Thu. Mar 28th, 2024

Content Assessment: An Evolving Threat Landscape? 2022 Cyber Attack Statistics, Data, and Trends

Information - 97%
Insight - 95%
Relevance - 96%
Objectivity - 94%
Authority - 93%

95%

Excellent

A short percentage-based assessment of the qualitative benefit of the report from Parachute Technology on cyber attack statistics, data, and trends.

Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.


Report*

2022 Cyber Attack Statistics, Data, and Trends

Ashley Lukehart (Parachute Technology)

A cyber attack is an attempt to invade a computer system, multiple computers, or a network infrastructure with the intent to cause some sort of harm. Cybercriminals launch cyberattacks to disrupt, disable or gain unauthorized access to someone else’s computer or network.

A successful cyberattack can enable cybercriminals or hackers to steal, manipulate or destroy critical data on the victim’s computer. Alternatively, cybercriminals can also leverage a compromised system to further launch attacks against other computers or environments.

From financial gains to swaying public opinion to cyber warfare, there’s a multitude of objectives driving cyber attacks. And over the years, the bad actors have evolved from the script kiddies of the 90s to the sophisticated, advanced cybercriminals, and groups that have access to nation-state technology, and resources.

They are forcing IT and cybersecurity teams, already grappling with the stringent budgets and the widening skills gap, to prioritize their resources to combat the new wave of advanced cyber threats.

Forewarned is forearmed. So, here we have compiled relevant data and statistics for cyber attacks in 2022 to give you a better idea of the evolving threat landscape and enable you to strengthen your defenses and strategically invest in cybersecurity.

General Cyber Attack Stats


1-Total-Cost-of-Cybercrime - 2020

Let’s take a look at the cost, facts, and implications of cybercrime incidents as they unfolded over the past year.

  • Cybercrime costs the global economy about 1 trillion — 50% more than that predicted in 2018. Also, it is more than 1% of the global GDP.
  • The average cost of a data breach in 2020 was a whopping  $3.86 million. In 2021 it was $4.24 million.
  • A data breach compromising 1-10 million records costs $50 million on average, whereas one compromising 50 million records can cost as much as $392 million.

Although the average cost of a data breach has gone down from $3.92 million in 2019, the trend wasn’t consistent across all organizations and industries — those that were prepared with the best cybersecurity practices and processes and trained incident response(IR) teams were clearly at an advantage.

  • The average cost of a data breach was $2.45  million for organizations with fully deployed security automation, as compared to $6.03 million for those lagging behind in security automation.
  • Enterprises with efficient cyber attack prevention strategies can save up to $1.4 million for each averted attack

And yet, the staggering number of organizations still lacking an effective incident response and prevention strategies is alarming.

  • A meager 24% of cybersecurity professionals invest in cyber attack prevention.
  • 56% of organizations do not have a cyber incident response plan. And only 32% of the remaining 44% actually think that their plan is effective.
  • 46% of professionals consider the lack of security protocols for third-party access to internal data as one of the biggest hindrances to an effective data breach response.
  • With 66% of organizations operating between 16 – 50 cloud services and apps, it’s no surprise that 45% of IT professionals view account hijacking as their biggest security concern.

Let’s also take a look at some of the most common vulnerabilities and security loopholes that have exposed companies and their data over the past year (and beyond).

  • The most commonly leveraged cyber-attack vulnerabilities are crypto weaknesses (39.7%), followed by cross-site scripting (12%) and those related to system patches (8%).
  • 74% of organizations are unaware of the number of digital keys and certificates they have — leaving them vulnerable to threats involving shadow IT certificates.
  • The number of security incidents involving insiders has increased by a staggering 47% since 2018.
  • 70% of office workers admit to using their work devices for personal tasks.
  • 69% are using personal laptops or printers for work activities.
  • Almost one-third (30%) of remote workers have let someone else use their work device.

Despite the abysmal stats regarding security vulnerabilities, cyberattack preparedness — or the lack thereof — and the questionable effectiveness of implemented strategies, there are some positive trends on the horizon.

  • 89% of company executives believe cybersecurity to be a high priority.
  • 7 in every 10 organizations use a security configuration management tool, and the use of SIEM and network traffic analysis tools is also gaining traction.
  • Gartner expects 40% of privacy compliance technology to rely on artificial intelligence by 2023 which will reduce administrative burdens and bolster data privacy and security.

Biggest Cyber Attacks and Data Breaches


2-Wannacry Ransomware Cryptoworm Attack

A ransomware attack on the Dusseldorf Hospital in Germany allegedly claimed the life of a patient in need of urgent care. It could very well have been the first human death directly related to a cyber attack. However, a detailed investigation later revealed that the outcome would’ve been the same regardless of the cyber attack. But the incident was a huge wake-up call for public and government organizations to see the writing on the wall — it’s just a matter of time before the ramifications of cyber attacks start extending beyond monetary and reputational loss.

Here are some of the most notorious cyber attacks and data breaches from the past years:

  • Earlier in 2020, attackers managed to access one of the SolarWinds servers to inject malicious code — later dubbed as the ‘Sunburst’ malware — that could allow data exfiltration and remote access to clients’ devices. The attack impacted giants like Microsoft and the US Department of Defense, potentially making it one of the most devastating attacks of 2020. (FireEye, 2020)
  • A successful credential stuffing attack left more than 500,000 Zoom teleconferencing accounts for sale on the dark web last year. (Fighting Identity Crimes, 2020)
  • WannaCry, one of the worst ransomware attacks in history, hit some 230,000 computers across 150 countries — resulting in an overall loss of $4 billion. It is particularly remembered for crippling the computers at UK’s NHS facilities. (Kaspsersky, 2017)
  • Russia, allegedly, launched NotPetya, another ransomware, against Ukraine, but it quickly spread to wreak havoc across the globe — causing damages over $10 billion. (WIRED, 2017)
  • The Equifax breach that exposed more than 148 million consumers across the U.S., Canada, and the U.K. was deemed to be easily preventable because the agency was already informed of the exploited vulnerability and its fix. (CSO, 2017)
  • Yahoo reported the biggest data breach of all time that compromised 3 billion user accounts. Yahoo lost $350 million in value as a result of the breach announcement. (Reuters, 2013)
  • Attackers allegedly stole the data of as many as 500 million guests in a data breach on the systems of Marriott International that occurred in 2014 and continued through 2018. (BBC, 2014-2018)
  • Just last year, Cam4 left 10.88 billion user records exposed — leaving billions of users vulnerable to phishing attacks and blackmailing in the future. (WIRED, 2020)

1. Malware Statistics

Malware is a blanket term for all kinds of malicious software that are designed to damage computer systems. Different types of malware include viruses, trojans, worms, ransomware, adware, spyware, botnets, and rootkit. Existing since the early 1970s, malware has been used for causing disruptions, making money, implementing cyber warfare strategies, and much more.

  • 34% of organizations suffered from security incidents involving malware last year.
  • Google detected around 600-800 malware-infected sites every week following March 2020, as compared to over 3000 infected sites between January and March. The number keeps on declining each year.
  • Malware and spyware present the highest cost damages for organizations, followed by data breaches.
  • The cost of 50,000 records compromised by malware is around $6.3 million.
  • Hackers stole about 26 million user login credentials for almost a million websites through custom malware between 2018 and 2020, according to a NordLocker malware study. Nameless, or custom, Trojans such as this are widely available online for as little as $100.

2. Ransomware Statistics

Ransomware is a type of malware that encrypts the files in the infected system, often displaying a message that specifies an amount that must be paid to retrieve the encrypted files. Depending on the type of ransomware, it may either be downloaded on opening a malicious file or email attachment, or it can be self-propagating like a worm — making it even more difficult to contain.

  • Ransomware accounted for 27% of the data breaches involving malware infections last year.
  • Damages incurred from ransomware amount to $20 billion in 2021, which is 57 times higher than the damages in 2015.
  • 94% of organizations hit by ransomware were able to retrieve the encrypted data. Of those, 56% did so through data backups rather than paying a ransom.
  • 3 out of 4 IT professionals do not encourage paying the ransom to get the data back.
  • By the end of 2021, ransomware is predicted to attack a business every 11 seconds.
  • The average ransom paid for organizations increased from $115,123 in 2019 to $312,493 in 2020, a 171% year-over-year increase.
  • The FBI reported an increase of more than 225% in total losses from ransomware in the U.S. in 2020
  • 80% of organizations that paid a ransom were hit by a second attack, and almost half were hit by the same threat group

3. Phishing Statistics

One of the most prevalent forms of cyber attacks, phishing involves a malicious actor impersonating a trustworthy entity to obtain private data. Such attacks can be carried out via emails, websites, or other means. Attackers can either trick victims into providing sensitive information — such as credit card information or passwords — or downloading malicious attachments.

  • 38% of cyber attacks on US companies involve phishing.
  • 38% of end-users, up from 8.3% in 2019, without cybersecurity awareness training, will fail phishing tests.
  • Google detected around 2 million phishing sites in 2020.
  • According to the 2020 Mobile Threat Landscape Report, a new phishing site is launched every 20 seconds.
  • About 5% of all emails are phishing (Avanon, 2021)
  • Non-executive accounts are targeted 77% more than other accounts, and nearly 52% of all impersonation emails are pretending to be from a non-executive account at an enterprise. (Avanon, 2021)
  • 43.35% of all phishing emails come from domains with very low traffic (Avanon, 2021)
  • 84.3% of all phishing emails do not have a significant historical reputation with the victim (Avanon, 2021)

4. DDoS and IoT Statistics

A DDoS is a cyber attack that disrupts the availability of online services or systems by overwhelming the server with huge traffic/request volume. To launch a DDoS attack, attackers must first assume control of multiple computer systems, including IoT devices.

  • The number of DDoS attacks is expected to reach 14.5 million by 2022.
  • More than 90% of DDoS attacks in the third quarter or 2020 lasted less than four hours, indicating how DDoS attacks are becoming less prolonged but more frequent and intense.
  • The worldwide spending on IoT security is expected to reach $3.1 billion in 2021.
  • As many as 5200 cyber attacks are launched against IoT devices each month.

5. Cryptocurrency Statistics

Cybercriminals can utilize the victim’s computing resources to mine cryptocurrency. This type of cyber attack is also known as cryptojacking. Cybercriminals can either infect a website with cryptomining code or convince a user to click on or download a malicious link.

  • Cryptojacking malware comprises 2.5% of all malware attacks.
  • 17% of respondents in a survey reported that their organization faced cryptojacking.
  • Cryptojacking surged by 163% in the second quarter of 2020, as compared to the first.
  • About $1.4 billion in cryptocurrency were stolen in the first half of 2020 alone.

Cyber Attack Stats by Industry


3-Utilities Cyber Attacks

The statistics and impact of cyber attacks can vary greatly from industry to industry. For instance, while the average cost of a data breach in heavily regulated industries like healthcare and financial services is $7.13 and $5.86 million respectively; it is less than $2 million for others — such as media and hospitality.  Similarly, the average lifecycle of a data breach in the healthcare sector is 329 days, whereas the overall average is 280 days.

So, here are some industry-specific cyber attack statistics to give you an idea about the current state of cybercrimes in each sector.

1. Energy Statistics

  • 84% of energy companies have dedicated cyber roles and 68% are expected to get cyber liability insurance. These significant figures indicate the seriousness of cyber threats and their ramifications in the energy sector.
  • Utilities faced 1780 DDoS attacks between June and August last year, a 595% increase from the year prior.
  • As many as 30 cyber attacks on the power sector are reported every day in India alone.
  • The average cybersecurity budget in the energy sector is about 10% less than the average in other sectors.
  • 67% of applications in the utility sector have at least one exploitable severe vulnerability open throughout the year

2. Healthcare Statistics

  • The global healthcare cybersecurity market is expected to reach $125 billion by 2025.
  • Healthcare providers can spend up to $408 for each patient record that is compromised by a breach and an additional $1.75 million to regain reputation.
  • 90% of the healthcare staff working remotely during the COVID-19 outbreak did not receive any security guidelines or data privacy training before going remote.
  • A survey found that 40% of the respondents were unaware of the cybersecurity measures in place at their organization.
  • 28% of attacks on health care in 2020 were ransomware, making the industry the seventh most attacked, up from tenth place in 2019.

3. Financial Statistics

  • The cost of cybercrime in the financial services sector is $18.3 million — the highest among other industries.
  • On average, an employee in financial services has access to 11 million files. For larger firms, the number is even higher — 20 million.
  • The average time it takes to contain a data breach is 233 days in the financial sector.
  • Financial services firms, on average, spend 10% of their IT budget and 0.3% of their revenue on cybersecurity.
  • There were 736,071,428 phishing web attacks in the financial sector in 2020

4. Education Statistics

  • 62% of about 10.7 million enterprise malware incidents in the last month belonged to the education sector.
  • Between July and September 2020, the education sector witnessed a 20% increase in cyber attacks.
  • Only 54% of educators are familiar with the concept of ransomware.
  • 72% of end-user devices in educational institutes are running older OS versions.
  • One survey showed that 44% of education institutions were targeted by ransomware in 2020 (SOPHOS, 2021)

5. Government Statistics

  • Government organizations faced 13% of the total cyber attacks in the second quarter of 2020.
  • The U.S. government came across 4,388 phishing attacks last year.
  • The government sector in the U.S. can take about 17 hours to discover a compromise and another 45 hours for recovery as compared to 15 hours and 38 hours, on average, for other countries.
  • The overall cybersecurity spending in the U.S. in 2021 will amount to $18.78 billion, out of which $9.85 billion has been requested by the Department of Defense (DoD).

6. Gaming Statistics

  • Cyberattacks targeting video games saw a 340% increase compared to pre-pandemic data
  • 55% of frequent gaming players have had one of their accounts compromised at some point
  • The video game industry accounted for about 11 billion credential stuffing attacks in 2020

Small Business Statistics

  • The average cost of a data breach for small organizations (less than 500 employees) fell to $2.35 million in 2020, as compared to $2.74 million in 2019.
  • One in every five small businesses does not have any endpoint security in place, while one in three relies only on free cybersecurity solutions.
  • 28% of all data breaches involve small businesses.
  • 30% of small businesses consider phishing attacks to be their top cybersecurity concern.
  • Electronic Data Liability Insurance average premiums range from $619 to $3,297 with the highest premiums going up to $55,500

Cybersecurity Statistics


4-Change in Cybersecurity Budgets

The global information security market is expected to be worth $170.4 billion in 2022.

  • Identifying and containing a data breach takes 287 days on average.
  • 55% of enterprises plan to increase their cybersecurity spendings and 51% plan to add cybersecurity staff to their IT teams in 2021.
  • Unfilled cybersecurity positions across the globe are expected to reach 3.5 million in 2021.

Managed Service Provider Cyber Attack Statistics

  • 4 in 5 managed service providers (MSPs) have experienced an increase in ransomware attacks.
  • The average amount of ransom for MSPs went up from $10,000 to more than $100,000 during the last couple of years.
  • 25% of MSPs plan to offer security management software and tools and 22% plan to offer intrusion monitoring services in the next year.
  • 43% of MSPs offer managed security services in partnership with an MSSP because of the complexity surrounding cybersecurity.

COVID-19 Statistics

  • Following the onset of COVID-19, 85% of CISOs overlooked cybersecurity to quickly enable remote working.
  • The cybersecurity market is expected to grow 6.2% per year until 2023 because of the COVID-19 pandemic.
  • 445 million cyber-attacks were reported during the first three months of the pandemic — a 20% increase as compared to the previous quarter.
  • By March 2020, there was over 650% increase in COVID-19 themed spear-phishing emails.
  • Between January and May 2020, the FTC recorded a loss of $24.44 million as a result of COVID-19 themed online scams.

Cyber Attack FAQs

What are the most common types of cyber attacks?

The most common types of cyber attacks are:

  • Malware like ransomware, spyware, and viruses.
  • Phishing and spear-phishing
  • DDoS
  • SQL injection
  • Zero-day exploit
  • DNS tunneling
  • Man-in-the-middle       

How many cyber attacks happened in 2020?

What percentage of cyber attacks are successful?

  • In a recent survey, 45.5% of survey respondents claimed that their organization faced between one and five successful attacks during the past year.

What is the most dangerous cyber attack?

  • Malware and DDoS attacks can be the most dangerous attacks depending on the scale of the attack and the targeted industry. For instance, a DDoS attack launched against a hospital can prevent patients from accessing critical care and put several lives at risk.

Where do cyber attacks come from?

  • Cyber attacks are launched by threat actors — a person or a group behind malicious activities and incidents.

Read the original report.

*Shared with permission.


Additional Reading

Source: ComplexDiscovery

 

Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, Midjourney, and DALL-E, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.

 

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit ComplexDiscovery.com.