How Can Cybersecurity Statistics Combat Cyber Threats?

cybersecurity statistics

According to Cybersecurity statistics, cyber-attacks cannot be treated lightly. They seem to constantly rise, and growing yearly with millions of new victims. These people fall into the trap of the hacker and end up losing money and personal data. There have been cybersecurity improvements to make it smarter and more difficult for an attacker to achieve their goal, but they too keep finding new ways to bypass these. We have several data breaches and cybersecurity statistics for hacking to help you understand better how widespread cybercrime is in society.

Cybersecurity Statistics Terms Explained 


According to Security Boulevard, 85% of businesses have been victims of phishing attacks at least once. This is of concern because on average, a spear-phishing attack can result in a loss of $1.6 million. 

In phishing, hackers try to get personal information from their victims. For example, a hacker may impersonate Google and send an email to a victim asking them to click on a link where they would have to log into their account. The link takes them to a fake google website and once they try to log in, the hacker steals their password. 


Malware is a general name for every software that is made to cause havoc in the hands of the attacker. Viruses, ransomware, Trojan horses are all examples of malware. In March 2020, the total number of a new malware that was detected reached 677.66 million and counting hence the need for digital security. 


Viruses are sent by an attacker to corrupt or modify data on a computer. They are so designed that they can be spread from one device to another, and so if the situation isn’t handled properly a company could lose all their data. 


Encryptions are used to make the data transfer more secure in case they are hijacked by hackers. Files are also encrypted before being stored so that even in the event of unauthorized access, the files would be impossible to read. Encryption scrambles the data and makes it look like gibberish. Only the encryption key can allow you to read the data the right way. 


Firewalls are defenses that are created to prevent malicious attacks. Some are software-based while others are hardware-based.

Trojan Horse

Every system designed has a back door that isn’t easily identifiable except by the programmer. Trojan horses however make it easy as they allow the hacker access to your computer remotely through the back door. By this, they can control your device and perform malicious acts remotely.

Trojans are of concern as they make up 51.45% of all malware


Spyware is installed on a victim’s device; phone or computer. Just as the name implies, its function is to spy on the user’s activities and submit the same to the hacker. Spyware can monitor a lot of things including activity, harvesting data on the device like account information, and also collect keystrokes.


Ransomware is a type of malware that holds your data hostage. The attacker usually encrypts your data, or sometimes prevents you from having access to your computer until a ransom is paid. If the computer under attack holds the only copy of data you need to work, then you would have no choice. That’s why it’s advisable to always back up your computer in case of such attacks.

Ransomware is a very expensive attack. In 2019 alone, the damage caused by the ransomware was over $5 billion, more than that of the previous year. This shows a rise in the cost and further stresses the need for security. 


A breach is a term used to describe a successful entry by a hacker into a system. They do this by exploiting vulnerabilities that exist in the device to steal data.

The cost of breaches due to malware is really high on companies as every 500,000 breached records attract a cost of $6.3 million. This mind-blowing cost is enough reason for companies to step up their digital security game and protect user data. 

Data Breaches Hits a New Milestone

In 2019, as many as 15.1 billion records were exposed and that is a significant increase of 284% compared to the statistics of the previous year. The number of data breaches however only grew by 1% compared to the previous year, indicating that cybersecurity measures may be becoming more effective in combating these crimes (Risk Based Security).

The cybersecurity statistics of data breaches usually skyrocket especially if the hackers put the stolen data on a platform like the dark web. They don’t immediately put it up but do so months or years after it has been stolen so it’s even more difficult for the authorities to know the source of the hack, or catch those behind the hack. So don’t be too comfy with the service you are using as it may have also been compromised and the attackers are waiting for the best time to strike.

In 2019, the biggest breach according to cybersecurity statistics affected 1.2 billion people. This large data which was allegedly mainly harvested from People Data Labs and Oxydata was found in an unsecured server. Its content included names, phone numbers, email addresses, Facebook profile information, and LinkedIn amounting to 4 billion records in total.

Apart from this, other major data leaks of the cybersecurity statistics in 2019 include:

  • Orvibo is a smart home technology company that lost 2 billion records
  • TrueDialog is an SMS texting solutions provider and they lost over 1 billion records of customer data
  • First American Financial Corporation is a financial services company and they lost 885 million records
  • “Collection #1” lost 773 million records (HIBP) but the source of the breach hasn’t been identified

A decade ago, this vast number of breaches was insignificant as only 986 breaches were reported, and only 103 million records were exposed. With cybersecurity statistics showing tremendous growth in data breaches, experts believe that cybercrime expenses worldwide will be more than $6 trillion yearly from 2021.

The Cost of a Data Breach

On average, the cost of a data breach is $3.86 million according to the recent cybersecurity statistics but it depends on the country as it varies in different countries. US companies have much more expenses as it can go up to $8.64 million (IBM). However, it all depends on the scale of the hack and the company’s size.

The personal details of about 500,000 British Airways customers were exposed in 2018, and this included data like names, credit card numbers, expiration dates, CCV, codes, and email addresses. Since British Airways failed to comply with GDPR (General Data Protection Regulation) to secure customer data, British Airways were fined to the tune of £183 million. They are still appealing the fine in court and expect that it gets reduced to £22 million.

According to IBM, it takes an average of 280 days to identify a breach and to contain it. Companies that could detect a data breach in less than 200 days spent less than $1.1 million on average to recover showing that time is of the essence in hacking situations. The consequences of data breaches can continue to haunt a company for years after the incident as only 61% of the cost shows up in the first year after the incident. 24% comes up in the next year, and 15% comes up two years later. Apart from the price implication, there is also a bad reputation and loss of customers leading to loss of revenue that the company may suffer.

Developed Countries and Cyberattacks

Developed countries stand at a higher risk of cybercrime and this is not at all because of their poor digital security. Countries like Denmark, Sweden, or Norway have high incomes, widespread smartphones, constant commuting, and a high rate of shopping from eCommerce websites and all of these are what make these countries particularly appealing to cybercriminals.

India on the other hand is considered the least likely to get a cyberattack because of its low usage of the internet. Only 1 out of 3 Indians use the internet but the 1 that uses is at higher risk of getting hacked than some developed countries because of their very active online activities.

A rough estimate shows that 20% of the world’s population has fallen victim to cybercrime at one point in time.

The Rise of Cybercrimes During COVID-19 in Cybersecurity Statistics

During the rise of the COVID-19 pandemic which had the whole world united to fight the deadly virus, cybercriminals saw it as an opportunity to launch strikes. It was even easier with a lot of remote workers due to the pandemic.

Cybercrimes increased by 400% in March 2020 in comparison to previous months, and this cybersecurity statistic showed that COVID-19 led to one of the biggest threats to cybersecurity ever. The attacks came in different forms like phishing, email compromise, malicious links, ransomware, malware, and fake landing pages (Reedsmith).

Google announced in April that the number of phishing emails and malware that they were blocking daily during the COVID-19 pandemic was at 18 million. The scams included an impersonation of government and health organizations like WHO. Even though 99% of the emails were blocked and never reached their target, many people still fell for it.

Zoom saw a rise in new users due to the rise in remote work, but they were under criticism for having weak security. About 530,000 Zoom accounts were discovered as up for sale on the dark web and they had usernames, passwords, host keys, email addresses, and personal meeting web addresses.

Of the 1.2 million analyzed hostnames in March and April, it was found that 86,600 were malicious or at high risk. (Palo Alto’s Unit 42). The US was at the top of that list, followed by Italy, Germany, and Russia. Hackers are familiar with the opportunities that come with a crisis and never fail to exploit it.

Ransomware Statistic

According to one report of cybersecurity statistics, 1 out of 4 organizations have paid a ransom to have their data unencrypted and most got their data back. In some cases, however, the hacker would refuse to unlock the data even after the ransom has been paid. (Sophos).

Compliance with paying for ransomware to be removed also varies with the country. India has a significant level of compliance as 66% of organizations comply, while only 4% of organizations in Spain comply. Worldwide, 56% of companies get their seized data back through the backups they had done and it points to the need to always be prepared for the worst that could happen at every point.

The following are ransomware attack techniques:

  • An email or a downloaded file with a malicious link – 29%
  • Remote attack on the company’s server – 21%
  • Emails containing malicious attachment – 16%
  • Remote Desktop Protocol (RDP) – 9%
  • Misconfigured public cloud
  • Through a supplier working with an organization – 9%
  • Through a USB or any other removable media device – 7%

Windows users have the highest rate of ransomware attacks at 87% according to the cybersecurity statistics, while macOS only has 7% of such attacks. The WannaCry ransomware attack is one of the most notorious and it infected 200,000 windows OS computers in 150 countries. Each user was asked to pay $300 – $600 in bitcoin to get their data back. National Health Service hospitals in England and Scotland got the hardest hits with 70,000 of their computers affected. WannaCry is still active and running to date.

How Much a Ransomware Attack Costs

The Baltimore city government was hit by a ransomware attack in 2019 and was asked to pay $76,000 in bitcoin to get their data back. This attack crippled public services and the estimated cost of recovery was around $18 million.

FedEx suffered even more in 2017 when they were hit by NotPetya ransomware. It put a hold on the company’s operations and they lost $300 million.

Facts About Ransomware

    • In 2019, there were 188 million ransomware attacks 
    • In 2020 the first ransomware related death in a hospital in Germany was recorded
    • NotPetya ransomware costs about $10 billion
    • WannaCry ransomware caused a cancellation of 19,000 appointments in a week in the UK’s National Health Service

Phishing Statistics

According to a report by Verizon, 88% of organizations worldwide had their share of phishing attacks in 2019 with the healthcare and manufacturing industries at the highest risk. Phishing attacks are however not for corporate bodies only as they also target individuals. The tendency for someone to click on a malicious link increases with the number of emails that are sent.

Some brands are more frequently impersonated than others and they include:

  • Apple
  • Yahoo
  • Netflix
  • PayPal
  • WhatsApp
  • Amazon
  • Microsoft
  • Chase
  • Facebook
  • eBay

These brands are mostly used because an email from such companies asking for a change of password or renewal of credit card details hardly raises any suspicions and hackers capitalize on it. Due to the COVID-19 pandemic, hackers favored Zoom mostly and impersonated the brand a lot.

Some hackers prefer to be specific in their attacks and they get personal. 65% of hackers went with spear-phishing which means they did good research on their target before launching the attack. The research could include data gotten from data breaches, social media, or anything they can find online on the target.

Many internet users see phishing attacks as something they can’t fall for but studies have discredited this. 38% of internet users without cyber awareness training could fall for phishing attempts as they fail phishing tests.

Cost of A Phishing Attack

According to this report from the FBI, there were over 166,0000 phishing incidents between June 2016 and July 2019. A total of $26 billion was lost worldwide by victims of the attacks and US citizens had a larger share with $10 billion in losses from 69,000 victims. It is estimated that a new phishing site is launched after every 20 seconds.

Tech giants can also fall victim to phishing attacks. Between the years 2013 and 2015, google and Facebook lost over $100 million to scammers. The hackers impersonated a Taiwanese company, created fake email accounts, and sent invoices with those accounts to Google and Facebook’s employees. It may seem easy to detect this now, but nobody noticed anything malicious at that time as they made money transfers to the scammer.

Facts About Phishing

Malware Statistics

You get 94% of malware via email. macOS had been thought to be malware resistant for many years but with hackers growing with the trend, things are changing. With Apple devices being more popular and having more users, the malware cases on macOS have seen a significant increase of 400% in the last years. Windows however still has the largest of malware reported cases at 84%.

IoT devices have also been growing in popularity and hackers are shifting their focus here. The cybersecurity statistics for computer crime shows 25 million IoT malware attacks in the year 2019 and 75% targeted at routers. According to experts, 75 million IoT devices would be in operation around the world at the end of 2025 and it will attract hackers further.

The following are the most hit countries with malware attacks:

  • The US
  • China
  • United Kingdom
  • Canada
  • India

You can use the ILOVEYOU virus to get a good understanding of how quickly malware can spread. This virus was widely spread in 2000, sending itself to everyone in the email list of the targeted victim, overwriting files, and causing system crashes. According to some estimates, about 10% of the computers in the world were affected by this virus including those at the Pentagon, CIA, the British Parliament, and large corporate bodies.

Not all apps on the app store or play store have good intentions as malicious apps can conceal their true purpose and make it to the app store. In march 2020, 56 malicious apps were found on google play with a download number of 1.7 million. The apps were masking as calculators, translation apps, recipe apps, and racing games.

The cybersecurity statistics are in millions are as follows:

  • 2009 – 12.4
  • 2010 – 29.97
  • 2011 – 48.17
  • 2012 – 82.62
  • 2013 – 165.81
  • 2014 – 308.96
  • 2015 – 452.93
  • 2016 – 580.40
  • 2017 – 702.06
  • 2018 – 812.67

The Cost of Malware Attacks

On average, the cost of a malware attack on a company is $2.6 million, making it the most expensive of all cybercrimes. The cost involves the following:

  • Loss of information
  • Revenue loss
  • Business disruption
  • Equipment damage

Facts About Malware

DDoS Attacks

A DDoS attack happens when an attacker clogs your network or device with traffic. This way services slow down or even crash to satisfy their needs. According to experts, DDoS attacks would double from 7.9 million to 15.4 million between 2018 and 2023.

A DDoS attack can be responsible for up to ¼ of the internet traffic in a country.

Some industries that are mostly targeted by DDoS attacks include:

  • Games – 35.9%
  • Gambling – 31.3%
  • Computers and the internet – 26.5%
  • Business – 3.4%
  • Finance – 3%

In 2015, a British hacker caused a loss of the internet in Liberia after launching a DDoS attack. The attacker was working for Cellcom, a telecom operator in Liberia, and was about to attack the competition; Lonestar. Lonestar lost a lot of money as a result of the attack.

The Cost of A DDoS Attack

DDoS attacks could be as expensive as $120,000 for small companies, and as high as $2 million for larger companies. You can buy the DDoS attacks on the dark web for as little as $150.

DDoS Facts

  • The longest recorded DDoS attack lasted for 13 days and caused 292,000 requests per second at its peak. In normal circumstances, DDoS attacks last for 15 minutes tops.
  • 2/3 of the total DDoS attacks are from China
  • Many big companies have suffered from DDoS attacks including GitHub, BBC, JP Morgan Chase, Dyn, and Bank of America
  • Some businesses (12%) who have suffered from DDoS attacks believe their rivals launched the attack against them
  • Every day, 2000 DDoS attacks register

How to Protect Yourself from Cyber Attacks

  • Use a VPN

A VPN hides your real IP address and sends out requests via another IP service so that you are anonymous. It also encrypts your data and traffic so you will remain safe from the eyes of hackers, your ISP, and other third parties. With the constant rise of cyberattacks, you need to use a premium VPN service that is easy to use and also provides you with the best security to protect yourself. LimeVPN is such a service that keeps you both anonymous and secure.

  • Use strong passwords and change them regularly. 

Your passwords should be a combination of special symbols and numbers, with letters of both upper and lower cases. Use a password manager to store all passwords if the risk of forgetting them is what would make you use a less secure password. Also, use different passwords for different accounts, and don’t store them on your device.

  • Update your software when it releases. 

Each software has a loophole through which hackers exploit to gain access to your device. Just as they are constantly looking for such loopholes, every software update fixes bugs and closes those vulnerabilities that existed making the new software more secure than the previous.

  • Don’t click on suspicious links. 

If you visit a website or receive an email that isn’t trustworthy, then it probably is malicious. Leave such websites immediately, and don’t click on anything.

  • Always back up your files. 

This way you will still have access to your files even if ransomware locks you out of your files. It will save you from spending a lot of money.

  • Install antivirus software and always scan for malware.


According to cybersecurity statistics, there is a constant rise in cyber-attacks making it necessary to protect your files and devices. There are different types of cyberattacks and the right tools can prevent them with online activities. The use of a VPN will protect your data and your traffic will be under heavy encryption. It also keeps you anonymous as it changes your IP address. Not every VPN can protect you adequately, so only choose the best; go for LimeVPN.