More than 70 cybercrime statistics – Soon to be a $6 trillion problem

Cyber crime statistics - Featured image

Gathering precise and reliable statistics about cybercrime is difficult. Assessing the true number of cybercrime victims, for example, is next to impossible. Most of the information comes from two types of sources, both of which are unreliable and biased.

  • Government reports from agencies like the FBI’s Internet Crime Complaint Center. The samples gathered here are highly unrepresentative – they include only self-reported cases of cybercrime. Self-reported to a government agency, mind you.
  • Cybersecurity company reports, which provide information only about people who already have the cyber hygiene to purchase a computer safety product.

Donna Gregory, the unit chief at the FBI’s IC3, said in an interview with Time magazine that only 10 to 12% of cybercrime victims reach out for help. The vast majority of crimes go unreported. Again, how she came up with that percentage is a mystery for us regular folk.

Even a comprehensive hacking definition is almost impossible to come by because of the variety in types of attacks. Still, we need numbers to orient ourselves in this highly volatile field. Below you will find a roundup of facts, figures, and percentages gathered from many sources.

Together, these statistics on cyber crime form a mosaic of the internet’s seedy underbelly.

Key cybercrime statistics

  • $6 trillion – the damage that cybercrime will cause in 2021.
  • The vast majority (74%) of botnet attacks target the financial sector.
  • 33 billion accounts will be breached in 2023.
  • Companies from the United States are by far the most targeted by phishing attacks – they account for 84% of phishing volume.
  • The number of ransomware attacks increased 350% in 2018.
  • 97.2% of malware that was blocked in 2018 was targeted at PCs and laptops running Microsoft Windows.
  • Threats become more frequent in 68% of cases when the sextortion victim complies with demands.
  • 59% of Americans report they have experienced cyber crime or in some way fallen into the hands of a computer hacker.
  • 70% of small businesses are completely unprepared for a cyber attack.
  • 88% of professional hackers can infiltrate an organization within 12 hours.

Money in the world of cyber crime

1. One dollar – the price of a malware installation kit on the dark web marketplace.

(Fortune)

Looking for a nefarious way to exact revenge on someone? Venture into the shady part of the web, where internet criminals commit internet crimes. Hacker tools are real bargains, says former FBI consultant Andrei Barysevich. People with malintent no longer even need coding skills to mount a cyber attack.

For as little as a dollar, you can get the tools to install a malware application on your victim’s PC. You get someone’s date of birth and social security number for $3. For $25, you can get a digital copy of a fake driver’s licence or passport.

If these tools are available for such a low price to everyday folk – imagine the arsenal real hackers have at their disposal.


2. $6 trillion – the damage that cybercrime will cause in 2021.

(CyberSecurity Ventures)

The profitability of cyber crimes will surpass all of the drug markets combined.

The damage will be much more severe than damage caused by natural disasters, claims Forbes. It looks as if hackers may cause our downfall sooner than the polar ice caps.


3. Cybercrime earns cybercriminals $1.5 trillion every year.

(Bromium)

According to University of Surrey (UK) senior lecturer Michael McGuire, these are conservative estimates on just how lucrative the main branches of cybercrime are:

Type of CybercrimeAnnual profit
Illicit, illegal online markets$860 billion
Trade secret & IP theft$500 billion
Data trading$160 billion
Crimeware, cybercrime-as-a-service$1.6 billion
Ransomware$1 billion

4. By 2021, 70% of cryptocurrency transactions will be used for illegal activity.

(CyberSecurity Ventures)

Cryptocurrency transactions are anonymous, which makes them a perfect way to support criminal activity. According to a 2018 study published by the University of Sydney (Australia), unlawful Bitcoin transactions are on par with the US and European illegal drug markets – $75 billion per year.

Crypto eliminates dirty money’s paper trail. It’s no wonder it is the main currency demanded by ransomware hackers.


5. The average account takeover costs a consumer $290 in fees and takes 15 hours to resolve.

(Javelin Strategy & Research)

Account takeover fraud occurs when a criminal gains unauthorized access to a victim’s bank account online. This is also called No Card Present fraud, because it happens in situations where the consumer does not have to physically give the card to the merchant – for example, ordering goods online or over the phone.

The best way to protect yourself from this kind of attack is to enable two-factor authentication wherever you can.


6. Attacks on cryptocurrency exchanges did over $1 billion in damage in 2018.

(Chainalysis)

To be fair, cryptocurrency is not all ransom money and drug payoffs. It is, however, still a highly volatile asset wrought with security and privacy issues.


7. $530 million worth of NEM coins were stolen from a hot e-wallet in 2018.

(Chainalysis)

A hot wallet is a cryptocurrency stash that is connected to the internet.


8. An estimated $1.745 trillion is lost to cyber crime in the Asia Pacific region each year.

(Frost & Sullivan, Microsoft)

The annual GDP for this region is $24 trillion, which means that nearly 7.3% of the overall economy winds up in the hands of cyber criminals. Lapses in cyber security have resulted in job losses in 67% of Asia Pacific corporations with more than 500 employees.

A cyber attack on a company in the Asia Pacific region occurs once every six minutes. A large organization can lose $30 million to cybercrime annually, 300 times more than the customary take at a mid-sized company ($96,000).


9. By 2027, companies around the world will be spending $10 billion per year on employee cybersecurity training.

(Herjavec Group)

This is up from just $1 billion in 2014.


10. Attacks on the banking industry cost the most on average – $18.37 million per incident.

(Accenture)

Hackers know where the money is. The average cost of an attack in the banking industry in 2018 has increased by 11% compared to the previous year. The second most popular target? Utilities companies, which sustain an average cost of $17.84 million per attack – 16% more than in 2017, cyber crime increase statistics show.


11.Business disruptions caused by cybercrime attacks in 2018 cost large US companies $4 million on average.

(Accenture)

While the information loss is the most damaging – averaging $5.8 million per incident in 2018 – large companies also suffer from the disruption in workflow caused by cyber attacks. Damage control, security upgrades, and lost business are opportunity costs that businesses endure after cyber attacks.


12. Cyber crime statistics by country – average cost of cyber crime in 2018 across the globe:

(Accenture)

CountryAverage cybercrime cost (in millions of dollars)Increase from 2017
United States23.729%
Japan13.530%
Germany13.118%
United Kingdom11.431%
France9.723%
Singapore9.3n/a
Canada9.2n/a
Spain8.1n/a
Italy819%
Brazil7.2n/a
Australia6.826%

13. American citizens lost an estimated $11.3 billion to computer security breaches in 2018, according to cyber crime statistics compiled by the Harris Poll.

(Harris Poll)

Ransomware attackers demand a payment for decrypting files. But that accounts for just a fraction of the costs of cyber crime. In the case of cyber security, it’s much better to be safe than sorry and invest in measures before something irreversible happens.


14. In March 2018, Iranian computer hackers stole $3.4 billion worth of data from US Universities.

(National Counterintelligence and Security Center)

The Iranian firm Mabna Institute, by order of the Iranian government, executed an attack on more than 144 US universities and 36 businesses, stealing valuable data from each.

The motive was simple – national technological advancement.


15. The dark web trading post Silk Road saw $1.2 billion in revenue from 2011 to 2013.

(Congressional Research Service)

The web plain folk use is just the tip of the iceberg. Beneath that tip, there lies a vast beyond of intentionally covert internet locations known collectively as the dark web.

Anonymity is king in this domain. It is used by computer hackers and governments alike for covert messaging and deal-making. Estimated to be 4,000 to 5,000 times larger than the World Wide Web we all use, the dark web is used to facilitate illegal activity.

Silk Road, a site where you could find everything from marijuana to contract killers, was shut down in 2013 by the FBI. Its founder, Ross William Ulbricht, was sentenced to life in prison in 2015 after an extensive cyber crime investigation.


Botnet statistics

Botnet definition – A botnet is a network of infected computers being used remotely for illicit purposes, often without the owner knowing.

16. The United States has the biggest number of botnet servers in the world – 2,272.

(The Spamhaus Project)

Infected computers can be used for many purposes, including DDoS attacks, sending out spam email campaigns, and mining cryptocurrencies. Stealing confidential information is the most frequent motive behind this type of cyber crime.

The computer managing the network is called a “botnet command and control” server, commonly abbreviated as “botnet C&C server.” A DDoS attack is a highly effective form of worldwide cyber attack.

The United States has the most currently identified botnet servers, followed by Russia (1,939) and the Netherlands (1,080).

CompanyAccounts HackedDate of Hack
Yahoo3 billionAug. 2013
Marriott500 million2014-2018
Yahoo500 millionAug. 2013
Adult FriendFinder412 millionOct. 2016
MySpace360 millionMay 2016
Under Armour150 millionFeb. 2018
Equifax145.5 millionJuly 2017
EBay145 millionMay 2014
Target110 millionNov. 2013
Heartland Payment Systems100+ millionMay 2008

17. There were 103,503 domains registered solely for hosting botnet C&Cs in 2018, a 100% increase compared to 2017.

(Spamhaus)

Hackers create dedicated domains to host their botnet servers for convenience – if their hosting provider shuts off their operation, they migrate to a new one quicker.

The most abused top level domain in recent cyber attacks is is .pw, which belongs to the nation of Palau, with about 13,400 botnet servers registered to it.


18. The vast majority (74%) of botnet attacks target the financial sector.

(Kaspersky)

Since data collection is the primary objective for botnet operators, online banking providers and e-commerce sites are prime targets. These platforms bring the most valuable yield – payment information.

The prevalence of attacks against financial services is apparent. Other common targets include social networks, email services, and search engines, statistics of cybercrime show.


Data breach statistics

Data breach definition – In common usage, the term “data breach” refers to leaks of sensitive information caused by lackluster cyber defenses. It’s usually reserved for companies leaking their clients’ information through inadequate security measures.


19. 33 billion accounts will be breached in 2023.

(Juniper)

Juniper research, with the help of top cybersecurity companies, has determined that by 2023, half of the world’s breached records will be from US citizens.


20. The top 10 data breaches in history, ranked by the number of accounts hacked.

(Quartz)

On a long enough time frame, giving big companies personal information is guaranteed to come back and bite you. These are just cyber crime facts.

Data breaches are frequent in big corporations. A large company means a big employee base – and each human is a chink in the company’s armor. Hackers can get access to an enormous wealth of valuable information with relative ease.

Here’s a list of the top 10 security breaches in the last 10 years, rated by the number of individual accounts that were compromised.

You can't use multiple times the same shortcode.


21. It takes an average of 196 days for a data breach to be detected.

(Symantec)

By that time, chances are your credentials are already for sale on the dark web.

You can take multiple steps to protect your own devices – antivirus software, password hygiene, cloud backups, and more. Cyber crime data shows that the best thing you can do is activate two-factor authentication wherever you can, as it is very effecting in thwarting criminal activity.

However, you can’t do anything about attacks on companies you trusted with your information.


22. Cyber attack statistics by year show that 2017 had the biggest number of data breaches (1,632) in the US, but 2018 had the biggest number of individual exposed records (446 million).

(Statista)

It looks like hackers are getting more and more efficient – 2018 saw double the exposed records in fewer attacks compared to 2017.

Cybercrime’s growing sophistication is illustrated by the fact that in 2005, there were only 157 breaches exposing 67 million records.

The question is – are your credentials worth more to you than the ease online services provide?


23. Data breaches have compromised private information of one in five Americans.

(Harris Poll)

Each time you give a business your credit card information, you are putting it at risk. At a hotel for example – Marriott was a target of an organized attack that lasted from 2014 to 2018. More than 500 million accounts were compromised during that period, cyber crime stats show.


Phishing statistics

Phishing definition – Phishing is a form of social engineering. Hackers send emails pretending to represent a reputable company or a government institution so they can coax valuable information from recipients.


24.Businesses in the financial industry get targeted by phishing attacks the most – 29% of all attacks.

(PhishLabs)

If information gathering is a cyber criminal’s primary objective, as is most often the case, financial institutions are a gold mine.

When attackers gain access to a financial services provider’s private network, they get their hands on payment information of the finance company’s clients and users.

Email providers get targeted in 24.1% of attacks.


25. Companies from the United States are by far the most targeted by phishing attacks – they account for 84% of phishing volume.

(PhishLabs)

The biggest year-over-year increase in phishing attack volume was in Turkey – it increased 901% from 2017 to 2018, according to cyber crime statistics by year. Turkey still accounts for only 1% of global phishing, however.


26. Employees are most likely to click on fraudulent emails if they impersonate HR or payroll personnel from the company.

(PhishLabs)

Phishing simulations are a way of testing employee awareness for online fraudsters. Fraudulent emails are sent from various addresses. Employees fail the test if they interact with them. Tests show that 31% of employees automatically click emails from HR and payroll.

Emails promising shipping info, purchase confirmations, and the like boast the second-highest failure rate among cyber fraud – 27%.


27. 98% of phishing emails that reach employees don’t contain any malware.

(PhishLabs)

Scams that involve social engineering are difficult to tame. Antivirus software can handle malware threats, but it’s poor at filtering out pure text phishing. And people still click on those links.


28. The number of spear phishing attacks has risen 80%.

(Trend Micro)

Phishing email campaigns induce confidence in the victim by appearing to be from a legitimate source.

Spear phishing is more nefarious and precise – it targets a single individual, usually someone in an important security position within an organization, using an address he or she knows.

Humans are the weakest brick in the firewall, all relevant cyber crime facts and statistics show. Education is the best defense against security breaches.


29. 91% of cyberattacks start with a spear phishing email.

(Trend Micro)

Spear phishing is the most efficient way of gaining an entry point into complex security systems.


30. Almost half (48%) of all malicious email attachments in 2018 were Microsoft Office files, compared to 5% in 2017.

(Symantec)

Attackers hide malicious scripts in a Word or Excel file disguised as an invoice or receipt, for example. Opening the attachment downloads the malware.

The rate of attacks is highest in November, when almost 30% of all users receive malicious emails.


Ransomware statistics

Ransomware definition – Ransomware blocks user access to their own computers, often by encrypting the data. The victim is then prompted to pay a fee, usually in a cryptocurrency, to regain control of their PCs and access to their data.


31. The number of ransomware attacks increased 350% in 2018.

(AT&T)

Ransomware is one of the most lucrative operations hackers can perform, judging by the frequency of attacks, statistics on cyber crime show.


32. By 2021, there will be a ransomware attack happening every 11 seconds. Ransomware will cost the world $21 billion per year.

(Herjavec Group)

Cyber crime statistics and trends indicate that ransomware is just too good a model to die down.

Experts and law enforcement agents advise that you never pay ransom. There’s no guarantee you’ll get the decryption key. Instead, you can try services like No More Ransom or simply cut your losses and start over.


33. 638 million ransomware attacks were carried out in 2016.

(Statista)

According to cyber crime statistics, 2016 was the peak year for ransomware.

The sheer number of ransomware attacks is on a decline – there were just 204 million in 2018. But their efficiency seems to be going up. Hackers are more organized, and their efforts better aimed and concentrated.


34. One of the biggest cyber attacks ever, WannaCry, infected more than 200,000 computers in 150 countries, according to global cyber crime statistics.

(Australian Broadcasting Corp.)

In May 2017, North Korean hackers exploited a security hole in Windows to launch a devastating global cyber attack. It was the largest ransomware attack in history.

Computers all over the world running factory, transportation, banking, and similar systems found their hard drives locked, their files held for ransom. Hackers demanded a Bitcoin payment of $300 within two days or $600 within seven days. An estimated 327 payments were made globally, totaling more than $130,000.

The attack was thwarted and contained thanks to a “kill switch” discovered by a young cybersecurity researcher known only by his online user name, MalwareTech.


35. Managed service providers claim that 71% of their clients were attacked by the Cryptolocker strain of ransomware in 2018.

(Statista)

It’s a good thing those companies hired an MSP. Cyber crime statistics from 2018 show that the second most common strain of ransomware was Wannacry.


36. Almost 10% of internet users in Thailand were targeted by ransomware between 2017 and 2018.

(Statista)

The United Arab Emirates holds second place, with 8.67% of internet users targeted. Iran is a close third with 8.46%.

Cyber crime by operating system


37. 97.2% of malware that was blocked in 2018 was targeted at PCs and laptops running Microsoft Windows.

(Symantec)

Symantec blocked more than 144 million malware attacks on computers running Windows. The company blocked 4.2 million attacks on Macs (2.8%).


38. 250,000 new viruses and other malicious programs for Mac devices are registered every day.

(MacKeeper)

A persistent myth suggests that Mac devices are immune to viruses. This is false – if you own a Mac device you are not exempt from caring about cyber security.


39. Adware is found on 66% of all Mac devices.

(MacKeeper)

Software installed on a computer that produces pop-up ads using your browser – Adware. It’s arguably the most annoying type of malware, and the most common type found on Mac devices.


Sextortion statistics

Sextortion definition – Sextortion is the use of compromising material to extort money or favors from the victim.


40. Two-thirds of sextortion victims are girls under the age of 16.

(Thorn)

A third of sextortion victims never report the incident to anyone, not even family and friends.

Most cases of sextortion belong to one of two categories:

  • A disgruntled former partner threatens to publish nude photos or videos of the victim. This is sometimes referred to as “revenge porn.”
  • The predator builds an online relationship with the victim and uses coercion to obtain nude images. The predator then uses the pictures to blackmail the victim.

In one chilling report, the predator was choking a cat during a video chat. He threatened to kill the animal if the victim didn’t send him a nude picture. The underage victim complied and the predator used that picture as a basis for further blackmail.

In some cases, the motive for sextortion is defamation or pure jealousy.


41. Threats become more frequent in 68% of cases when the sextortion victim complies with demands.

(Thorn)

Cyber stalking can feel like a completely helpless situation. Blocking the stalker usually makes the situation worse.

After months of harassment, complying starts to look like a way out. This is the worst thing a victim can do, however – the provided material is additional ammunition to be used against the victim.


42. A phishing campaign landed a sextortion email in more than 200 million inboxes in 2019.

(Cofense)

In the first half of 2019, a botnet network launched a “spray-and-pray” campaign against millions of email addresses worldwide.

The email claimed that attackers had access to the victim’s webcam feed. It said the attackers had recorded the victim in compromising situations – doing the kinds of things you do only when you think no one is watching. The attackers were looking for a payoff in Bitcoin.

Cofense, a company that provides phishing protection, says the campaign collected just under 156 BTC, about $1.8 million.

Cofense suggests that you avoid all interaction when confronted with these kinds of sextortion scams. Don’t even respond to the email – that increases the probability that bots will target you in future attacks. Most importantly, don’t pay anything to anyone.


Consumers and cybercrime statistics

43. 60 million Americans have experienced identity fraud, identity theft statistics show.

(Symantec)

According to cyber crime statistics from 2017, 16.7 million consumers have had their personal credentials stolen and used without their knowing. This led to $16.8 billion being embezzled from consumers in a single year.


44. 59% of Americans report they have experienced cyber crime or in some way fallen into the hands of a computer hacker.

(Harris Poll)

That’s 152 million American consumers who have had their security compromised online in one way or another.


45. In 2018, 105 million Americans say they have experienced cyber crime.

(Harris Poll)

Cyber crime has impacted 41% of the American population as of 2018.


46. Half of American citizens aged 50-64 think that the government should have access to encrypted information during crime investigations.

(Statista)

There’s a constant trade-off between privacy and security when it comes to government intervention.

To consider any government completely benevolent is naive, but it’s still the only mandated body that can help when criminals strike.

Trust in law-enforcing institutions is lowest in the 18-29 age bracket, with 41% of respondents saying the government should have access to encrypted information during a crime investigation.


47. At 26% of the population affected, malicious software on an online device is the most common cyber crime.

(Harris Poll)

No devices – desktop computers, laptops, smartphones, tablets, smart home appliances – are safe from malware. Malware is nothing but bad news. It slows your computer down, compromises the privacy of your data, even lock you out of your files. It can spread through networks and infect other computers.

If you surf the internet without any protection, chances are your computer is infected even if you don’t directly perceive the consequences.


48. 14% of Americans have detected unauthorized activity on their email accounts.

(Harris Poll)

It’s a panic-inducing moment – realizing that someone has been snooping around your inbox. You feel violated and helpless.

If you’re into knowing bad things you can do absolutely nothing about, you can check to see if your email address has been compromised at https://haveibeenpwned.com/.


49. People are becoming more and more aware of the dangers – 72% of surveyed Americans say they are more alarmed about their online privacy than ever before.

(Harris Poll)

Consciousness of the risks involved is rising, but most would still trade safety for convenience. In a 2019 cyber crime report by Symantec and the Harris Poll, two-thirds of respondents said they accept some risks to make their life more convenient.


50. The vast majority – 84% – of the population want to take steps to increase their protection against cyber crime.

(Harris Poll)

Education seems to be an issue – 43% of respondents say they don’t know how to increase their cyber security.


51. 72% of social media users feel privacy is a right, not a privilege, and wouldn’t be willing to pay providers extra for security.

(Harris Poll)

Last year, 28% of social media users deleted at least one of their accounts due to privacy concerns. These fears are not unfounded, considering the many scandals that shook the social media landscape.

Consumers think that service providers across the board should be responsible for keeping private information concealed – 58% wouldn’t pay extra to online retailers for privacy, 57% feel the same for medical service providers, and 56% for financial institutions, according to cyber security statistics.


52. 14% of American consumers have taken no steps at all to increase their cyber security.

(Harris Poll)

That means nothing – not even clearing or disabling cookies, which takes three clicks and 12 seconds. Fewer than a quarter of consumers have changed the default privacy settings on their devices.


53. Only 3% of Americans use a VPN, cyber security statistics show.

(Harris Poll)

A virtual private network masks and encrypts your outgoing internet traffic. It not only helps you use P2P services like torrents or grant you access to streaming services abroad, but also greatly increases your privacy and secures your interactions with the web.


54. Younger people are almost twice as likely to sell or give away their private information than older people.

(Harris Poll)

Despite all the gadgets giving us access to knowledge, only experience grants us wisdom.

Respondents aged 54 or higher answered the question “Would you be willing to sell or give away your ID information?” negatively 31% of the time. People between the ages of 18 and 34 answered positively 54% of the time.


55. A quarter of all US consumers don’t know that smart devices can be hacked.

(Harris Poll)

More than half of US consumers (57%) own smart devices. Here’s the ironic part – people who don’t own smart devices are more likely to be aware of their weaknesses than those who do.

Consumers seem more educated on some points than others. For example, 77% of respondents to a Norton & Harris Poll survey were aware that hackers can gain access to baby monitors and spy on children.


Business cybercrime statistics

56. Almost 50% of small businesses in the US have fallen prey to a cyber attack, and half of those have been attacked more than once.

(Hiscox)

Even though cyber attacks annually cost the average American small business about $34,000, 70% of SMEs are completely unprepared for an attack. The best thing a small business can do to increase the level of its cyber security is employee education – 90% of breaches are enabled by human error.


57. 70% of small businesses are completely unprepared for a cyber attack.

(Hiscox)

Out of 4,103 professionals interviewed for a Hiscox survey, only 66% said they were concerned or very concerned about cyber attacks. Despite that, seven out of 10 small businesses have not taken even the most basic steps to increase cyber security.


58. Employees are held responsible for cyber attacks in just 16% of organizations.

(Accenture)

Cyber security is by definition an incredibly touchy and delicate subject. Sometimes a stolen laptop or a single click on a malicious email is enough to compromise an entire organization.


59. 5% of organizations have been targets of phishing and social engineering attacks.

(Accenture)

Every human able to click a mouse is a potential entry point for attackers. The basis of social engineering attacks is human interaction. Impersonating an authority figure is one of the easiest cyber threats to make.


Miscellaneous computer crime stats

60. 88% of professional hackers can infiltrate an organization within 12 hours.

(AT&T)

This percentage was determined with a penetration test.

A penetration (or “pen”) test: A hacker is paid to try to infiltrate an organization’s cyberspace. The test reveals cracks and weaknesses in a company’s security.

Pen tests are becoming an increasingly popular tool for businesses to test their defenses. However, an astounding 49% of organizations still never use them, according to hacking statistics.


61. By 2022, there will be 6 billion internet users – 75% of the projected world population.

(Herjavec Group)

To be is to be online, that seems to be a central truth of the 21st century. The more we immerse ourselves in the digital world, the more vulnerable we become to criminals thousands of miles away. This will lead to a cyber crime increase, statistics will surely show.


62. The world will need 3.5 million cybersecurity experts in the labor force in 2021.

(Herjavec Group)

The computer crime space is a constant back-and-forth between the white hats and the black hats of the hacker world. The hackers trying to protect the consumers, the white hats, are still undermanned. They simply cannot keep up with the constant barrage of new tools and techniques the bad guys come up with.


63. Only 10 to 12% of cybercrime cases are known – the vast majority go unreported.

(Slate)

It’s next to impossible to make an accurate count of cybercrime attacks, as a huge number are uncounted. IC3 director Donna Gregory told Time that only 10 to 12% of internet attack victims report their cases to the FBI.

The reasons are many. Victims may feel embarrassed, may feel they will lose face, may believe that law enforcement can’t help.

Reputation damage is the reason some of the biggest and most dangerous data breaches were discovered only years after the fact, cyber crime statistics show.


64. Supply chain attacks rose by 78% in 2018 – Symantec blocked 3.7 million formjacking attempts that year

(Symantec)

Cyber criminals are eager to get their hands on your payment information – it can be sold for up to $45 in the deep corners of the dark web. They sometimes use a special method to achieve this goal, targeting specific points in the supply chain.

Formjacking is the term Symantec uses to describe this method. Hackers implant JavaScript code on the checkout form of an online store. Each time a customer completes a purchase, the script sends a copy of the payment information back to the hacker.

Each month of 2018, an average of 4,818 websites were targets of formjacking scripts, internet crime statistics published by Symantec show. If the hackers got only 10 sets of credit card information from each, this type of attack was making cyber criminals a total of $2.2 million each month.


65. Sixty-nine million computers were used for mining cryptocurrencies without the owner’s consent in 2018

(Symantec)

A hacker invades your computer and, unbeknownst to you, uses it to mine cryptocurrencies. If you don’t know what that means, don’t worry – we won’t get into blockchain and cryptocurrency right now. The point is, someone’s using your CPU power and you get a slower computer because of it.

Computer crime statistics show that cryptojacking isn’t as common now as it was when blockchain first emerged on the tech scene.


66. The average cyber crime takes 3.1 hours to resolve.

(Harris Poll)

A cumulative 342 million hours were spent righting the wrongs of cyber crime in 2018. Almost 40% of attacks needed more than a week to resolve.


67. What types of cyber crimes are there?

Leading security company Symantec recognizes the following types of cyber attacks:

  • Computer viruses/malware
  • Online credit card fraud
  • Online hacking
  • Online harassment
  • Online identity theft
  • Online scams
  • Online sexual predation and phishing

68. The IC3, the FBI cyber crimes department, received 351,937 reports of cybercrime in 2018 – an average of 900 per day.

(Internet Crime Complaint Center)

Cybercrime statistics from 2014 show a steady increase in the number of reports – that year, the FBI wing that deals with internet attacks received 269,422 complaints.

Compare this number to estimates about the number of victims of online crime made by cybersecurity experts at Symantec. This shows how few Americans trust that the government can help in these kinds of situations.


69. FBI cyber crime statistics show people over 60 are the most frequent victims of online con artists.

(Internet Crime Complaint Center)

In 2018, the IC3 gathered 62,085 reports from people over 60. This age group lost close to $650 million to cybercrime.

People under 20 reported 9,129 instances of cybercrime, with a total loss of $12 million.


70. The US government is starting to put its foot down – there were 49 cyber espionage indictments made in 2018, compared to just four in 2017.

(Symantec)

With the number of cyber attacks per year on the rise, so is the determination of the US government to take a firm stance.

While the media focused on the 18 indictments of Russian citizens sworn after 2016 election interference, more were sworn against Chinese individuals or organizations – 19. Eleven Iranians were indicted for espionage, and one North Korean.

More stringent cyber laws are also in the works.


71. Data gathering is the primary goal for 96% of cyber crime groups.

(Symantec)

This is by far the most common motive for targeted campaigns against organizations, with deliberate disruption being the motive behind 10% of attacks and stealing funds behind 6%.

Cyber attacks stats show that personal and corporate information can be easily sold on the deep web’s black market.