A female in a hoodie and sunglasses in front of a multi-monitor computer, apparently hacking.

Cybercrime statistics 2021

If you’ve been following the LawPlus blog in recent months, you’ll already appreciate the scale at which cybercrime is increasing here in the UK and around the world. A significant proportion of the increase in cybercrime in recent years is pandemic-driven. People working from home presents more opportunities for criminals to exploit vulnerabilities. That said, even where businesses and other organisations have robust security systems and processes, hackers are using increasingly sophisticated methods to attack these and gain access to networks.

Once hackers have compromised systems, both the organisations that have fallen victim to the attack and consumers face significant risk.

Statistics compiled by Atlas VPN highlight the extent to which cybercrime has grown as a global problem in the past year.

Ransomware statistics

Ransomware attacks on businesses are on the rise. They are typically the most common type of cyberattack that hackers use to try and steal data.

During a ransomware attack, hackers either steal or encrypt data and systems. As the name suggests, hackers then demand a ransom payment to reinstate systems access or in return for not releasing stolen data onto the dark web. While many businesses adopt a policy of not paying ransomware demands, those that do often see stolen data leaked anyway, which is why the former approach is most common. So if you’re the hacker and an organisation pays a ransom demand, you can get paid twice – by the organisation you’ve hacked and by selling the data on the dark web.

Ransomware statistic #1: Hackers developed over 100 million pieces of Windows-targeted malware in 2021

According to Statcounter, Windows systems make up nearly three-quarters of all the world’s computers. As such, it is unsurprising that Windows is the system that hackers most frequently target.

In 2021, a scarcely believable 107.28 million unique malware threats explicitly targeting Windows operating systems were developed. That’s nearly 300,000 pieces of malware per day!

According to Atlas VPN, which has analysed these numbers over many years, Windows-targeted malware threats have grown consistently since 2012. On average, the volume of Windows-targeted malware increases by 23% a year. How significant would the number be if you added in Apple, Linux, and other operating systems?!

Ransomware statistic #2: Ransomware was behind 81% of all financially motivated cybercrime in 2021

63% of all cyberattacks in 2021 were financially motivated.

Of those, 81% involved ransomware.

Atlas VPN puts the average cost of a ransomware attack at $4.27 million (£3.17 million) but says this figure is increasing at a rate of approximately 4% each time an attack leads to a data breach.

Ransomware statistic #3: Organisations in Austria, India, and the United States are the top targets for ransomware attacks

37% of companies worldwide had to deal with an attempted ransomware attack in 2021. In Austria, India, and the United States, this figure rose to 50%.

In general, hacking groups tend to target companies in specific sectors; however, they also often target businesses of a particular size. These businesses are usually large enough to have valuable data but small enough to not have a dedicated cybersecurity team or system. This combination can make them highly attractive to cybercrime groups.

That said, cybercriminals aren’t afraid to target organisations with sophisticated security systems if valuable data is on offer. As such, the most targeted industries are retail, education, and professional services, closely followed by government organisations.

Ransomware statistic #4: Nearly 50% of organisations subject to a successful ransomware attack are in the United States

Cybercrime is a global enterprise, as we can see by the distribution of successful ransomware attacks worldwide.

Of successful ransomware attacks in 2021:

  • 45% of the organisations involved were in the United States
  • 12% were in Canada
  • 8% were in Germany
  • 5% were in the United Kingdom
  • 5% were in France

Ransomware statistic #5: Government organisations are the most frequent target of ransomware attacks

Given the potential value and volume of data available, it is perhaps understandable that government organisations, agencies, and departments are the most frequent targets of ransomware attacks. But unfortunately, and contrary to what many of us may expect, these organisations are also often shockingly lacking when it comes to cybersecurity.

After government organisations, the most frequent industries targeted by ransomware attacks are banking, manufacturing, and healthcare.

Phishing statistics

Phishing attacks often occur following a data breach, as criminals can find themselves armed with millions of email addresses and other pieces of personal information. Phishing is the act of impersonating a person, business, or another organisation to defraud another individual or company. For example, you may receive an email purporting to be from PayPal, but in fact, it’s a fraudulent email from criminals who are aiming to either get you to send them money or share your account details.

Phishing statistic #1: Over 2 million phishing websites were in existence in 2020

And those are just the ones that Google was able to find and knows about!

Phishing websites are those that a phishing email may redirect you to and are often exact copies of familiar websites to try and dupe you into sharing sensitive details or sending payments.

Phishing statistic #2: Younger people are more likely to fall for phishing emails

It’s perhaps surprising that it’s supposedly tech-savvy generations that are more likely to fall for phishing scams.

According to Atlas VPN, nearly a quarter of millennials (those born from 1981 – 96) and “Gen Z” (those born from 97 – 2012) have fallen for a phishing email.

Phishing statistic #3: 83% of UK businesses faced attempted phishing attacks last year

If a single statistic could sum up the increase in cybercrime during the COVID-19 pandemic, this is it.

Phishing statistic #4: Microsoft and Zoom are the most impersonated brands in phishing scams

While many of us in the UK are familiar with HMRC, PayPal, and Royal Mail related scams, on a global scale, a staggering 80% of all phishing scams come from cybercriminals impersonating Microsoft or Zoom.

This is perhaps unsurprising given how many of us will have used Skype or Zoom for the first time in the last couple of years.

Identity theft statistics

Identity theft usually starts with a data breach. The most severe data breaches can enable cybercriminals to get all the personal details they need to commit identity theft.

Identity theft statistic #1: Government document and benefit fraud surged during 2020

While this isn’t a specific COVID-19 scam, it’s another statistic that demonstrates the extent to which fraud surged during the pandemic.

In the United States alone, government document and benefits fraud increased by 45 times in 2020 compared to 2019. This statistic was likely to have been mirrored globally, especially with many governments keeping businesses afloat with versions of the furlough scheme we saw here in the UK. Alarmingly, much of this increase was driven by organised crime networks rather than individuals.

Identify theft statistic #2: In the United States, people worry more about getting hacked than murdered

Yes, you read that right!

Malware statistics

Malware is often used as a “catch-all” term to describe various types of computer viruses and things like ransomware. In modern cyberattacks, it is common for hackers to use malware as a vector for delivering ransomware. So the malware infects and compromises the system before delivering the ransomware, which then takes control of networks and steals files and data.

Malware statistic #1: macOS malware development increased by over 1,000% in 2020

It turns out that cybercriminals haven’t been busy exclusively targeting Windows devices after all!

During the height of the COVID-19 pandemic in 2020, macOS-targeted malware development increased by over 1,000%, with nearly 700,000 new malware samples identified during the year.

Malware statistic #2: Malware disguised as meeting apps also grew by more than 1,000%

The last couple of years have seen us living more of our lives – and especially our jobs – online.

As such, it is perhaps no surprise that there has been a massive increase in hackers impersonating meeting apps as a means of trying to seed malware onto computer systems.

The most common way hackers target unsuspecting victims is via phishing emails encouraging them to download an update of a popular tool. Clicking the link then downloads the malware to their system. Zoom, Microsoft Teams, and Slack are the three brands most commonly used as fronts for delivering such malware.

Malware statistic #3: Over 50 million malware attacks on Internet of Things (IoT) devices occurred in 2020

The Internet of Things (IoT) is becoming an ever more dominant part of our lives, especially as we create smart homes and integrate our tech products like never before.

Malware attacks on IoT devices surged to over 50 million in 2020. This is an area we’re all going to have to become more aware of. While installing smart security cameras and other devices in our homes may make our lives easier, the potential for them to be hacked and for our privacy to be compromised is frightening.

Malware statistic #4: There were over 100 million malware infections on Windows systems alone in 2020

We’ve already seen the statistic about the staggering number of malware threats developed in recent years. 100 million malware infections may seem like a relatively small number in that context!

It’s worth noting that while it is often commercial cyberattacks that make the news, over 80% of all malware threats are still found on consumer systems.

Other cybercrime statistics

Here are eight final shocking cybercrime statistics that don’t necessarily relate to ransomware, malware, or any other specific type of attack but that go some way to highlighting the scale of what is a global problem.

Statistic #1: Cybercrime cost over $1 trillion globally in 2020

That’s around 1% of total global gross domestic product (GDP), a truly staggering number.

The costs of cybercrime to businesses have more than tripled since 2013. Yet, spending on cybersecurity often doesn’t keep up with the scale of the threats.

Statistic #2: Most cyberattacks happen from within the same country

Whenever investigations begin into cyberattacks, and little is known about their origin, it is common for speculation to point to groups in other countries. This often turns out to be the case, especially when groups are targeting government agencies and other sensitive data sources.

However, and perhaps surprisingly, Atlas VPN found that 85% of all cyberattacks in the United States originate from within the country.

This highlights the scale to which cybercrime continues to become an increasing problem. We might hear about significant cyberattacks originating from elsewhere on Earth. Still, businesses and other organisations find themselves dealing with a raft of threats from closer to home on a day-to-day basis.

Statistic #3: 18% of CEOs say cybersecurity threats are the most significant risk they face

This is almost double the previous percentage, when Atlas VPN found that 10% of CEOs said cybersecurity threats were the most significant risk to business growth.

Hopefully, growing awareness and concern about such threats will see continued investment in cybersecurity to reduce the level of risk faced by businesses, organisations, and consumers. Unfortunately, while the pandemic brought about a spike in cybercrime, attacks are likely to remain high even if we eventually return to a “normal” scenario, with most people returning to offices rather than working from home.

Statistic #4: Increasing numbers of businesses and people are using VPNs to try and protect themselves

While most people associate virtual private networks (VPNs) with maintaining anonymity online, they also have a use when it comes to protecting yourself against cybercrime.

For example, say a business falls victim to a cyberattack, and a data breach occurs. If the data they hold about you includes your IP address, hackers could potentially access your system and use your browsing activities to inform ransomware or phishing attempts against you. Your actual IP address is hidden, and your browsing data is encrypted, so what any would-be fraudsters can see is of little value.

Businesses are also increasingly using VPNs for similar reasons. A network without a stable IP address can be more challenging to access. Using VPNs can also facilitate secure working from remote locations.

Statistic #5: Over 37 billion personal records were leaked in 2020

That means that, on average, everyone on Earth gets their data leaked between four and five times a year.

Of course, in practice, many of us might be compromised far more regularly, depending on how much data we give to businesses and other organisations that are often targets for hackers. Notably, Atlas VPN estimates that more than 30 billion of these records were leaked across just five data breaches.

Statistic #6: UK-based cybersecurity firms saw a 7% increase in revenues in 2020

This might seem like a small increase, but in practice, it means that UK cybersecurity businesses made nearly £9 billion in revenue during 2020. Moreover, given that many companies switched to remote work without really being prepared for it, when data is available for 2021, we can expect last year’s increase to be more substantial as companies got to grips with and better understood the risks they faced.

Statistic #7: Google is fielding record volumes of requests for information

In most countries, government and law enforcement agencies have legal standing for requesting information from Google if they need it for cybercrime investigations.

The volume of requests has increased steadily since Google first started making the data publicly available in 2009. Unsurprisingly, it has shot up dramatically once more in recent years.

Statistic #8: App development security is the most wanted cybersecurity skill among employers

Demand for this skill is expected to grow by over 160% during the first half of this decade.

Growing demand for app development security expertise shows the extent to which businesses appreciate the need to have in-house security teams. Of course, using external companies and platforms can do a great job of making data secure. Still, it’s always worth having an internal resource that can make things secure in the first place to help avoid problems later.

Cybercrime in 2022 and beyond

It is beyond doubt that cybercrime is a pandemic we’ll be living with for the rest of our lives.

While businesses and other organisations must have processes and systems in place to keep your data safe, these aren’t always enough to prevent determined hackers from mounting successful attacks.

However, there is still plenty you can do to minimise your risk of falling victim to fraud should your data be compromised in a data breach.

Learn more about how you can protect yourself online.


Get in Touch

Fill in the form below to tell us your details, and we’ll get started.