus here. Statistics for computer crime shows 25 million IoT malware attacks in the year 2019 and 75% targeted at routers. According to experts, 75 million IoT devices would be in operation around the world at the end of 2025 and it will attract hackers further.

The following are the most hit countries with malware attacks:

1 . The US

2. China

3. United Kingdom

4. Canada

5. India

You can use the ILOVEYOU virus to get a good understanding of how quickly malware can spread. This virus was widely spread in 20000, sending itself to everyone in the email list of the targeted victim, overwriting files, and causing system crashes. According to some estimates, about 10% of the computers in the world were affected by this virus including those at the Pentagon, CIA, the British Parliament, and large corporate bodies.

Not all apps on the app store or play store have good intentions as malicious apps can conceal their true purpose and make it to the app store. In march 2020, 56 malicious apps were found on google play with a download number of 1.7 million. The apps were masking as calculators, translation apps, recipe apps, and racing games.

The statistics of cyberattacks in millions are as follows:

1 . 2009 – 12.4

2. 2010 – 29.97

3. 2011 – 48.17

4. 2012 – 82.62

5. 2013 – 165.81

6. 2014 – 308.96

7. 2015 – 452.93

8. 2016 – 580.40

9. 2017 – 702.06

10. 2018 – 812.67

The Cost of Malware Attacks

On average, the cost of a malware attack on a company is $2.6 million, making it the most expensive of all cybercrimes. The cost involves the following:

1. Loss of information

2. Revenue loss

3. Business disruption

4. Equipment damage

Facts About Malware

1 . 1 out of every 13 web requests leads to malware

2. Trojans are responsible for 51.45% of all malware

3. According to cybersecurity experts, 1/3 of the world’s computers are infected by malware

4. 350,000 new malicious programs together with unwanted apps are found daily

5. There are a total of 980 million malicious programs right now

DDoS Attacks

A DDoS attack happens when an attacker clogs your network or device with traffic. This way services get slowed down or even crash to satisfy their needs. According to experts, DDoS attacks would double from 7.9 million to 15.4 million between 2018 and 2023.

A DDoS attack can be responsible for up to ¼ of the internet traffic in a country.

Some industries that are mostly targeted by DDoS attacks include:

1 . Games – 35.9%

2. Gambling – 31.3%

3. Computers and the internet – 26.5%

4. Business – 3.4%

5. Finance – 3%

In 2015, a British hacker caused a loss of internet in Liberia after launching a DDoS attack. The attacker was working for Cellcom, a telecom operator in Liberia, and was meant to attack the competition; Lonestar. Lonestar lost a lot of money as a result of the attack.

The Cost of A DDoS Attack

DDoS attacks could be as expensive as $120,000 for small companies, and as high as $2 million for larger companies. DDoS attacks can be bought on the dark web for as little as $150.

DDoS Facts

1 . The longest recorded DDoS attack lasted for 13 days and caused 292,000 requests per second at its peak. In normal circumstances, DDoS attacks last for 15 minutes tops.

2. 2/3 of the total DDoS attacks are from China

3. Many big companies have suffered from DDoS attacks including GitHub, BBC, JP Morgan Chase, Dyn, and Bank of America

4. Some businesses (12%) who have suffered from DDoS attacks believe their rivals launched the attack against them

5. Every day, 2000 DDoS attacks are registered

How to Protect Yourself from Cyber Attacks


1 . Use a VPN: a VPN hides your real IP address and sends out requests via another IP service so that you are anonymous. It also encrypts your data and traffic so you will be protected from the eyes of hackers, your ISP, and other third parties. With the constant rise of cyberattacks, you need to use a premium VPN service that is easy to use and also provides you with the best security to protect yourself. LimeVPN is such a service that keeps you both anonymous and secure.

2. Use strong passwords and change them regularly. Your passwords should be a combination of special symbols and numbers, with letters of both upper and lower cases. Use a password manager to store all passwords if the risk of forgetting them is what would make you use a less secure password. Also, use different passwords for different accounts, and don’t store them on your device.

3. Update your software as soon as it’s released. Each software has a loophole through which hackers exploit to gain access to your device. Just as they are constantly looking for such loopholes, every software update fixes bugs and closes those vulnerabilities that existed making the new software more secure than the previous.

4. Don’t click on suspicious links. If you visit a website or receive an email that isn’t trustworthy, then it probably is malicious. Leave such websites immediately, and don’t click on anything.

5. Always backup your files. This way you will still have access to your files even if ransomware has been used to lock you out of your files. It will save you from spending a lot of money.

6. Install antivirus software and always scan for malware.


According to cybersecurity statistics, there is a constant rise in cyber-attacks making it necessary to protect your files and devices. There are different types of cyberattacks and different ways they are launched but they can all be prevented with the right tools and approach to online activities. The use of a VPN will protect your data as your traffic would be heavily encrypted. It also keeps you anonymous as it changes your IP address. Not every VPN can protect you adequately, so only choose the best; go for LimeVPN.

A Complete gamer and a Tech Geek. Brings out all her thoughts and love in writing blogs on IOT, software, technology etc