Published by Sam Cook on November 9, 2017 in VPN

cybercrime statistics

The cybercrime statistics don’t lie: 2016 and 2017 were pivotal years in cybersecurity, marking both rapid growth in mischievous and harmful online criminality, as well as increasingly rapid responses to digital crime. Most notably, ransomware has taken center stage, stealing the limelight from most other forms of malware.

Meanwhile, although data breaches are becoming less an aberration and more the norm, a general malaise among both consumers and some of the world’s largest businesses (more specifically, the twice-troubled Equifax), casts a worrisome eye on the overall security of private user data. (Symantec summed the point up rather poignantly: “Hackers Hone their Skills While Consumers Remain Complacent,” the company wrote in a November 2016 press release.)

However, not all increases in cybercrime have been relegated to attacks on businesses and average consumers. Cyberactivism has also been on the rise, most notably through cases like the Panama Papers in 2015 and most recently, the Paradise Papers release. Both leaks reveal private data on methods the world’s ultra-wealthy are using to house money in offshore locations, presumably to avoid taxes in their home countries.

From data loss to government cybersecurity spending, we’ve researched some of the most head-turning and noteworthy cybercrime stats for 2016 and 2017. Below, you’ll find a categorized list that reveals why these are growing areas of concern for cybersecurity professionals and internet users alike.

Cyber crime statistics: The big picture

One thing the previous few years have taught us that cybercrime is one issue that should not be ignored. The following “big picture” stats should help put the growing threat of cybercrime into perspective:

  • Globally, cybercrime was the 2nd most reported crime in 2016. (Source: PWC)
  • In proportion to the total number of crimes, cybercrime now accounts for more than 50% of all crimes in the UK. (Source: National Crime Agency)
  • An attacker resides within a network for an average 146 days before detection. (Source: Microsoft)
  • Between April and June 2017, over 11,800 people reported incidents of cybercrime to the Australian Cybercrime Online Reporting Network. (Source: ACORN)
  • A University of Maryland study found that hackers are attacking computers and networks at a “near-constant rate”, with an average of one attack every 39 seconds. (Source: University of Maryland)
  • Most network intrusions—63 percent—are the result of compromised user passwords and usernames.  (Source: Microsoft)
  • In their 2017 Annual Cybersecurity Report, Cisco found that globally, 8 percent of malicious email attachments were docm files (a type of Microsoft Word XML file that executes macros). (Source: Cisco)
  • 18 million new malware samples were captured in In Q3 2016. (Source: Panda Security)
  • According to Gartner, by 2020, 25 percent of cyber attacks against enterprises will involve IoT devices. (Source: Gartner)
  • At 91.6 percent, “Theft of Data” continues to be the chief cause of data breaches in 2016 counting total by identities stolen. “Phishing, Spoofing, and Social Engineering” were a distant second at 6.4 percent. (Source: Symantec)
  • The U.S. had the most data breaches of any other country, by a large margin. There were 1013 data breaches in the U.S. in 2016. By comparison, second place U.K. had just 38 breaches. (Source: Symantec)
  • The number of ransomware families increased from 30 in 2015 to 98 in 2016, revealing the distinct focus by cyber criminals on using ransomware to extort money from businesses and individuals. (Source: Symantec)
  • The average ransomware demand also increased significantly, from $294 in 2015 to $1,077 in 2016. (Source: Symantec)
  • Mobile platforms are one of the fastest-growing targets for cyber criminals. Symantec identified 18.4 million malware detections in 2016, a 105 percent increase of 2015. (Source: Symantec)

Cybercrime directly impacting consumers

One of the more troubling trends we found for 2016 and 2017 is the impact on consumers. The stark increase in data breaches results in an unprecedented amount of compromised personal information. As more consumers become exposed to data-hungry criminals, it’s increasingly apparent that personal protections against data theft are more important than ever.

  • Surprisingly, 76 percent of consumers in 21 countries acknowledge the importance of keeping their account information secure, yet many still share their passwords, among other risky behaviors with their data. A further 35 percent allow at least one device to go unprotected and vulnerable to all forms of viruses and malware. (Source: Symantec)
  • A vast majority of U.S. consumers (80 percent) now have a home internet network. One in ten has also experienced a cyber attack through their home networks. (Source: Hartford Steam Boiler)
  • Trend Micro discovered that during a 6-month period, more than 1.8 million cyber attacks were conducted through home network routers in several countries, including the U.S., Canada, the U.K, and China, often for the purpose of Bitcoin mining. (Source: Trend Micro)
  • Most smart home attacks occur in the U.S., China, and the U.K. (Source: Trend Micro)
  • In 2016, the majority of credit fraud reported in Australia and New Zealand to the Veda Shared Fraud Database (an Equifax company)—45 percent—came from fraudulent credit applications. (Source: Veda)
  • 2015-2016 saw identity takeover become the fastest-growing type of fraud in Australia and New Zealand, with up to 80% of reported cases of fraud falling into this category. (Source: Veda)
  • In Australia, as of 2016, 57 percent of credit application fraud now occurs online. (Source: Veda)
  • 53 percent of Millennials in the UAE experienced at least one incident of cybercrime in 2015. A further 2.53 million consumers in the country fell victim to online criminals. (Source: Arabian Business)
  • In the U.S., consumers who fell victim to cybercriminals in 2015 spent an average of 21 hours dealing the consequences, for a cost of around $358 per person. (Source: Symantec)
  • 72 percent of people globally believe that connected home devices offer hackers new ways to steal data. (Source: Symantec)
  • 41 percent of people globally cannot properly identify a phishing email and often guess as to an email’s legitimacy. (Source: Symantec)
  • Cyberbullying is a primary concern in the U.S., where 64 percent of parents believe their children are more likely to experience bullying. By comparison, only 31 percent of parents in Germany share this concern. (Source: Symantec)
  • The Netherlands had the lowest cybercrime rate in 2015 at just 14 percent of the population. Indonesia had the highest in the world, with 59 percent of the population. (Source: Symantec)
  • The 2016 Norton Cybersecurity Insights Report found that the U.S. is the most susceptible developed country for cyber attacks. Around 39 percent of U.S. residents were victims of cybercrime, compared to 31 percent globally. (Source: Symantec)
  • In the past year, Nearly 700 million people in 21 countries experienced some form of cybercrime. (Source: Symantec)
  • Verizon reports that 30 percent of phishing emails in the U.S. are opened, with 12 percent of those targeted by these emails clicking on the infected links or attachments. (Source: Verizon)

The increasing cost of cyber crime

The Edward Snowdens and Panama Papers John Does are unfortunately rare examples of cybercriminals. Most cybercriminals aren’t stealing data and leaking secrets for the sake of justice. Instead, most are out for personal gain, typically stealing money directly from consumers and businesses, or selling that data on the Dark Web. Regardless of their motivation, however, responding and stemming the tide of cybercrime is a massively costly endeavor.

  • $500 billion: Microsoft’s estimate for the total potential cost of cybercrime to the global community. (Source: Microsoft)
  • $14 billion: The amount the U.S. government spent in 2017 on cybersecurity. The government intends to spend 19 million in 2017. (Source: CIO)
  • $2.1 trillion: The total global annual cost of all data breaches by 2019, as suggested by Juniper Research. (Source: Juniper Research)
  • $3.8 million: The average cost of a data breach to a business. (Source: Microsoft)
  • $158 billion: The collective amount of money consumers lost globally in 2015 due to cybercrime.  The U.S. accounts for $30 billion of that loss. (Source: Symantec)
  • $16 billion: The Javelin Strategy & Research 2017 Fraud Report discovered that 15.4 million U.S. consumers (17.5 percent increase) lost $16 billion to identity fraud in 2016. This marked a rise from 2015, when 13.1 million victims lost $15.3 billion. (Source: Javelin Strategy & Research)
  • $50 million: The total cost of cybercrime across 237 major companies in 6 countries. (Source: Micro Focus)

Businesses increasingly on the receiving end of hacks and breaches

Internationally, businesses are intimately familiar with the need for data protection. Yet 2017 has taught us that even some of the largest businesses holding some of the most sensitive consumer data are still vulnerable—and at times, poorly secured. Around the world, hackers increasingly targeted businesses and governments. Small businesses and even hospitals learned the hard way that enterprise businesses are not the only ones who need to be concerned.

  • 32 percent of U.S. organizations were victims of cybercrime in 2016, with 34 percent expecting to become victims in the next two years. (Source: PWC)
  • In 2016, adware affected around 75 percent of organizations in 13 countries. (Source: Cisco)
  • According to Gartner, by the end of 2017 more than half of all network attacks targeting enterprises globally will bypass network controls by using encrypted traffic. Gartner believes that by 2017, more than 50% of the network attacks targeting enterprises will use encrypted traffic to bypass controls. (Source: Gartner)
  • Gartner revealed that 35 percent of respondents in a global survey were targeted by an SSL or TLS-based attack. (Source: Gartner)
  • A 2016 Vanson Bourne survey of companies in the U.K., France, Germany, and the U.S. indicates that a shocking 90% of CIOs have been attacked or expect to be attacked by hackers hiding behind encryption methods. (Source: Vanson Bourne)
  • 43 percent of cyber attacks against businesses worldwide target small companies. (Source: Symantec)
  • Data breaches are increasingly impacting stock prices, including a nearly half-percent decrease in company shares following a data breach. (Source: Comparitech)
  • Although Finance, Insurance, and Real Estate have the highest email malware rate (ever 1 in 182 emails), Construction was a close second with malware in 1 in every 179 emails. (Source: Symantec)
  • The phishing rate against businesses has been going down for the past few years, from 1 in 965 emails in 2014 to 1 in 2596 in 2016. (Source: Symantec)

Ransomware likely to take center stage again in 2018

2017 welcomed major ransomware attacks into the world. Even as the dust settles on the Bad Rabbit ransomware attack, it’s likely that new and more sophisticated threats will emerge in the year to come.

Leave a Reply

Your email address will not be published. Required fields are marked *