Back to the Blog

Cyber Crime Statistics

Patrick Sullivan

cybercrime statistics

So many aspects of our lives are handled online these days, whether you’re working online, keeping in touch with friends and family around the world on social media, or just enjoying some digital entertainment.

Although the digital world has opened up a wealth of possibilities, it also means that cybersecurity risks today are higher than ever before. Today’s cybercriminals are savvy, and they’re constantly developing new strategies to keep up with advances in technology.

Everyone is vulnerable to cyber attacks, from individuals to small businesses to major corporations. This is why it’s so important to have a cybersecurity strategy in place to protect your most sensitive information online.

In this article, we’ll delve into some of the latest cyber crime statistics to learn how prevalent these attacks really are and how they affect people and businesses around the world.

Key Takeaways

  • Cybercrime rates in the United States are the highest in the world. Many American businesses and consumers don’t have cybersecurity strategies in place to stay safe online.
  • Cyber crime increased during the COVID-19 pandemic, largely due to new remote work policies. While rates remain high, many organizations are increasing their cybersecurity spend to combat this.
  • Phishing is the most common type of cyber crime.
  • Cybercrime is incredibly costly, resulting in billions of dollars of damage around the world each year.

What is Cybercrime?

Put broadly, cybercrime is any type of crime that either takes place using a computer or targets a computer. This is a broad category of criminal activity that involves everything from malicious software to social engineering to more complex security breaches.

Cybercrime doesn’t just affect computers in the traditional sense. It also affects devices like smartphones, tablets, and smart home systems that use computing technology.

Just like there are many different types of cybercrime, there are also many different types of cyber criminals. While some cybercrime is conducted by professional hackers or even criminal organizations, many of these attacks are conducted by amateurs.

Many cyber crimes are conducted in an attempt to make or steal money. However, there are many other reasons why someone might launch a cyber attack. For example, a hacker might want to get revenge on a specific target or even make a political statement.

How Many Cyber Crimes Are Committed Each Day?

Many people are shocked to learn just how common cybercrime is. Thousands of attacks happen daily around the world, and they can happen at any time.

The frequency of cybercrime also increased during the COVID-19 pandemic. With so many people working from home and spending time online, there were more opportunities for hackers to strike.

  • A study from the University of Maryland in 2017 has indicated that hackers launch an attack every 39 seconds. This results in approximately 2,244 cyber attacks globally every single day. Since this study was conducted several years ago, this average is likely higher now. (Security Magazine, 2017)
  • An average of 30,000 new websites are hacked each day and are distributing malicious code to users. (Forbes, 2021)
  • 422 million people in the United States were affected by data breaches or other data compromises in 2022. (Statista, 2023)
  • During the height of the COVID-19 pandemic in 2020, Americans were reporting an average of 4,000 cyber attacks per day to the FBI. This was a 400% increase from pre-COVID numbers. (The Hill, 2020) (MonsterCloud, 2020)
  • More than half of all consumers have already experienced a cyber attack at some point during their lifetime. (Norton, 2021)
  • It’s estimated that 7 million data records are compromised every day. (Varonis, 2022)
  • Antivirus programs detect 350,000 viruses every day globally (AV-TEST Security Report, 2017)
  • It takes an average of 277 days to identify and contain a data breach. (IBM, 2022)
  • Hackers attack an average of 26,000 times per day, or every 3 seconds. (Forbes, 2021)

The Cost of Cybercrime

Cybercrime can be devastating financially in many different ways.

Many cyber attacks on individual consumers focus on getting access to bank or credit card details, as well as social security numbers and other pieces of personal information. This type of identity theft is time-consuming and costly to recover from.

The effects of cybercrime on businesses are also far-reaching. Not only can they cause direct financial losses, but they can also disrupt your operations and damage your reputation, resulting in prolonged financial struggles.

Because cybercrime has become so common, organizations around the world are investing in better security to protect themselves. Cybersecurity professionals are in high demand, and many organizations are struggling to hire enough support to keep up with the changing digital landscape.

  • The average global cost of a data breach in 2022 was $9.44 million US, up from $9.05 million the year prior. (Statista, 2022)
  • The healthcare industry has been hit particularly hard by data breaches and other cybercrime. The average cost of a data breach in the healthcare industry is $10.10 million. (IBM, 2022)
  • Publicly traded companies experience an average decline of 7.5% in their stock prices after a data breach. (Infosecurity Magazine, 2019)
  • Approximately 70% of data breaches that happened in 2021 were financially motivated. (Verizon, 2021)
  • Small businesses experience the most significant financial consequences of cyber attacks, with an average impact of $2.98 million per data breach for organizations with less than 500 employees. Many small businesses are unable to recover from the severity of this attack. (IBM, 2021)
  • Cyber attacks are estimated to cost $10.5 trillion annually by 2025. (Cybersecurity Ventures, 2020)
  • The global cybersecurity industry was valued at $153.65 billion in 2022 and will increase to $424.97 billion by 2030. (Fortune Business Insights, 2023)
  • Research indicates that enterprises will increase their market spend on cybersecurity threat management by 98% between 2023 and 2028. (Juniper Research, 2023)
  • It is estimated that there will be 3.5 million unfilled cybersecurity jobs globally by the end of 2023. (Cybersecurity Ventures, 2022)
  • Having an incident response plan saves businesses an average of $2.66 million in the event of a data breach. (IBM, 2022)

U.S. Cybercrime Statistics

The United States experiences a particularly high rate of cyber attacks, both for financial and political reasons.

However, despite the high risk, the average American doesn’t make cybersecurity a top concern. It’s only in recent years that many Americans have started changing their cybersecurity practices to stay safer online.

  • The United States has the highest rate of data breaches in the world, with over 6.2 billion records stolen since 2013. (Varonis, 2022)
  • 56% of Americans don’t know what steps to take in a data breach. (Varonis, 2022)
  • The United States accounts for 46% of all global cyber attacks. (AAG, 2023)
  • 47% of American adults have had some form of personal information exposed in a data breach. (CISA)
  • Only half of small businesses in the United States had a cybersecurity plan in 2022. (UpCity, 2022)

Worldwide Cybercrime Statistics

While the U.S. may be the world’s largest target of cyber attacks, this doesn’t mean that other countries are safe.

Cybercrime is a global phenomenon that can affect anyone around the world with access to the internet. Additionally, cybercrime trends vary from country to country.

  • The countries with the highest data theft ratios in the world are the United States, South Korea, Canada, the United Kingdom, and Australia, in that order. (Varonis, 2022)
  • 93% of cybersecurity experts and 86% of business leaders believe that global instability will negatively impact their ability to maintain cybersecurity in the near future. (World Economic Forum, 2023)
  • Russia has launched government-sponsored cyber attack campaigns in conjunction with the Russo-Ukrainian War. Cyber targeting of Ukrainians increased by 250% between 2020 and 2022, and cyber targeting of residents in NATO countries increased by 300% in this time period. (Google, 2023)
  • 18.8% of cyber attacks originate in China, closely followed by 17% in the United States. (CyberProof, 2021)

Common Cybercrimes

There are many different types of cybercrimes for internet users to be aware of. Each of these cyber threats looks different and affects victims differently.

Hackers also frequently develop new scams and attacks to exploit vulnerabilities in new technology. Here are key statistics to know about today’s most common cybercrimes and how they affect internet users around the world.


Phishing happens when a hacker pretends to be a trusted source while communicating with cybercrime victims. This usually happens via email, but can also happen via social media or even text messages.

For example, the hacker might pretend to be the victim’s bank, a trusted social media platform or online retailer, a healthcare provider, or even law enforcement.

The hacker will then exploit the victim’s trust to gain access to important usernames and passwords, ultimately bypassing security measures in order to access the victim’s online accounts.

  • 47% of individuals are successfully targeted by phishing attacks while working from home. (Tessian, 2020)
  • 91% of all cyber attacks begin with a phishing email. (Deloitte, 2020)
  • 3.4 billion phishing scam emails are sent every day. (AAG, 2023)
  • 76% of all phishing attempts are targeted at specific individuals using spear phishing techniques. (Slashnext, 2022)


Ransomware attacks are the most common type of malware attack, and they can be incredibly damaging for both individuals and businesses that don’t have security standards in place.

Ransomware is a type of software that finds and stores vulnerable data. The software holds this data “hostage,” threatening to delete or publish the data unless the victim pays a ransom.

  • 47% of organizations have experienced a ransomware attack in the past year. (Security Magazine, 2023)
  • The average ransomware payment amount rose 71% between 2021 and 2022, totaling $925,162. (Palo Alto Networks, 2022)
  • 41% of ransomware victims paid the ransom in 2022, down from 50% in 2021. (CoveWare, 2023)
  • The financial services sector is a popular target for ransomware attacks. 55% of organizations in this sector experienced an attack in 2021. (Sophos, 2022)


There are many other types of malware besides ransomware, and they can be just as devastating. Two common types of malware are spyware and adware.

Spyware monitors the activity on your device and sends personal information directly to hackers, who can then use it for further attacks.

Adware floods your system with ads and pop-ups, slowing your computer down and ultimately damaging it. These types of malware are often disguised as legitimate software programs, so the user doesn’t realize the negative effects until it is too late.

  • Over 450,000 new malicious programs are registered every day. (AV-Test)
  • 94% of malware is delivered by email. (Verizon, 2019)
  • An advanced Trojan called Emotet is currently the most prevalent form of malware and affects 6% of global organizations. (CheckPoint, 2022)
  • The number of global malware attacks increased to 10.4 million in 2022, after a downward trend in 2020. (SonicWall, 2022)

Distributed Denial of Service (DDoS attacks)

Distributed denial of service, or DDoS, is an internet crime that typically targets larger organizations or websites.

In a DDoS attack, hackers flood a target server’s network with traffic to the point where it is overwhelmed and cannot function properly. Hackers often use these attacks in tandem with other attacks to severely damage a large system.

  • The number of global DDoS attacks grew by 150% between 2021 and 2022. (Radware, 2022)
  • The average length of a DDoS attack in 2022 was approximately 50 hours. (Kaspersky, 2022)
  • The finance industry received the largest share of DDoS attacks at 34%, followed by telecommunications at 26% and retail at 17%. (Infosecurity Magazine, 2022)