Cybercrime Stats: Annual Financial Losses in the US Between 2001 – 2022

Alex Popa

By Alex Popa . 22 November 2023

Cybersecurity Journalist

Miklos Zoltan

Fact-Checked this

Cybercrime is very costly in the US, both to individuals and businesses. But exactly how costly, though?

That’s what I set out to discover in this article.

Statista gives us a precise measurement of the financial damages incurred during the 2001-2022 period in the US.

Here it is:

Year Financial Losses % Change from Previous Period
2001 $17.8 million
2002 $54 million +203.07%
2003 $125.6 million +132.59%
2004 $68.1 million -45.7%
2005 $183.1 million +168.86%
2006 $198.4 million +8.35%
2007 $239.1 million +20.5%
2008 $264.6 million +10.66%
2009 $559.7 million +111.52%
2011 $485.25 million -13.3%
2012 $581.44 million +19.8%
2013 $781.84 million +34.46%
2014 $800.49 million +2.38%
2015 $1.07 billion +33.66%
2016 $1.45 billion +35.51%
2017 $1.41 billion -2.75%
2018 $2.7 billion +91.48%
2019 $3.5 billion +29.62%
2020 $4.2 billion +20%
2021 $6.9 billion +64.28%
2022 $10.3 billion +49.27%

From 2001 to 2022 (period of 21 years), the financial losses associated with cybercrime have increased by 57765%, from 17.8 million to 10.3 billion.

It’s almost unbelievable to read about it, let alone understand the magnitude of this phenomenon.

In the last four years alone (2018-2022), cybercrime costs have skyrocketed from $2.7 billion to $10.3 billion, a 268% increase.

There seems to be no plateau to how costly cybercrime becomes over the years. That’s not a surprise, though…

Why Does Cybercrime Keeps Getting Costlier in the US?

There are several reasons why cybercrime-related financial losses keep increasing with each passing year:

1. It’s More Profitable

Profit is the only true predictor of cybercrime.

And there’s no doubt that with each passing year, there are more profits to be made from cybercrime.

There is more valuable data to be stolen, more businesses to hack, and more money to be made.

A recent FBI report reveals that 847,376 internet crime complains were filed in 2021, the most prominent ones being phishing scams, personal data breaches, and non-payment/non-delivery scams.

According to a study by AtlasVPN, cybercriminals make around $1.5 trillion annually from cybercrime. That’s three times what Walmart makes per year.

In fact, $1.5 trillion is more than the revenue of Apple, Facebook, Amazon, Microsoft, and Tesla combined for 2019 ($761 billion).

According to our Dark Web Price Index:

  • ING bank account logins (verified account) cost $4,225
  • Switzerland online banking logins cost $2,200
  • A hacker Twitter account costs $20
  • A hacked Gmail account costs $60
  • A hacked AirBNB.com verified account costs $300
  • An Indiana ID costs $200

And this is just the tip of the iceberg regarding data theft.

Imagine how much valuable corporate info is sold online: technology patents, security vulnerabilities, private data on business partners, sensitive info about executives, etc.

According to the Commerce Institute, around 5 million new businesses were created in 2022. On average, 4.4 million businesses are created each year.

More businesses means there are more targets for hackers because there’s more data to be stolen and sold.

2. Cybercrime-as-a-Service

Cybercrime-as-a-Service is the ability to buy malware or ransomware and then use it as-is. Or you can order a DDoS on a company.

It’s not a recent phenomenon but it has evolved significantly in these past years.

Now, anyone can engage in cybercrime because you no longer need to create your own malware.

You can buy it as-is and use social engineering to infect an individual’s device or a server network. Steal the data, sell it, profit.

Objectively speaking, it’s one of the most profitable (illegal) things you can do. And it’s also fairly easy to accomplish.

According to the same AtlasVPN report, cybercrime-as-a-service brings around $1.6 billion per year.

And according to our Dark Web Price Index:

  • A premium-quality malware for 1,000 installs costs $4,500 in 2023
  • An Android malware for 1,000 installs costs $650 in 2023
  • A DDoS attack on an unprotected website (10-50,000 requests per second), for an entire month, costs $750 in 2023
  • A DDoS attack on a premium protected website (20-50k requests per second), multiple elite proxies, for 24 hours, costs $170 in 2023
  • A DDoS attack on an unprotected site (10-50,000 requests per second), for an hour, costs $10

This last one hits hard. For only $10, you can order a full-scale DDoS attack on an unprotected site and stop their operations for one hour.

A pint of beer costs $7.52 in New York, just to make a point.

3. Emerging Cybercrime Methods

As technology advances, so too does cybercrime. Think about it – every technology can be exploited. More technologies lead to more end-points to exploit.

This applies to software, websites, platforms, and even entire ecosystems like the blockchain.

Here are a few emerging cybercrime methods that have appeared recently due to advancements in technology:

  • Cryptojacking, which uses your computer to mine cryptocurrencies without your knowledge. The mining software is installed through a malware or phishing attempt
  • IoT Attacks. The Internet-of-Things ecosystem is a ticking bomb waiting to blow up in our faces. As much comfort as it brings, it makes your entire livelihood more vulnerable than ever before. Hackers can exploit IoT devices and spread through the network with unprecedented speed
  • Zero-Day Attacks. The idea behind a zero-day vulnerability is that every new technology needs time to mature from a security standpoint. Upon release, it will have vulnerabilities in 99% of cases. And hackers almost always discover those vulnerabilities before a patch comes out

Here are just three emerging cybercrime methods that are making victims as we speak. Two are brand-new while the last one is constantly evolving and keeping up with the technological advancement.

4. More Data Generated

More data was generated in 2023 alone than in the 2019-2021 period (approximately). Let me illustrate this through a data chart:

Year Data Generated Change from Previous Period
2010 2 zettabytes
2011 5 zettabytes +150% / 3 zettabytes
2012 6.5 zettabytes +30% / 1.5 zettabytes
2013 9 zettabytes +38.46% / 2.5 zettabytes
2014 12.5 zettabytes +38.89% / 3.5 zettabytes
2015 15.5 zettabytes +24% / 3 zettabytes
2016 18 zettabytes +16.13% / 2.5 zettabytes
2017 26 zettabytes +44.44% / 8 zettabytes
2018 33 zettabytes +26.92% / 7 zettabytes
2019 41 zettabytes +24.24% / 8 zettabytes
2020 64.2 zettabytes +55.59% / 23.2 zettabytes
2021 79 zettabytes +23.05% / 14.8 zettabytes
2022 97 zettabytes +22.78% / 18 zettabytes
2023 120 zettabytes +23.71% / 23 zettabytes
2024 147 zettabytes +22.5% / 27 zettabytes
2025 181 zettabytes +23.13% / 34 zettabytes

In 2022, 97 zettabytes of data were generated online. 1 zettabyte is equal to 1 trillion gigabytes or 100 million terabytes.

Windows 10, the most used computer operating system, only takes around 15 gigabytes of storage space.

That’s around 0.00000000149% of 1 zettabyte and 0.0000000000154% of 97 zettabytes.

It’s safe to say that a lot of data was generated in 2022 alone. With each passing year, more data is created every day.

The point I’m making is that there’s more data available to steal or exploit. It’s to be expected that cybercrime keeps growing exponentially.

Where Is Cybercrime in the US Headed?

We have all the reasons to assume that cybercrime will continue growing unchecked, causing more and more victims.

That’s because you can’t stop the flow of data generation and information. You also can’t stop people from creating businesses, software, or new technologies.

Cybercrime is here to stay in the US. It’s the other side of the coin in the technology niche.

What we can do is prevent and fight against cybercrime though:

  • Cybersecurity awareness
  • Cyberthreat awareness
  • Cybersecurity solutions (antimalware, password managers, etc.)
  • Prioritization of data privacy and anonymity

No one has the right to our personal data. And we, as the consumers, have all the rights to our anonymity and data privacy.

We should do our best to maintain our privacy intact, protect our online identities efficiently, and practice common sense when going online.

Cybersecurity Ventures has said in the past year that cybercrime costs are estimated to reach $10.5 trillion by 2025.

There’s no stopping it unless we raise our awareness about online security and be more careful with our data!

Sources

StatistaAnnual Amount of Monetary Damage Caused by Reported Cybercrime in the United States from 2001 to 2022
AtlasVPNCybercrime Annual Revenue is 3 Times Bigger than Walmart’s
GOVTechCyber Crime Is More Costly Than Ever – What Can Be Done?
Identity IQHow Cybercriminals Profit from a Data Breach
PrivacyAffairsDark Web Price Index 2023
Commerce InstituteHow Many New Businesses Are Started Each Year? Data Reveals the Answer
Privacy Affairs Cybersecurity Deep Dive: What Is Cybercrime-as-a-Service?
Privacy AffairsCybersecurity Deep Dive: Everything About DDoS Attacks
Privacy Affairs Have Malware Attacks Become More Common?
Privacy AffairsThe Art of Cyber Deception: Social Engineering in Cybersecurity
Exploding TopicsAmount of Data Created Daily (2023)
Cybersecurity VenturesCybercrime to Cost the World $10.5 Trillion Annually By 2025

Leave a Comment