Cybercrime Statistics Featured Image

Cybercrime Statistics

Last updated: 29.12.2021
Author: Maya

While technology has undoubtedly made the lives of billions of people easier, it has some downsides too. Cybersecurity is one of the biggest issues businesses around the world struggle with daily. Recent cybercrime statistics point to a boom in breached and hacked data, affecting smartphones as well. To make matters worse, most businesses not only have abysmal cybersecurity practices in place but also regularly deal with unprotected data. To further demonstrate the urgency of this issue, we’ve compiled a list of stats and facts that you can use to help your business stay safe this year and beyond.

Cybercrime Statistics (Editor’s Pick)

  • Illegal cyber activities involving Bitcoin generate a total of $76 billion.
  • Organizations lose more than $2.6 million on average each year as a result of malware attacks.
  • It takes 6+ months on average for an organization to notice a data breach
  • Human error is the #1 cause of the majority of cybersecurity breaches.
  • At 57%, mobile devices are the most challenging areas and functions to defend.
  • Only 10% of cybercrime incidents are reported in the US annually.

Cybercrime Facts About Its Cost to the Global Economy

1. By 2021, the annual global cost of cybercrime will top $6 trillion.

Cybercrime data reveal some devastating financial repercussions. Not only are businesses crippled by spending heaps of money to protect their data from cybercriminals, but they also fork out funds to repair the losses caused by thefts. It comes as no surprise, then, that cybercrime turns out to be more profitable than the illegal drug trade. The 2017 Cybersecurity Ventures report suggests that the annual cybercrime cost worldwide will top $6 trillion in 2021. To put that into perspective, it will overtake the cost of natural disasters.

(Cybersecurity Ventures)

2. Cybercrime statistics worldwide suggest that spending on cybersecurity will surpass $170 billion in 2022.

Gartner’s 2018 update on the state of the global information security market forecasts that the rising cybercrime rates will lead to more money being spent on prevention and dealing with its after-effects. Their projections are that in 2022, we will see a global annual spend of a staggering $170.4 billion, i.e. the information security market will grow at a five-year CAGR of 8.5%. And this figure is set to grow even further.


3. Illegal cyber activities involving Bitcoin generate a total of $76 billion.

Recent cybercrime statistics and trends reveal that Bitcoin is involved in approximately $76 billion of illegal activities in one form or another. This is close to 46% of all Bitcoin transactions. Many often cite the quick transfer, anonymity, and the lack of regulation as the biggest advantages of cryptocurrencies. And it’s Bitcoin’s anonymity that makes the digital currency perfect for illegal activities and internet fraud.

(University of Sydney, CPO Magazine)

4. The average annual cost of cybercrime is highest in the US at $27.4 million.

Cybercrime and cybersecurity statistics by country rank the US as the most threatened country in the world, with the average annual cost of cybercrime having grown by 28% in 2018 compared to the year before, reaching an incredible $27.4 million. Next on the list is Japan with a somewhat higher growth percentage-wise (30%) but a much smaller surge in terms of cost at approximately $14 million. The highest increase in percentage, however, was experienced by UK organizations (31%), where it reached $11.5 million.


5. Cybercrime generates a global revenue of over $3.25 billion per year via social media.

Social media plays a leading role in perpetuating cybercrime incidents, according to social media crime statistics. Social media-enabled cybercrimes exceed $3.25 billion in global revenue per year, which is approximately the same as the net worth of Steven Spielberg ($3.6 billion). Cybercriminals use Facebook, Instagram, Twitter, or others as the ideal platform to steal personal information. Social media-related cybercrime cases account for up to 50% of all illicit trading of personal information, including stolen credit card info, usernames, and passwords.

(The SSL Store)

6. Organizations lose more than $2.6 million on average each year as a result of malware attacks.

Cybercrime facts and figures show that malware continues to inflict the most financial damage to organizations around the world, despite being only one of many forms of cybercrime. Organizations lost more than $2.6 million as a result of malware attacks in 2018, up by 11% compared to the year before. Malicious insider attacks meanwhile spiked by 15% generating an average of $1.6 million per year per organization.


Cybercrime Statistics – Types & Frequency

7. In 2019, Mexico was hit the hardest by cyberattacks, with nine out of ten companies compromised at least once.

As much as 93.9% of all surveyed companies in Mexico were compromised at least once in 2019. With 87.5%, Spain ranks second, and Italy follows with 85.7%. Colombia, China, the US, and the UK are also ranked high on the list of hardest-hit countries.


8. End-user devices are at the highest risk of security threats and breaches.

Computer crime statistics, courtesy of the AT&T Cybersecurity Report 2018, suggest that end-user devices are the most troublesome. Laptops and desktop computers top the list with 70% vulnerability. Smartphones are the runner-up with 61%, with tablets claiming the third spot with 53%. Servers and server rooms share the fourth place on the list with wireless access points (both at 50%), and last on the list are switches and routers at 47%.

(Finances Online)

9. More than 500 million personal records fell victim to hacker theft in 2018.

Cybercrime statistics by year report that 500+ billion personal records found their way into the hands of hackers around the globe in 2018. Compared to 2017, this marks an increase of 126%. A report by Cybersecurity Ventures meanwhile shows that a cumulative 3.8 million records have been stolen since 2013 in daily breaches. Once you crunch the numbers, that amounts to an average of 44 records every second of every day.


10. The overwhelming majority of malware (as high as 92.4%) spreads through email.

Eye-opening as it may be that email is the top carrier of malware, we’ve dug even deeper into statistics on cybercrime and hacking to learn that a spear-phishing email was responsible for initiating 91% of cyberattacks. Additionally, environments that use secure email gateways were home to 90% of verified phishing emails, courtesy of a report by Cofense. Microsoft cloud services didn’t fare any better, either; Sharepoint hosted 55% of payloads, while One Drive hosted 21% of more than 9,000 phishing analyzed.

(Finances Online)

11. More than 60,000 seniors over the age of 60 had been victims of cybercrime.

Scams involving senior citizens, as cybercrime stats confirm, are becoming increasingly frequent and lead to significant losses, especially on an annual basis. In 2018, a little under $650 million in damages were reported by 62,058 victims aged 60 or over. At the same time, cybercrime data mention the situation was no better for those aged 50-59 in the same year: just shy of $495 million in losses were reported by 48,642 citizens worldwide. And these are only the reported losses, meaning the actual figures and statistics on cybercrime may very well be much higher than $1.14 billion in a single year.

(The SSL Store)

12. Cryptojacking increased by 629% between the end of 2017 and the beginning of 2018.

Cryptojacking is a term used to describe the process where cybercriminals spread malware that infects their victims’ computers, for the purpose of utilizing the processing power to mine for Monero, Bitcoin, and other cryptocurrencies. Cryptojacking has proven less risky, simpler, and more profitable for cybercriminals — so much so, that computer crime statistics point to only 400,000 recorded samples of it in Q4 of 2017, and as many as 2.9 million in Q1 2018. The ENISA Threat Landscape Report 2018 shows that cryptominers are estimated to have sourced more than $2.5 billion for their users.


13. More than 24,000 mobile apps with suspected malicious software are blocked every day.

Mobile apps are a significant cause for concern. More than 24,000 mobile apps with suspected malicious software are blocked every day; moreover, the main targets among them seem to be lifestyle apps, according to mobile cybercrime statistics. This is a reason for concern since these apps reveal device location, as well as other highly sensitive information like phone numbers. Stats also show mobiles are like an open invitation for fraudsters to wreak havoc on users. Note that 60% of fraud comes from mobile devices.

(Data Connectors)

14. A massive 90% of hackers use encryption.

Encryption involves encoding a program, message, or information and allows only authorized people to access it. In reality, this is a document that is normally readable but would appear unreadable if encrypted. Cybercrime facts and statistics confirm that encryption is the preferred method of nine out of ten hackers, and the only way for users or companies to fight it is to use encryption to the same level they do. Recent cybercrime information says that hackers attack every 39 seconds on average.

(Data Connectors, Cybint)

15. 18.2% of all ransomware attacks occur in the United States.

Just the WannaCry ransomware attack cost the NHS more than $100 million, according to cyber security statistics. Ransomware is a term used to describe a situation where a specific device like a computer is targeted, after which its system (and the data on it) are encrypted and held hostage. The target usually has to pay if they want the data back, making this a fairly popular type of attack. These types of cybercrime are more frequent in countries whose population is more commonly connected to the internet, like the US, which is why the country accounts for 18.2% of all ransomware attacks.


Cybercrime Statistics – Concerns & Challenges

16. It takes 6+ months on average for an organization to notice a data breach.

Organizations typically take a terrifyingly large amount of time to discover that they’ve been hacked. The majority of studies agree that most businesses take up to 197 days to notice a data breach. The average for finance firms, meanwhile, is 98 days. This practically means that the hackers can help themselves to virtually any information, and it will be a while before you even notice they’ve paid you a visit.

(Data Connectors)

17. Polymorphic malware accounted for 93% of observed malware in 2018.

Internet crime statistics show that polymorphic malware accounted for 93% of all malware attacks observed in 2018, according to the 2019 Webroot Threat Report. This means that malware has the ability to constantly change its code to avoid detection. If you’ve seen Terminator 2, think of this type of malware as if it were the liquid metal T-1000: it can make itself look like virtually anyone and anything.


18. Cybercrime facts reveal that a third of organizations do not have a cybersecurity budget.

Cybersecurity defenses still don’t seem to be a priority for a majority of businesses and organizations. According to the 2019 Security Threats and Trends Report by KnowBe4 on computer security and related cybercrime cases, more than 30% of surveyed organizations still only have an annual IT capital expenditure budget, instead of having a separate cybersecurity budget.

(The SSL Store)

19. Human error is the #1 cause of the majority of cybersecurity breaches.

Cybercrime facts and figures point to human error as one of the leading causes of more than 95% of all breaches. Hackers and cybercriminals prey on the weakest link within your organization to gain access to your sensitive and confidential information. Nine times out of ten, this weakest link has absolutely nothing to do with your IT department, so don’t be too quick to judge them if an employee who’s not too computer-savvy clicks on the wrong spam email.


20. Nearly 70% of organizations are not adequately equipped to respond to cyber-attacks.

Cyber attacks stats reveal that seven out of ten businesses are ill-equipped to respond to cyber-attacks, and in most cases, money is the biggest issue. Fortunately, many companies are aware of the growing threats of cybercrime today which is why 30% use products from 1-5 security vendors, 24% from 6-10, another quarter from 11-20, 16% from 21 to 50, and only 5% rely on over 50 vendors.

(Finances Online)

21. At 57%, mobile devices are the most challenging areas and functions to defend.

Cybercrime facts mention finances are not the only challenge organizations face. Cisco’s 2018 Cybersecurity Report pinpoints mobile devices as the most challenging area to defend in 57% of the cases, 22% of which are considered extremely challenging. Protecting public cloud data (56%) is the second biggest concern for security professionals, but security teams face many roadblocks when it comes to user behavior (56%) since it is something that is constantly subjected to change. The ability to resolve these issues better is further impeded by the lack of skilled talent (27%).


FBI Cybercrime Statistics

22. Only 10% of annual cybercrime incidents are reported in the US.

Many of the cybercrimes in the US remain unreported as they’re often difficult to prove. Cybercrime data from the FBI’s Internet Crime Complaint Center (IC3) show that the number of reported crimes in cyberspace represents just 10% to 12% of the actual amount.

(CPO Magazine)

23. In 2019, the FBI received 23,775 complaints about business email compromise (BEC).

Cybercrime trends show that email account compromise has been one of the biggest concerns of the IC3 and has so far generated losses amounting to $1.7 billion. Of the 467,361 complaints the IC3 received in 2019, nearly 24,000 were about BEC. This type of cybercrime usually involves a sort of “imitation” of a legitimate email address like getting an email from a colleague or executive requesting wire transfer or payment. These might seem legitimate at first sight but are actually extremely dangerous.


24. Since COVID-19, the FBI cybercrime statistics show a 300% spike in reported cybercrime incidents.

And we thought the COVID-19 pandemic was scary enough on its own. What is scary is hackers taking advantage of the situation of office work being moved to home to attack vulnerable networks. Up until the pandemic started, the FBI’s Internet Crime Complaint Center received around 1,000 complaints per day. This number has since soared to more than 3,000 and even 4,000 a day.

(IMC Grupo)


While computers and digital technologies remain the pillars of both the modern economy and society, cybercrime statistics exist as a reminder that it’s not all sunshine and rainbows. The future promises to see this battle between cybercriminals and law enforcement continue. What you can do for yourself and your organization is to be aware of the risks, educate your employees, invest in protection against vulnerabilities, and try to be up-to-date on the latest technological developments. After all, the journey of a thousand miles begins with a single step.

Sources: Cybersecurity Ventures, Gartner, University of Sydney, CPO Magazine, Accenture, Comparitech, The SSL Store, Finances Online, Cybint, Data Connectors, Varonis, Cisco, FBI, IMC Grupo