• Home
  • Security
  • The Worrying Uprise of Cybersecurity Breaches

The Worrying Uprise of Cybersecurity Breaches

Bogdan Pătru

By Bogdan Pătru . 28 July 2024

Tech Writer

Alex Popa

Fact-Checked this

The cybersecurity sphere has seen an astounding transformation over the past several years and it’s not all necessarily good. This is especially worrying in an era where confidential data and sensitive information can be accessed relatively easy by malicious actors with the right knowledge and tools.

The worrying uprise of cybersecurity breaches

2024’s main cyber threats include phishing scams, malware attacks, ransomware breaches, data leaks, and identity theft. Both private and corporate actors are affected, with the former being targeted more often for obvious reasons.

More importantly, it appears that cyber threats have increased in severity and frequency despite the cybersecurity niche as a whole witnessing a massive overhaul.

Highlights

  • 2023 recorded 2,365 cyberattacks with little over 343 million victims
  • The increase in the number of cyberattacks is 72% between 2021 and 2023
  • Data breaches cost victims $4.5 million on average
  • With emails being the number one vector for malware attacks, up to 94% of organizations have reported email security breaches in 2023
  • Despite these high numbers, only 34% of companies admit that they’ve made improvements in the cybersecurity sector following a breach
  • The average time needed to detect any type of data breach is 118 days
  • Fewer than 30% of companies have reported using a multi-factor authentication method
  • Little over 98% of web applications have notable system vulnerabilities, making them prone to breaches, malware attacks, and data theft
  • 30% of companies have reported insufficient funds for the cybersecurity sector
  • The global spending on cybersecurity has exceeded $1 trillion in 2021, while the cybersecurity market is projected to grow to $300 billion by 2024
  • 95% of all data breaches are due to human error
  • More than 93% of cybersecurity breaches are financially motivated
  • More than 53% of victims haven’t changed their passwords in the last year
  • 73% of North American companies use outdated browsers, which translates to notable system vulnerabilities
  • Even moderate cyberattacks cause 60% of small businesses to close soon after
  • The US recorded 759% more victims than Canada, with both countries occupying the first and second position, respectively on the list with the highest number of cyberattack victims
  • The number of jobs in the cybersecurity sector is projected to increase by 32% between 2022 and 2023

As the data shows, most victims are unprepared to deal with the prospect of a cybersecurity breach. The human factor is one of the most glaring vulnerabilities, accounting for more than 95% of all breaches.

This highlights the need for staff reeducation and preparation to minimize the risks associated with human error.

It’s also important to note that cyberattacks have increased both in frequency and sophistication.

From zero-day exploits to malware and ransomware attempts, cyberattacks are multi-faceted and require an equally multi-layered defensive approach.

The Most Notable Cyberattacks in 2023-2024 – Stats and Overview

There are several types of cyberattacks affecting private individuals, corporations, and even governmental institutions.

the-worrying-uprise-of-cybersecurity-breaches-2

The stats regarding their impact and spread are concerning:

     Types of Cyberattacks – Stats and Overview

Phishing Malware Ransomware DDoS
74% of account theft begins with phishing Over 4 million websites are infected with malware at any given time Successful ransomware breaches have increased by 13% over the last 5 years Microsoft mitigates approximately 1,700 DDoS attacks every day
There are 4 types of phishing: whaling, spear phishing, vishing, and email phishing Malware attacks usually cost businesses between $5 million and $13 million In 2020, there were up to 20 ransomware attacks per second

 

The US is the recipient of the most DDoS attacks, making up for 45% of the total
The top 3 most targeted companies for phishing scams are Microsoft, Amazon, and Google Malware attacks increased by 71% between 2016 and 2021 The healthcare and government sectors were the most targeted in 2021 Finance and telecommunications made up 60% of the DDoS attack targets
Phishing attacks usually result in leaked login credentials, stolen financial information, and data breaches Malware attacks increased by 128% between 2022 and 2023 Close to 60% of consumers state that they will avoid businesses that have suffered ransomware breaches in the past Between 9 and 19% of DDoS attacks are financially motivated, with the rest of the motives including ideology, politics, and personal motivations
Up to 3.4 billion spam emails are being sent every day as part of phishing attempts 40% of malware attacks result in leaked confidential data Ransomware attacks qualify as the #1 malware threat The top 3 DDoS perpetrators for 2023 have been NoName05716, AnonymousSudan, and MysteriousTeam0
Google blocks around 100 million spam emails every day Iran ranked as the leading target of malware attacks in 2022 The average downtime following a ransomware attack is 21 days The top countries that host DDoS bots are China, with over 2.1 million, the US, with over 1.8 million, and South Korea, with over 1.3 million

As the table shows, most malware attacks are financially motivated, but not all. Some are ideologically driven or influenced by politics, as is the case with many DDoS attacks linked to the Ruso-Ukrainian war.

Many of these attacks have been perpetrated by pro-Russian organizations, including the notorious Cyber Army of Russia.

According to data, Russia hosts approximately 809, 978 DDoS bots, placing the country 5th on the list.

The Sectors Most Impacted by Cyberattacks

Cyberattacks impact virtually all industries, depending on their nature and vulnerability. However, some industries are more vulnerable than others, attracting increased attention among cybercriminals.

the-worrying-uprise-of-cybersecurity-breaches-3

Here are a few to consider:

Finance

The financial sector is one of the most targeted, raking up quite worrying stats. These include:

  • Cyber-breaches have more than doubled in the financial sector between 2016 and 2023, from 14% to 30%
  • Software vulnerability and phishing scams are the most used types of attacks
  • Ransomware attacks have a success rate of 64% in the financial sector
  • Data breaches usually reach $5.85 million on average
  • More than 63% of financial institutions have reported an increase in cyberattacks
  • 57% of bank executives now consider cybersecurity as their top priority in the current year and moving forward

Healthcare

While the healthcare sector ranks 6th in terms of the most targeted industries, its nature and structure make every cyberattack a life-or-death situation. Cyberattacks on the healthcare system can easily lead to loss of life.

  • Starting with 2020, the data breach costs related to the healthcare sector have increased by 53%
  • The healthcare sector experiences the highest data breach costs, with $10.93 recorded losses for 2023
  • 63% of hospital administrators have stated that they feel unprepared to deal with a cyberattack, regardless of its nature
  • The healthcare sector uses between 4% and 7% of its budget for cybersecurity, compared to the 15% average for the rest of the industries
  • More than 93% of healthcare institutions have experienced one data breach incident within the last years, while 57% have experienced more than 5

Manufacturing

The manufacturing sector ranks first in terms of cyberattacks.

  • In the US alone, there have been 260 data violation incidents in 2023
  • The attacks have impacted more than 5 million people
  • The most common type of cyberattack is malware-based, making up for 37% of the total
  • Lockbit takes the first place as the most active ransomware actor in 2023, targeting the manufacturing sector
  • Up to 80% of US manufacturing companies expected a cyberattack in 2022 within the following year, an increase from 64% back in 2018

Cybersecurity is a core asset in an era where everybody can access public and even private information, given the right tools and know-how.

Cyberattacks are often perpetrated by specialized individuals or organizations for a variety of reasons, and many of these attacks can prove deadly.

Some attacks are so devastating that the businesses can no longer recover. In light of this ominous status quo, cybersecurity emancipation and education cross-industry appear to be a must.

Leave a Comment