How Often Cyberattacks Happen: Key Statistics

Billions of cyberattacks happen every day – so many that it’s difficult to quantify. One NSA data center in Utah has charted over 300 million cyberattacks to its own system in a single day. And in a 2007 University of Maryland study reported in Security Magazine, the average computer tested was attacked 2,244 times in a day – that’s one attack every 39 seconds.

If an individual computer gets attacked more than 2,000 times on a daily basis, and a high profile system such as the NSA’s can get attacked more than 300 million times in a single day, you can start to imagine how many cyberattacks occur every day: a lot.

Let’s do a little napkin math. If each of the 4.66 billion internet users (as of January 2021) were subject to 2,244 attacks per day, we’d have roughly… 10 trillion cyberattacks every day. That’s 7.3 billion cyberattacks every hour, or 121 million attacks every second. Like I said, it’s a lot!

But one number doesn’t tell the whole story. The reality is that most of those are bot-powered brute force attacks. A single botnet might attempt 10,000 password guesses on a single system, for instance. And with more bots than humans using the web, there’s going to be plenty of bot-based cyberattacks, even if most of those are firing blind.

A 2021 survey by Norton estimated that 107.6 million Americans had knowingly experienced a cyberattack in the past 12 months – that’s 41% of the population. And Kaspersky alone repelled nearly 1 billion attacks in 2019.

19.8% of computers using Kaspersky’s security products encountered malware in 2019. Malware was also the most common cyberattack Norton encountered. While it’s likely many more Americans experienced some form of cyberattack in the past year, you’re much less likely to notice a bunch of failed password guesses than to detect malware installed on your system.

Common Cyberattacks

The most common cyberattacks include phishing, malware, denial of service attacks, brute force attacks, and attacks relying on stolen credentials. But it’s hard to name a #1, as there’s little hard data comparing the sheer number of these kinds of attacks.

Denial of service attacks are the most common cyberattack on businesses, comprising 58% of security incidents, per a 2021 report by Verizon. Phishing attacks came in second, accounting for 15% of security incidents on businesses.

When it comes to data breaches, however, phishing attacks are the most common, making up 36% of breaches in 2020. From there, stolen credentials are used in 25% of breaches, followed by ransomware attacks, which comprise 10% of data breaches.

Overall, roughly one third of breaches relied on social engineering methods, such as phishing, while another third relied on hacking methods, such as stolen credentials and denial of service attacks. Most of the remaining breaches involved either malware or human error.

Another study found that of the 43% of attacks that target small businesses, the most common attack vector was web-based attacks such as SQL injections, making up 64% of reported attacks on small businesses. It was followed closely by phishing attacks at 62% and malware attacks at 59%, with denial of service attacks coming in fourth, at 51%.

But it can be tricky to differentiate attack vectors when any given attack might rely on more than one vector. In 94% of malware attacks on businesses, for instance, the malware in question arrived via email.

When it comes to malicious email attachments, .doc and .dot files are the most commonly used, making up 37% of the attacks. .exe attachments account for 19.5% of attacks, making it the second-most common file type for attacks.

The FBI’s Internet Crime Complaint Center registered 791,790 complaints in 2020. Of those, the top categories break down as follows:

  • 241,324 phishing incidents (30.5%)
  • 108,869 non-payment/non-delivery incidents (13.7%)
  • 76,741 extortion cases (9.7%)
  • 45,330 personal data breaches (5.7%)
  • 43,330 identity theft incidents (5.5%)

Other types of attacks received fewer complaints to the FBI: there were only 2,474 ransomware attacks, 2,018 denial of service attacks, and 1,423 malware attacks reported. That doesn’t mean these types of attacks necessarily happened less often – people might just be less likely to report a malware infection to the FBI than they would a case of identity theft.

Over 1,000 Data Breaches Happen Every Year

In 2020, there were 1,108 known data breaches, down slightly from 1,362 breaches in 2019. These data breaches affected 300.6 million people around the world. Phishing was the #1 attack vector, accounting for 44% of these reported data breaches. A separate report found that 60% of data breaches came down to employees – but that figure includes intentional insider threats as well as unintentional breaches, such as those due to phishing.

On average, 3.8 million records a day have been stolen via data breaches since 2013. The single biggest known data breach was the 2013 Yahoo breach, which compromised roughly 3 billion accounts.

Most data breaches don’t come to light right away. The average data breach isn’t even discovered until 212 days after the breach itself, and isn’t contained until another 75 days later – that’s 287 days of data exposure. Of all attack vectors, those involved compromised credentials took the longest to address, at 341 days on average – nearly an entire year.

Where Attacks Come From

We could not find sufficiently credible research on where cyberattacks originate. The reports that we did find, such as those provided by Gulf Business and GovTech, were not clear as to their methodology. Based on the accounts we could find, we did see some commonalities. Nearly all sources rank China as the #1 origin of cyberattacks, followed by the United States at #2.

Rounding out the top five, three countries came up across multiple sources: namely, Turkey, Brazil, and Russia. Other countries cited include South Korea, Poland, Iran, India, and Spain.

Cyberwarfare’s another story. Though we can’t trace the origin of every attack on individuals and businesses, documented attacks between political entities remain uncommon enough to keep some track of. Privacy Affairs arrived at the following top five, based on the number of geopolitical cyberattacks:

  1. China (28.6%)
  2. Russia (27.2%)
  3. North Korea (11.6%)
  4. Iran (11.2%)
  5. United States (4.3%)

Altogether, the above five countries account for 83% of documented cyberespionage attacks.

We don’t know where all cyberattacks on businesses originate, but we do know a few things. When it comes to data breaches, 86% of attacks are financially motivated, and 55% are perpetrated by organized crime groups.

To make the financial omtive a little more clear: some of the top cyber criminals bring in $2 million a year. Mid-tier hackers can make around $900,000, and even entry-level attackers can bring home around $42,000.

The Cost of Cyberattacks

Cyberattacks can be costly. The FBI found that cyberattacks cost Americans $4.2 billion in 2020, though the total cost might even be higher.

A 2021 Verizon report identified the median cost of a data breach at $29,774 – after taking out the 76% of incidents that involved no monetary loss. Only 10% of ransomware incidents resulted in monetary loss, with the median cost coming out at $11,500. Compromised business emails resulted in a financial loss 58% of the time, with the median cost coming out to $30,000.

Even though many incidents don’t involve any loss at all, the cost of some breaches can be devastatingly high.

The Most Expensive Data Breaches

Data breaches are one of the most expensive kinds of attack. A single data breach might affect millions of customers, and the breached business may owe those individuals compensation, deal with extended lawsuits, and pay fines issued by regulatory bodies.

The below figures are estimates. Companies don’t always share precise numbers, and it can take years for litigation to play out.

With that in mind, here is an overview of some of the most expensive data breaches:

More Cybercrime Cost Statistics

While the statistics above showcase some of the most extreme examples of the cost of a data breach, that doesn’t mean the average cost of an attack isn’t startling. With that in mind, here are some intriguing statistics about the cost of a cyberattack:

  • In the U.S., the average cost of a data breach is twice the global average, coming in at nearly $8.2 million
  • For companies with fewer than 500 employees, the average losses come in above $2.5 million
  • Data breaches cost companies approximately $150 per stolen or lost record
  • On average, breaches originating from third parties cost organizations $370,000 per incident
  • The average total cost of a ransomware attack is $1.85 million
  • The average ransom paid during a ransomware attack is $170,404
  • 67% of the financial impact that companies experience after a security breach is incurred during the first 12 months. Another 22% occurs in the second year, while 11% happens in the third

About the Author

Find Michael on LinkedIn

Michael X. Heiligenstein

Michael X. Heiligenstein is the founder and editor-in-chief of the Firewall Times. He has six years of experience in online publishing and marketing. Before founding the Firewall Times, he was Vice President of SEO at Fit Small Business, a website devoted to helping small business owners. He graduated from the University of Virginia with a degree in English and History.