Skip to main content

7 Cyber Attacks Statistics That Reveal Trends and Threats

  1. Phishing/vishing/smishing tops the list of common types of cyber crimes
  2. Ransomware has become a serious threat
  3. Government is the industry most affected by ransomware
  4. Phishing emails are the most common type of ransomware attack
  5. Google and Amazon are the most impersonated brands
  6. Billions of dollars are lost to internet crime
  7. Carefully choosing passwords can provide protection

1. Phishing/vishing/smishing tops the list of common types of cyber crimes

Myriad cyber crimes are committed daily. They include phishing/vishing/smishing, non-payment/non-delivery, extortion, personal data breach, identity theft, spoofing, misrepresentation, and confidence/romance fraud.

Out of all of these threats, phishing/vishing/smishing were the most pervasive in 2020, when a whopping 241,342 Americans were affected by these scams.

The Most Common Types of Cyber Crime

Number of Americans who fell victim to the following types of internet crime in 2020

2. Ransomware has become a serious threat

Since 2018, each year has seen an increase in the number of businesses that were victims of ransomware. And 2021 saw the highest percentage of companies suffering this type of attack.

While 55.1% of businesses were affected by ransomware in 2018, 68.5% became victims of this type of cyber crime in 2021.

3. Government entities are the most affected by ransomware

Ransomware has become one of the biggest malware threats, affecting a variety of industries.

Government entities are at the top of the list of industries impacted by ransomware. When it comes to the number of publicised attacks worldwide in 2021, the public sector experienced 47 ransomware attacks. Education, healthcare, services, technology, manufacturing, retail, and finance were also affected.

The Sectors Most Affected by Ransomware

Number of publicised ransomware attacks wordwide by sector in 2021*

4. Phishing emails are the most common type of ransomware attack

There are various types of ransomware attacks, such as phishing emails, poor user practices, lack of cybersecurity training, weak passwords or bad access management, open RDP access, clickbait, malicious websites, and lost/stolen user credentials.

In 2020, a survey found that phishing emails were the most common type of ransomware attack (54%), followed by poor user practices/gullibility (27%) and lack of cybersecurity training (26%).

Phishing the Most Common Cause of Ransom Attacks

Leading causes of ransomware attacks reported by managed service providers in 2020

5. Google and Amazon are the most impersonated brands

Scammers try to trick people by sending emails in which they impersonate well-known brands. These phishing emails appear legitimate but they are used to steal personal information.

Some businesses have been impersonated more than others. In 2020, Google and Amazon were the top two most impersonated brands, followed by WhatsApp, Facebook, and Microsoft.

The Most Impersonated Brands in Phishing Scams

% of brand phishing attempts imitating the following brands in Q2 2020

6. Billions of dollars are lost to internet crime

2020 saw a rise in financial losses as a result of cyber crime. In addition to the usual threats, the COVID-19 pandemic gave scammers new opportunities to trick people into giving away their personal information or money.

In 2020 alone, Americans suffered $4.2 billion in losses as a result of internet crime. Compare that to the losses of 2019, which totaled $3.5 billion. And back in 2012, the amount was $525.4 million.

Americans Are Losing Billions Due To Internet Crime

Financial losses suffered by victimes of internet crimes reported to the FBI

7.Carefully choosing passwords can provide protection

Coming up with a hard-to-crack password might be a bit annoying, but it is worth the effort. The simple act of adding uppercase letters, numbers, and symbols can make it harder for computers to crack a password and let hackers steal your data.

A password containing eight lowercase letters could be cracked instantly, and the same is true of a password containing six characters that include at least one uppercase letter plus a number and a symbol. The hardest type of password to crack would be one containing 12 characters with at least one uppercase letter and a number and a symbol—it would take a computer 34,000 years to figure it out.

How Safe Is Your Password?

Time it would take a computer to crack a password with the following parameters

Lowercase letters only At least one uppercase letter At least one uppercase letter + number At least one uppercase letter + number + symbol
1 Instantly Instantly Not Applicable Not Applicable
2 Instantly Instantly Instantly Not Applicable
3 Instantly Instantly Instantly Instantly
4 Instantly Instantly Instantly Instantly
5 Instantly Instantly Instantly Instantly
6 Instantly Instantly Instantly Instantly
7 Instantly Instantly 1 min 6 min
8 Instantly 22 mins 1 hr 8 hrs
9 2 mins 19 hrs 3 days 3 wks
10 1 hr 1 mth 7 mths 5 yrs
11 1 day 5 yrs 41 yrs 400 yrs
12 3 wks 300 yrs 2,000 yrs 34,000 yrs

Source: Security.org

Take Action to Protect Your Business from Cyber Attacks

Understanding the threat of cyber attacks, and being aware of how common they have become, can be unnerving to any business owner. But the good news is there are ways to combat these threats and reduce your odds of becoming a victim of cyber criminals.

By taking some preventive steps, you can work towards securing every department within your organisation, whilst helping to keep your remote workers’ data as secure as possible.

Here are a few of the strategies and tools you can implement with surprising ease to enjoy greater peace of mind and data security:

Disaster recovery vs. backup

Backup and recovery are two different things, but they are equally important. Having a secure way to create copies and back up your data can help ensure you’ll be able to access it quickly and easily whenever necessary.

On the other hand, disaster recovery is the method you’ll use to restore your data in a way that minimises downtime and losses.

Train your staff

Show your staff how to create and maintain strong passwords, as well as how to identify cyber threats like phishing attacks.

Whether they are using your office computers or working remotely, this knowledge can help prevent data breaches.

Secure your devices and network

Utilise a private Wi-Fi connection and firewall, along with security software to detect and eliminate threats.

Also, consider using a VPN for additional security, and keep all devices up-to-date.

Bottom line: there is a lot of work that needs to be done to protect a business from cyber attacks, but with the right strategy, exposure to cyber attacks can be drastically reduced.