Interested in learning about trends in data loss prevention, ransomware, and cybercrime? These cybersecurity statistics from the last 5 years will outline contemporary cybersecurity trends and provide a preview of what is being predicted for the future of cybersecurity.
Top 10 Cybersecurity Statistics for 2021
1) 58% of companies have over 1,000 inactive user accounts
This shocking cybersecurity statistic comes from the 2019 Varonis Global Data Risk Report. What’s even more troubling is how prevalent inactive user accounts are in financial services; the Varonis 2021 Financial Services Data Risk Report discloses that nearly 40% of financial services companies have more than 10,000 inactive users.
These inactive accounts increase the attack surface of the network as they are a potential entry point for an attacker. To prevent the proliferation of inactive user accounts it is critical that employees are deprovisioned from the network during offboarding.
2) 86% of breaches in 2020 were financially motivated
These findings from the 2020 Verizon Data Breach Investigations Report confirm that the monetary value of sensitive data is a key motivator for insider threats, malicious hackers, and other threat actors.
58% of the victims studied in the report had personal data compromised during the attack. Personally identifiable information (PII) is incredibly valuable as it can be readily sold and traded amongst cyber criminals.
3) Global cybercrime is expected to inflict a total of $6 trillion USD in damages in 2021
As reported by Cybersecurity Ventures the financial impact of cybercrime is expected to reach $6 trillion USD in 2021 and rise to $10.5 trillion USD annually by 2025.
To put these damages into perspective the United States was the world’s largest economy in 2020, with a nominal GDP of $21.44 trillion. If cybercrime was measured as a country, it would be the world’s third-largest economy after the US and China.
4) 59% of buyers are likely to avoid companies that suffered from a cyberattack in the past year
This finding from the Arcserve 2020 Data Attack Surface Report is of little surprise. Cybersecurity is a significant competitive advantage; after all, would you leave your sensitive personal data with someone who doesn’t prioritize data security?
The report goes on to state that 25% of consumers across North America, the United Kingdom, France, and Germany would go so far as to abandon a product or service in favor of a competitor following a single ransomware-related service disruption, failed transaction, or instance of inaccessible information.
As the threat landscape continues to evolve organizations of all sizes need to ensure that cybersecurity is a top priority. The rapid proliferation of security vulnerabilities greatly increases their attack surface, providing threat actors with ample opportunity to compromise sensitive data and networks.
5) Global ransomware damage costs are predicted to reach $20 billion by 2021
The very same Arcserve report as before reveals that damages caused by ransomware have risen dramatically in recent years; the $20 billion USD in ransomware damages that are predicted for 2021 are 57x greater than the damages that occurred in 2015.
Prime examples of financial damages inflicted by ransomware include NotPetya (est. $10 billion USD) and WannaCry (est. $4 billion USD), both of which used the EternalBlue exploit in their attacks.
What is EternalBlue?
EternalBlue is a cyberattack exploit that was developed by the U.S. National Security Agency (NSA) and later leaked by the Shadow Brokers hacker group on April 14, 2017. EternalBlue leverages an exploit known as “Windows SMB Remote Code Execution Vulnerability.” (CVE-2017-0144) to execute arbitrary code in Windows servers.
Ransomware attacks have steadily been on the rise over the last 5 years. Further research from the Beazley Breach Response (BBR) Services found that ransomware attacks increased by 131% between 2018 and 2019 alone. Cybersecurity Ventures predicts that there will be a ransomware attack on businesses every 11 seconds in 2021, up considerably from every 40 seconds in 2016.
“The ransomware landscape has been rapidly evolving. Back then, instances of ransomware typically involved the target’s data being encrypted, but not accessed or exfiltrated. Today, however, not only has the frequency of ransomware attacks increased substantially, but the added threat of a data breach makes them potentially much more damaging.”
2020 Breach Briefing, Beazley Breach Response (BBR) Services
Ransomware is incredibly profitable for cybercriminals. Accenture found that from the first quarter to the second quarter of 2020 there has been a 60% increase in the average ransom payment (US$178,254).
Why is ransomware so profitable? Simply put, victims are willing to pay; even against FBI recommendations. Cybercriminals prioritize their targets based on the perceived odds of receiving a ransom payment from their victim. Researchers from IBM Security’s X-Force surveyed executives at 600 businesses and found that 70% of those that were hit with ransomware have paid the ransom.
Common ransomware targets
- Emergency Services: Entities that provide critical services are under considerable pressure to provide ransom payments so they can return to full operational capacity as fast as possible.
- Managed Service Providers: MSP are responsible for the security, support, and maintenance of mission-critical IT services. MSPs are likely ransomware targets as their entire customer base could be lost to an attack should they not remediate the attack.
- Manufacturing: While any valuable sector with any sort of legacy infrastructure is at risk for a ransomware attack, a survey from Darktrace found that cyberattacks against manufacturers increased 7x from January 2020 to April 2020.
6) 70% of consumers believe that businesses aren’t doing enough to secure their personal information
The Arcserve report confirms that organizations of all sizes simply cannot afford to neglect investing in cybersecurity if they want to earn and keep the trust of their customers. Unfortunately, the surveyed consumers aren’t feeling hopeful about corporate cybersecurity standards; 70% stated that they feel that businesses simply aren’t doing enough to adequately secure their personal information.
Their feelings on the matter are entirely valid, too. The 2019 Varonis Global Data Risk Report found that a disappointing average of only 5% of companies’ folders are properly protected against cyber security risks. Should an insider threat or external actor break into their network the potentially sensitive data contained within these folders can be readily stolen for financial or strategic gain.
7) 90% of UK cybersecurity breaches in 2019 were caused by human error
A 2019 CybSafe analysis of data from the UK Information Commissioner’s Office (ICO) found that 90% of cybersecurity breaches in the UK were in some way attributable to human error.
The critical role that security training has on data security cannot be understated. The 2020 Webroot Threat Report found that running 11 or more training courses over the course of 4-6 months reduces the click-through rate of phishing emails by 65%.
To prevent your employees from becoming the weakest link in your organization’s security strategy you need to ensure that you combine critical data security controls with ongoing security training for all staff.
8) 93.6% of malware observed in 2019 was polymorphic
This finding from the 2020 Webroot Threat Report provides an overview of how sophisticated malware has become. Polymorphic malware has the ability to constantly modify its code in order to evade detection. Many of the common malware variants can be polymorphic including viruses, worms, bots, trojans, or keyloggers
Malware is in no way rare, either. According to the Malware Statistics & Trends Report dashboard from AV-TEST 15,224,388 new malware and potentially unwanted applications were found in January 2021 alone.
9) From 2018 to 2019 there was a 125% increase in malware targeting Windows 7
Windows 7 reached its End-of-Life stage on January 14, 2020. Since Windows 7 is no longer supported with patches for critical security vulnerabilities any computer that is currently running Windows 7 should no longer be considered protected.
This cybersecurity statistics from the 2020 Webroot Threat Report further emphasizes this truth. If you have not yet upgraded your operating system you can visit our guide on what options you have for transitioning from Windows 7 to Windows 10.
10) The likelihood of organized cybercrime entities being detected and prosecuted is estimated to be as low as 0.05% in the U.S
As you can see, the successful detection and prosecution of cybercriminal organizations is exceedingly rare.
While organizations such as the Internet Crime Complaint Center (IC3) in the US and The National Cybercrime Coordination Unit (NC3) in Canada exist to assist with the investigation of cybercrimes, there are a variety of factors that make gathering evidence and prosecuting offenders difficult.
Why is cybercrime difficult to prosecute?
- Jurisdiction: Even with sufficient evidence to prove who is responsible for a cyberattack, if the cybercriminal operates across jurisdictional boundaries it will be difficult to prosecute them unless there is full cooperation of allied countries to honor arrest warrants.
- Legality: Cybercrime is a relatively new phenomenon in contrast to laws that have been enacted in the pre-internet days. In some cases there simply isn’t a legal precedent to properly address whether or not a given action is prosecutable under current legislation.
- Underreporting: Simply put, the majority of cybercrimes aren’t even reported. The reporting of cybercrimes is increasing, though. Since COVID-19, the The FBI’s Internet Crime Complaint Center reported a 300% increase in reported cybercrimes. In Canada, police-reported cybercrimes increased by 12% from 2017 to 2018.
Computer Crime Prevention Statistics
Prevention Cybersecurity StatisticSource
| In 2018, Canadians who used the Internet protected themselves while online by: deleting their browser history (61%), blocking emails, including junk mail and spam (60%) and blocking other types of messages (34%).
Internet users also took steps to protect their privacy and personal information online by changing the privacy settings on accounts or apps to; limit their profile or personal information (42%) and enable or disable their location (45%). |
Canadian Internet Use Survey (CIUS), 2018 |
| 70% of consumers across North America, the United Kingdom, France, and Germany believe businesses aren’t doing enough to adequately secure their personal information | Arcserve – The 2020 Data Attack Surface Report |
| Compared to the previous year, police-reported cyber crimes in Canada increased 12% in 2018. | Uniform Crime Reporting Survey (UCR), 2018 |
| In 2018, Canadian police services reported almost 33,000 cyber-related violations. | Uniform Crime Reporting Survey (UCR), 2018 |
| The likelihood of organized cybercrime entities being detected and prosecuted is estimated to be as low as 0.05% in the U.S | World Economic Forum: The Global Risks Report 2020 |
| Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes | The FBI’s Internet Crime Complaint Center |
| In 2017, Canadian businesses spent a total of $14 billion on prevention, detection and recovery from cyber security incidents. The vast majority (94%) of businesses in Canada had some level of expenditure to prevent or detect cyber security incidents. | Canadian Survey of Cyber Security and Cybercrime, 2017 |
| Only 10% of Canadian businesses impacted by cyber security incidents in 2017 reported them to a police service. | Canadian Survey of Cyber Security and Cybercrime, 2017 |
| Gartner estimates that by 2022 60% of enterprises will have comprehensive security awareness training programs | Gartner: Hire the Right Teachers for Better Security Awareness |
| Running 11 or more training courses over 4-6 months has been found to reduce phishing click-through by 65% | 2020 Webroot Threat Report |
Ransomware Cybersecurity Statistics
Ransomware StatisticSource
| Ransomware damage worldwide is expected to reach $21 billion by 2021 | Cybersecurity Ventures – Cybercrime Facts And Statistics, 2021 Report: Cyberwarfare In The C-suite |
| 90% of IT departments restrict web access to protect against malware/ransomware infections | Spiceworks.com Data snapshot: How web filtering affects workplace security and productivity |
| Global ransomware damage costs are predicted to reach $20 billion by 2021; 57X more than it was in 2015 | Arcserv – The 2020 Data Attack Surface Report |
| 25 percent of consumers across North America, the United Kingdom, France, and Germany stated that they would abandon a product or service in favor of a competitor after a single ransomware-related service disruption, failed transaction, or instance of inaccessible information | Arcserv – The 2020 Data Attack Surface Report |
| The NotPetya ransomware has caused an estimated $10 billion in damages | Wired: The Untold Story of NotPetya, the Most Devastating Cyberattack in History |
| The WannaCry ransomware has caused an estimated $4 billion in damages | CBS News: “WannaCry” ransomware attack losses could reach $4 billion |
| Cybersecurity Ventures predicts that there will be a ransomware attack on businesses every 11 seconds in 2021, up from every 40 seconds in 2016. | Cybersecurity Ventures – Cybercrime Facts And Statistics, 2021 Report: Cyberwarfare In The C-suite |
Malware and Internet Cybersecurity Statistics
Malware and Internet Security StatisticSource
| 15,224,388 new malware and potentially unwanted applications were found in January 2021 alone | AVAtlas – Malware Statistics and Trends Report |
| In 2019, 93.6% of malware observed was polymorphic, meaning it has the ability to constantly change its code to evade detection | 2020 Webroot Threat Report |
| 85% of threats hide in 1 of 4 locations: %temp%, %appdata%, %cache% and %windir%. | 2020 Webroot Threat Report |
| From 2018 to 2019 1 in 4 malicious URLs were hosted on an otherwise non-malicious site | 2020 Webroot Threat Report |
| The majority of sites that host malware are from the US (61.22%) | 2020 Webroot Threat Report |
| In 2018, 15% of phishing sites used HTTPS to trick the user into thinking the site was safe; by 2019 the percentage had risen to 27% | 2020 Webroot Threat Report |
| Systems running Windows 7 are nearly three times as likely to get infected as Windows 10 devices, with malware targeting WIndows 7 increasing by 125% from 2018 to 2019 | 2020 Webroot Threat Report |
Social Engineering and Phishing Statistics
Social Engineering and Phishing StatisticSource
| From 2018 to 2019 there was a 640% increase in phishing attempts and a 125% increase in malware targeting Windows 7 | 2020 Webroot Threat Report |
| In 2018, 15% of phishing sites used HTTPS to trick the user into thinking the site was safe; by 2019 the percentage had risen to 27% | 2020 Webroot Threat Report |
| Running 11 or more training courses over 4-6 months has been found to reduce phishing click-through by 65% | 2020 Webroot Threat Report |
| 53% of companies found over 1,000 sensitive files open to every employee. On average, 14,643 folders contained sensitive data that was accessible by every employee. | 2019 Varonis Global Data Risk Report |
| Over 64% of financial services companies have 1,000+ sensitive files open to every employee. | Varonis 2021 Data Risk Report – Financial Services |
| From 2018 to 2019 there was a 640% increase in phishing attempts | 2020 Webroot Threat Report |
| In 2018, 15% of phishing sites used HTTPS to trick the user into thinking the site was safe; by 2019 the percentage had risen to 27% | 2020 Webroot Threat Report |
| Running 11 or more training courses over 4-6 months has been found to reduce phishing click-through by 65% | 2020 Webroot Threat Report |
Security Incident Statistics
Cybersecurity Incident StatisticSource
| 86% of breaches in 2020 were financially motivated | Verizon Data Breach Investigations Report 2020 |
| 95% of cybersecurity breaches are caused by human error | Cybint – 15 Alarming Cyber Security Facts and Stats |
| 95% of breached records came from three industries in 2016: Government, retail, and technology. | Forrester: Lessons Learned From The World’s Biggest Data Breaches And Privacy Abuses, 2016 |
| In 2020 organized criminal groups were behind 55% of breaches; 30% involved internal actors | Verizon Data Breach Investigations Report 2020 |
| Almost six out of ten (57%) Canadian Internet users reported experiencing a cyber security incident in 2018. | Canadian Internet Use Survey (CIUS), 2018 |
| 21% of businesses were impacted by cyber security incidents in 2017 | Canadian Survey of Cyber Security and Cybercrime, 2017 |
| Approximately 3 in 10 organizations have seen a spike in the volume of attacks during the pandemic. | 2020 CIRA Cybersecurity Report |
The Costs of a Data Breach Statistics
Data Breach StatisticSource
| Cybercrime as a whole is expected to inflict a total of $6 trillion USD in damages globally in 2021. Estimates expect this to rise to $10.5 trillion USD annually by 2025 | Cybersecurity Ventures – Cybercrime Facts And Statistics, 2021 Report: Cyberwarfare In The C-suite |
| Global ransomware damage costs are predicted to reach $20 billion by 2021; 57x more than it was in 2015 | Arcserve – The 2020 Data Attack Surface Report |
| 59% of buyers are likely to avoid companies that suffered from a cyberattack in the past year | Arcserve – The 2020 Data Attack Surface Report |
| 25% of consumers across North America, the United Kingdom, France, and Germany stated that they would abandon a product or service in favor of a competitor after a single ransomware-related service disruption, failed transaction, or instance of inaccessible information | Arcserve – The 2020 Data Attack Surface Report |
Cybersecurity Reports & Resources
Looking for more cybersecurity statistics, data, and information? These 5 cybersecurity statistics reports provide a wealth of information so you can learn more about the global cybersecurity landscape.
1) Verizon Data Breach Investigations Report
Every year Verizon releases a new Data Breach Investigations Report with data breach statistics, security incident insights, and cybersecurity statistics from organizations of all sizes. | Learn More
2) 2018 Varonis Global Data Risk Report
The 2018 Global Data Risk Report from the Varonis data lab examined Data Risk Assessments performed by Varonis engineers throughout 2017 to gauge the prevalence and severity of exposed critical information and sensitive files, and evaluate what companies are doing (or not doing) to secure their most critical data. | Learn More
3) 2020 CIRA Cybersecurity Report
For this report the Canadian Internet Registration Authority (CIRA) contracted The Strategic Counsel to interview 500 workers with responsibility for IT security. This report was created to further the understanding of how Canadian companies approach cybersecurity. In total, 64% of businesses in the sample indicated they do business exclusively in Canada. | Learn More
4) Cisco Cybersecurity Report Series
Over the past decade, Cisco has published security and threat intelligence information for security professionals interested in the state of global cybersecurity. These comprehensive reports provide detailed accounts of threat landscapes and their effects on organizations, as well as best practices to defend against the adverse impacts of data breaches. In their most recent Cybersecurity Report Cisco explores the ins and outs of threat hunting and provides a how-to guide for creating a threat-hunting team at your organization. | Learn More
5) Accenture 2020 Cyber Threatscape Report
This latest report from Accenture Cyber Threat Intelligence aims to help their clients, partners and community members by offering cybersecurity information that allows them to stay ahead of threats relevant to their businesses, industries and geographies. | Learn More
6) CurrentWare: Keep Data Safe When Offboarding Employees
Are you concerned about the damage a terminated employee could cause with access to sensitive corporate information, account passwords, and other proprietary data? In this white paper you will learn the best practices for deprovisioning employees from your network and preventing data theft during a termination. | Learn More
Cybersecurity Statistics FAQ
Why should I not pay a ransomware demand?
Organizations that pay ransomware demands prove that they are willing to pay, increasing risks for future attacks. Furthermore, there is no guarantee that data can be recovered following payment. Although the attackers may be motivated to maintain a reputation that they will honor their end of the deal, there is no guarantee that data can be recovered after a payment.
As for reporting a ransomware attack, in the United States the FBI urges organizations to report the attack to law enforcement, such as the FBI’s Internet Crime Complaint Center (IC3).
In Canada the National Cybercrime Coordination Unit (NC3) and the Canadian Anti-Fraud Centre are working on implementing a new cybercrime and fraud reporting system for Canadians and businesses
How can I prevent ransomware attacks?
Need to prevent ransomware attacks? Follow these ransomware prevention tips from the Beazley 2020 Breach Briefing.
- Lock down RDP: Remote Desktop Protocol is regularly used as an attack vector for ransomware. You should disable RDP when it is not required and apply secure configurations when RDP is enabled, including the use of strong, unique passwords and multi-factor authentication (MFA).
- Require MFA: MFA must be enabled for internal administrative accounts and for accounts with external access to applications. This is particularly true for sensitive accounts such as email, RDP and VPNs.
- Disable PowerShell: Update PowerShell to the latest framework and disable PowerShell on workstations where possible. Where PowerShell cannot be disabled, logging and continuous monitoring of PowerShell activity is critical.
- Patch systems: Enable automatic patching for all operating systems and internet browsers. Ensure that anti-virus signatures are up-to-date so that your security software can detect known emerging threats.
- Apply web filtering: Use a web filter to block connections to malicious websites. Ransomware infections can occur through malicious websites or malicious advertisements that redirect the user to a dangerous website.
- Limit administrative rights: Admin rights should be limited to employees with IT roles. These privileged accounts must be protected with MFA and IT staff must use non-privileged accounts for day-to-day activities, limiting the use of admin accounts to an as-needed basis.
- Conduct security awareness training: Train employees on how to recognize common threats and scams. Conducting phishing exercises periodically enhances security awareness and improves employee responses to cyber attacks.
- Backup Data: Restoring from backups has been found to be significantly faster than providing a ransom payment, especially considering the risk that the attackers could maintain a backdoor into the organization’s infrastructure if the systems is not reimaged.
How many businesses are targeted by spear-phishing attacks each day?
- 62% of businesses experienced phishing and social engineering attacks in 2018 with a new organization falling victim to ransomware every 14 seconds in 2019. (PurpleSec 2020 Cyber Security Statistics: The Ultimate List Of Stats, Data & Trends)
- 88% of organizations worldwide experienced spear phishing attempts in 2019. (Proofpoint 2020 State of the Phish Report)
- 65% of groups used spear-phishing as the primary infection vector. (Symantec Internet Security Threat Report (ISTR) 2019)
- 64% of organizations have experienced a phishing attack from 2018-2019 (Check Point Research Security Report 2018)
- Targeted emails, or spear phishing, is reported by businesses to be used in 91% of successful data breaches and 95% of all enterprise networks. (PurpleSec 2020 Cyber Security Statistics: The Ultimate List Of Stats, Data & Trends)
- There has been a 600% increase in malicious emails due to the COVID-19 pandemic (U.N. disarmament chief Izumi Nakamitsu)
Phishing attacks are part of what percentage of cyberattacks?
- 22% of breaches in 2020 involved phishing (Verizon Data Breach Investigations Report 2020)
- 70% of cyber attacks in 2016 used a combination of phishing and hacking. (Verizon Data Breach Investigations Report (DBIR) 2016)
- 70% of breaches associated with a nation-state or state-affiliated actors involved phishing (Verizon Data Breach Investigations Report (DBIR) 2018)
What will the projected cost of cybercrime be in 2021?
- Ransomware damage worldwide is expected to reach $21 billion by 2021 (Cybersecurity Ventures – Cybercrime Facts And Statistics, 2021 Report: Cyberwarfare In The C-suite)
- Cybercrime as a whole is expected to inflict a total of $6 trillion USD in damages globally in 2021. Estimates expect this to rise to $10.5 trillion USD annually by 2025. (Cybersecurity Ventures – Cybercrime Facts And Statistics, 2021 Report: Cyberwarfare In The C-suite)
Conclusion
These must-know cybersecurity statistics for 2021 demonstrate significant trends in the cybersecurity landscape. Ongoing security threats such as ransomware, advanced persistent threats (APT), nation-state hacker groups, and insider threats will continue to evolve their tactics to bypass security measures and compromise critical infrastructure. Business owners and consumers alike simply cannot afford to forgo investing in critical security measures and best practices.
Free eBook:
5 Common Cybersecurity Threats
Get the FREE ebook now
Stock Illustrations from Stories by Freepik