The Worrying Uprise of Cybersecurity Breaches

By Bogdan Pătru . 28 July 2024

Tech Writer

Fact-Checked this

The cybersecurity sphere has seen an astounding transformation over the past several years and it’s not all necessarily good. This is especially worrying in an era where confidential data and sensitive information can be accessed relatively easy by malicious actors with the right knowledge and tools.

The worrying uprise of cybersecurity breaches

2024’s main cyber threats include phishing scams, malware attacks, ransomware breaches, data leaks, and identity theft. Both private and corporate actors are affected, with the former being targeted more often for obvious reasons.

More importantly, it appears that cyber threats have increased in severity and frequency despite the cybersecurity niche as a whole witnessing a massive overhaul.

Highlights

2023 recorded 2,365 cyberattacks with little over 343 million victims
The increase in the number of cyberattacks is 72% between 2021 and 2023
Data breaches cost victims $4.5 million on average
With emails being the number one vector for malware attacks, up to 94% of organizations have reported email security breaches in 2023
Despite these high numbers, only 34% of companies admit that they’ve made improvements in the cybersecurity sector following a breach
The average time needed to detect any type of data breach is 118 days
Fewer than 30% of companies have reported using a multi-factor authentication method
Little over 98% of web applications have notable system vulnerabilities, making them prone to breaches, malware attacks, and data theft
30% of companies have reported insufficient funds for the cybersecurity sector
The global spending on cybersecurity has exceeded $1 trillion in 2021, while the cybersecurity market is projected to grow to $300 billion by 2024
95% of all data breaches are due to human error
More than 93% of cybersecurity breaches are financially motivated
More than 53% of victims haven’t changed their passwords in the last year
73% of North American companies use outdated browsers, which translates to notable system vulnerabilities
Even moderate cyberattacks cause 60% of small businesses to close soon after
The US recorded 759% more victims than Canada, with both countries occupying the first and second position, respectively on the list with the highest number of cyberattack victims
The number of jobs in the cybersecurity sector is projected to increase by 32% between 2022 and 2023

As the data shows, most victims are unprepared to deal with the prospect of a cybersecurity breach. The human factor is one of the most glaring vulnerabilities, accounting for more than 95% of all breaches.

This highlights the need for staff reeducation and preparation to minimize the risks associated with human error.

It’s also important to note that cyberattacks have increased both in frequency and sophistication.

From zero-day exploits to malware and ransomware attempts, cyberattacks are multi-faceted and require an equally multi-layered defensive approach.

The Most Notable Cyberattacks in 2023-2024 – Stats and Overview

There are several types of cyberattacks affecting private individuals, corporations, and even governmental institutions.

the-worrying-uprise-of-cybersecurity-breaches-2

The stats regarding their impact and spread are concerning:

Types of Cyberattacks – Stats and Overview
Phishing	Malware	Ransomware	DDoS
74% of account theft begins with phishing	Over 4 million websites are infected with malware at any given time	Successful ransomware breaches have increased by 13% over the last 5 years	Microsoft mitigates approximately 1,700 DDoS attacks every day
There are 4 types of phishing: whaling, spear phishing, vishing, and email phishing	Malware attacks usually cost businesses between $5 million and $13 million	In 2020, there were up to 20 ransomware attacks per second	The US is the recipient of the most DDoS attacks, making up for 45% of the total
The top 3 most targeted companies for phishing scams are Microsoft, Amazon, and Google	Malware attacks increased by 71% between 2016 and 2021	The healthcare and government sectors were the most targeted in 2021	Finance and telecommunications made up 60% of the DDoS attack targets
Phishing attacks usually result in leaked login credentials, stolen financial information, and data breaches	Malware attacks increased by 128% between 2022 and 2023	Close to 60% of consumers state that they will avoid businesses that have suffered ransomware breaches in the past	Between 9 and 19% of DDoS attacks are financially motivated, with the rest of the motives including ideology, politics, and personal motivations
Up to 3.4 billion spam emails are being sent every day as part of phishing attempts	40% of malware attacks result in leaked confidential data	Ransomware attacks qualify as the #1 malware threat	The top 3 DDoS perpetrators for 2023 have been NoName05716, AnonymousSudan, and MysteriousTeam0
Google blocks around 100 million spam emails every day	Iran ranked as the leading target of malware attacks in 2022	The average downtime following a ransomware attack is 21 days	The top countries that host DDoS bots are China, with over 2.1 million, the US, with over 1.8 million, and South Korea, with over 1.3 million

As the table shows, most malware attacks are financially motivated, but not all. Some are ideologically driven or influenced by politics, as is the case with many DDoS attacks linked to the Ruso-Ukrainian war.

Many of these attacks have been perpetrated by pro-Russian organizations, including the notorious Cyber Army of Russia.

According to data, Russia hosts approximately 809, 978 DDoS bots, placing the country 5^th on the list.

The Sectors Most Impacted by Cyberattacks

Cyberattacks impact virtually all industries, depending on their nature and vulnerability. However, some industries are more vulnerable than others, attracting increased attention among cybercriminals.

the-worrying-uprise-of-cybersecurity-breaches-3

Here are a few to consider:

Finance

The financial sector is one of the most targeted, raking up quite worrying stats. These include:

Cyber-breaches have more than doubled in the financial sector between 2016 and 2023, from 14% to 30%
Software vulnerability and phishing scams are the most used types of attacks
Ransomware attacks have a success rate of 64% in the financial sector
Data breaches usually reach $5.85 million on average
More than 63% of financial institutions have reported an increase in cyberattacks
57% of bank executives now consider cybersecurity as their top priority in the current year and moving forward

Healthcare

While the healthcare sector ranks 6^th in terms of the most targeted industries, its nature and structure make every cyberattack a life-or-death situation. Cyberattacks on the healthcare system can easily lead to loss of life.

Starting with 2020, the data breach costs related to the healthcare sector have increased by 53%
The healthcare sector experiences the highest data breach costs, with $10.93 recorded losses for 2023
63% of hospital administrators have stated that they feel unprepared to deal with a cyberattack, regardless of its nature
The healthcare sector uses between 4% and 7% of its budget for cybersecurity, compared to the 15% average for the rest of the industries
More than 93% of healthcare institutions have experienced one data breach incident within the last years, while 57% have experienced more than 5

Manufacturing

The manufacturing sector ranks first in terms of cyberattacks.

In the US alone, there have been 260 data violation incidents in 2023
The attacks have impacted more than 5 million people
The most common type of cyberattack is malware-based, making up for 37% of the total
Lockbit takes the first place as the most active ransomware actor in 2023, targeting the manufacturing sector
Up to 80% of US manufacturing companies expected a cyberattack in 2022 within the following year, an increase from 64% back in 2018

Cybersecurity is a core asset in an era where everybody can access public and even private information, given the right tools and know-how.

Cyberattacks are often perpetrated by specialized individuals or organizations for a variety of reasons, and many of these attacks can prove deadly.

Some attacks are so devastating that the businesses can no longer recover. In light of this ominous status quo, cybersecurity emancipation and education cross-industry appear to be a must.

Sources

Cybersecurity Stats: Facts And Figures You Should Know – Forbes
131 Cyber Security Statistics: 2024 Trends and Data – Terranova Security
Distribution of cyberattacks across worldwide industries in 2023 – Statista
These sectors are top targets for cybercrime, and other cybersecurity news to know this month – WeForum

Author, Creative Writer, and Tech-Geek Bogdan has followed his passion for the digital world ever since he got his hands on his first PC. After years of accumulating knowledge and experience, the good Samaritan in him whispered to him one day about the virtue of sharing that knowledge with those who needed it. It was in 2014 when that idea would grow into a life-defining passion. One that keeps driving him to this day.

Cookie	Duration	Description
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	1 year	The GDPR Cookie Consent plugin sets the cookie to store whether or not the user has consented to use cookies. It does not store any personal data.
wpEmojiSettingsSupports	session	WordPress sets this cookie when a user interacts with emojis on a WordPress site. It helps determine if the user's browser can display emojis properly.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_UA-*	1 minute	Google Analytics sets this cookie for user behaviour tracking.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
_omappvp	1 year 1 month 4 days	The _omappvp cookie is set to distinguish new and returning users and is used in conjunction with _omappvs cookie.
_omappvs	20 minutes	The _omappvs cookie, used in conjunction with the _omappvp cookies, is used to determine if the visitor has visited the website before, or if it is a new visitor.