Content Assessment: An Evolving Threat Landscape? 2022 Cyber Attack Statistics, Data, and Trends
Information - 97%
Insight - 95%
Relevance - 96%
Objectivity - 94%
Authority - 93%
A short percentage-based assessment of the qualitative benefit of the report from Parachute Technology on cyber attack statistics, data, and trends.
Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.
To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.
2022 Cyber Attack Statistics, Data, and Trends
Ashley Lukehart (Parachute Technology)
A cyber attack is an attempt to invade a computer system, multiple computers, or a network infrastructure with the intent to cause some sort of harm. Cybercriminals launch cyberattacks to disrupt, disable or gain unauthorized access to someone else’s computer or network.
A successful cyberattack can enable cybercriminals or hackers to steal, manipulate or destroy critical data on the victim’s computer. Alternatively, cybercriminals can also leverage a compromised system to further launch attacks against other computers or environments.
From financial gains to swaying public opinion to cyber warfare, there’s a multitude of objectives driving cyber attacks. And over the years, the bad actors have evolved from the script kiddies of the 90s to the sophisticated, advanced cybercriminals, and groups that have access to nation-state technology, and resources.
They are forcing IT and cybersecurity teams, already grappling with the stringent budgets and the widening skills gap, to prioritize their resources to combat the new wave of advanced cyber threats.
Forewarned is forearmed. So, here we have compiled relevant data and statistics for cyber attacks in 2022 to give you a better idea of the evolving threat landscape and enable you to strengthen your defenses and strategically invest in cybersecurity.
A data breach compromising 1-10 million records costs $50 million on average, whereas one compromising 50 million records can cost as much as $392 million.
Although the average cost of a data breach has gone down from $3.92 million in 2019, the trend wasn’t consistent across all organizations and industries — those that were prepared with the best cybersecurity practices and processes and trained incident response(IR) teams were clearly at an advantage.
The average cost of a data breach was $2.45 million for organizations with fully deployed security automation, as compared to $6.03 million for those lagging behind in security automation.
Enterprises with efficient cyber attack prevention strategies can save up to $1.4 million for each averted attack
And yet, the staggering number of organizations still lacking an effective incident response and prevention strategies is alarming.
A meager 24% of cybersecurity professionals invest in cyber attack prevention.
56% of organizations do not have a cyber incident response plan. And only 32% of the remaining 44% actually think that their plan is effective.
46% of professionals consider the lack of security protocols for third-party access to internal data as one of the biggest hindrances to an effective data breach response.
With 66%of organizations operating between 16 – 50 cloud services and apps, it’s no surprise that 45% of IT professionals view account hijacking as their biggest security concern.
Let’s also take a look at some of the most common vulnerabilities and security loopholes that have exposed companies and their data over the past year (and beyond).
The most commonly leveraged cyber-attack vulnerabilities are crypto weaknesses (39.7%), followed by cross-site scripting (12%) and those related to system patches (8%).
74% of organizations are unaware of the number of digital keys and certificates they have — leaving them vulnerable to threats involving shadow IT certificates.
The number of security incidents involving insiders has increased by a staggering 47% since 2018.
70% of office workers admit to using their work devices for personal tasks.
69% are using personal laptops or printers for work activities.
Almost one-third (30%) of remote workers have let someone else use their work device.
Despite the abysmal stats regarding security vulnerabilities, cyberattack preparedness — or the lack thereof — and the questionable effectiveness of implemented strategies, there are some positive trends on the horizon.
89% of company executives believe cybersecurity to be a high priority.
7 in every 10 organizations use a security configuration management tool, and the use of SIEM and network traffic analysis tools is also gaining traction.
Gartner expects 40%of privacy compliance technology to rely on artificial intelligence by 2023 which will reduce administrative burdens and bolster data privacy and security.
A ransomware attack on the Dusseldorf Hospital in Germany allegedly claimed the life of a patient in need of urgent care. It could very well have been the first human death directly related to a cyber attack. However, a detailed investigation later revealed that the outcome would’ve been the same regardless of the cyber attack. But the incident was a huge wake-up call for public and government organizations to see the writing on the wall — it’s just a matter of time before the ramifications of cyber attacks start extending beyond monetary and reputational loss.
Here are some of the most notorious cyber attacks and data breaches from the past years:
Earlier in 2020, attackers managed to access one of the SolarWinds servers to inject malicious code — later dubbed as the ‘Sunburst’ malware — that could allow data exfiltration and remote access to clients’ devices. The attack impacted giants like Microsoft and the US Department of Defense, potentially making it one of the most devastating attacks of 2020. (FireEye, 2020)
A successful credential stuffing attack left more than 500,000 Zoom teleconferencing accounts for sale on the dark web last year. (Fighting Identity Crimes, 2020)
WannaCry, one of the worst ransomware attacks in history, hit some 230,000 computers across 150 countries — resulting in an overall loss of $4 billion. It is particularly remembered for crippling the computers at UK’s NHS facilities. (Kaspsersky, 2017)
Russia, allegedly, launched NotPetya, another ransomware, against Ukraine, but it quickly spread to wreak havoc across the globe — causing damages over $10 billion. (WIRED, 2017)
The Equifax breach that exposed more than 148 million consumers across the U.S., Canada, and the U.K. was deemed to be easily preventable because the agency was already informed of the exploited vulnerability and its fix. (CSO, 2017)
Yahoo reported the biggest data breach of all time that compromised 3 billion user accounts. Yahoo lost $350 million in value as a result of the breach announcement. (Reuters, 2013)
Attackers allegedly stole the data of as many as 500 million guests in a data breach on the systems of Marriott International that occurred in 2014 and continued through 2018. (BBC, 2014-2018)
Just last year, Cam4 left 10.88 billion user records exposed — leaving billions of users vulnerable to phishing attacks and blackmailing in the future. (WIRED, 2020)
1. Malware Statistics
Malware is a blanket term for all kinds of malicious software that are designed to damage computer systems. Different types of malware include viruses, trojans, worms, ransomware, adware, spyware, botnets, and rootkit. Existing since the early 1970s, malware has been used for causing disruptions, making money, implementing cyber warfare strategies, and much more.
34% of organizations suffered from security incidents involving malware last year.
Google detected around 600-800 malware-infected sites every week following March 2020, as compared to over 3000 infected sites between January and March. The number keeps on declining each year.
The cost of 50,000 records compromised by malware is around $6.3 million.
Hackers stole about 26 million user login credentials for almost a million websites through custom malware between 2018 and 2020, according to a NordLocker malware study. Nameless, or custom, Trojans such as this are widely available online for as little as $100.
2. Ransomware Statistics
Ransomware is a type of malware that encrypts the files in the infected system, often displaying a message that specifies an amount that must be paid to retrieve the encrypted files. Depending on the type of ransomware, it may either be downloaded on opening a malicious file or email attachment, or it can be self-propagating like a worm — making it even more difficult to contain.
Ransomware accounted for 27%of the data breaches involving malware infections last year.
Damages incurred from ransomware amount to $20 billion in 2021, which is 57 times higher than the damages in 2015.
94% of organizations hit by ransomware were able to retrieve the encrypted data. Of those, 56% did so through data backups rather than paying a ransom.
3 out of 4 IT professionals do not encourage paying the ransom to get the data back.
By the end of 2021, ransomware is predicted to attack a business every 11 seconds.
The average ransom paid for organizations increased from $115,123 in 2019 to $312,493 in 2020, a 171% year-over-year increase.
The FBI reported an increase of more than 225% in total losses from ransomware in the U.S. in 2020
80% of organizations that paid a ransom were hit by a second attack, and almost half were hit by the same threat group
3. Phishing Statistics
One of the most prevalent forms of cyber attacks, phishing involves a malicious actor impersonating a trustworthy entity to obtain private data. Such attacks can be carried out via emails, websites, or other means. Attackers can either trick victims into providing sensitive information — such as credit card information or passwords — or downloading malicious attachments.
38% of cyber attacks on US companies involve phishing.
38% of end-users, up from 8.3% in 2019, without cybersecurity awareness training, will fail phishing tests.
Google detected around 2 million phishing sites in 2020.
About 5% of all emails are phishing (Avanon, 2021)
Non-executive accounts are targeted 77% more than other accounts, and nearly 52% of all impersonation emails are pretending to be from a non-executive account at an enterprise. (Avanon, 2021)
43.35% of all phishing emails come from domains with very low traffic (Avanon, 2021)
84.3% of all phishing emails do not have a significant historical reputation with the victim (Avanon, 2021)
4. DDoS and IoT Statistics
A DDoS is a cyber attack that disrupts the availability of online services or systems by overwhelming the server with huge traffic/request volume. To launch a DDoS attack, attackers must first assume control of multiple computer systems, including IoT devices.
The number of DDoS attacks is expected to reach 14.5 million by 2022.
More than 90% of DDoS attacks in the third quarter or 2020 lasted less than four hours, indicating how DDoS attacks are becoming less prolonged but more frequent and intense.
The worldwide spending on IoT security is expected to reach $3.1 billion in 2021.
As many as 5200 cyber attacks are launched against IoT devices each month.
5. Cryptocurrency Statistics
Cybercriminals can utilize the victim’s computing resources to mine cryptocurrency. This type of cyber attack is also known as cryptojacking. Cybercriminals can either infect a website with cryptomining code or convince a user to click on or download a malicious link.
Cryptojacking malware comprises 2.5%of all malware attacks.
17% of respondents in a survey reported that their organization faced cryptojacking.
Cryptojacking surged by 163% in the second quarter of 2020, as compared to the first.
About $1.4 billion in cryptocurrency were stolen in the first half of 2020 alone.
The statistics and impact of cyber attacks can vary greatly from industry to industry. For instance, while the average cost of a data breach in heavily regulated industries like healthcare and financial services is $7.13 and $5.86 million respectively; it is less than $2 million for others — such as media and hospitality. Similarly, the average lifecycle of a data breach in the healthcare sector is 329 days, whereas the overall average is 280 days.
So, here are some industry-specific cyber attack statistics to give you an idea about the current state of cybercrimes in each sector.
1. Energy Statistics
84% of energy companies have dedicated cyber roles and 68% are expected to get cyber liability insurance. These significant figures indicate the seriousness of cyber threats and their ramifications in the energy sector.
Utilities faced 1780 DDoS attacks between June and August last year, a 595% increase from the year prior.
As many as 30 cyber attacks on the power sector are reported every day in India alone.
The average cybersecurity budget in the energy sector is about 10% less than the average in other sectors.
67% of applications in the utility sector have at least one exploitable severe vulnerability open throughout the year
2. Healthcare Statistics
The global healthcare cybersecurity market is expected to reach $125 billion by 2025.
Healthcare providers can spend up to $408 for each patient record that is compromised by a breach and an additional $1.75 million to regain reputation.
90% of the healthcare staff working remotely during the COVID-19 outbreak did not receive any security guidelines or data privacy training before going remote.
A survey found that 40% of the respondents were unaware of the cybersecurity measures in place at their organization.
28% of attacks on health care in 2020 were ransomware, making the industry the seventh most attacked, up from tenth place in 2019.
3. Financial Statistics
The cost of cybercrime in the financial services sector is $18.3 million — the highest among other industries.
On average, an employee in financial services has access to 11 million files. For larger firms, the number is even higher — 20 million.
The average time it takes to contain a data breach is 233 days in the financial sector.
Financial services firms, on average, spend 10% of their IT budget and 0.3% of their revenue on cybersecurity.
There were 736,071,428 phishing web attacks in the financial sector in 2020
In a recent survey, 45.5% of survey respondents claimed that their organization faced between one and five successful attacks during the past year.
What is the most dangerous cyber attack?
Malware and DDoS attacks can be the most dangerous attacks depending on the scale of the attack and the targeted industry. For instance, a DDoS attack launched against a hospital can prevent patients from accessing critical care and put several lives at risk.
Where do cyber attacks come from?
Cyber attacks are launched by threat actors — a person or a group behind malicious activities and incidents.
If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.
ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.
ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.