In 2023, ransomware was the most frequently detected cyberattack worldwide, with around 70 percent of all detected cyberattacks. Network breaches ranked second, with almost 19 percent of the detections. Although less frequently, data exfiltration was also among the detected cyberattacks.

Editor’s Choice

• The Global Cyber Security Market size is expected to be worth around USD 533.9 Billion by 2032 from USD 193 Billion in 2023, growing at a CAGR of 11% during the forecast period from 2022 to 2032.
• Every 39 seconds there's an attack by hackers.
• Healthcare is still the most targeted victim of ransomware attacks.
• 92% of malware was distributed via email.
• 4.1 million websites are infected by malware at any moment.
• 49 days is the standard amount of time needed to spot a ransomware infection.
• A total of $29M was snatched from the fintech firm by hackers.
• 97% of security breaches are caused by WordPress plugins.
• A total of $3 billion in cryptocurrency was stolen during hacks that have been ongoing to this day.
• 66% of CIOs have said they intend to increase their investment in cybersecurity.
• The statistics on cybersecurity for remote work indicate that 74% of IT experts believe that it is an extreme risk to cybersecurity.

(Source: Tripwire)

In 2023, network intrusion was the most common type of cybercrime attack experienced by companies in the United States, accounting for ** percent of incidents. Business e-mail compromise (BEC) ranked second, with ** percent of data security incidents in U.S. companies. A further ** percent of companies reported having encountered inadvertent disclosure.

The average cyber attack takes 280 days to identify and contain and it costs an average of about $3.86 million to deal with properly.

Did the COVID-19 pandemic really affect cybersecurity? Short answer – Yes. Cybercrime is up 600% due to COVID-19.

In 2023, the most common cause or delivery of cyber attacks in the United States was Unpatched vulnerability, encountered by 23 percent of companies nationwide. Root cause unknown was the second most common origin of cyber attacks, with 22 percent of the attacks. Phishing and various types of human error were also likely to cause a cyber attack in the examined year.

These cybersecurity statistics will help you understand the state of online security and give you a better idea of what it takes to protect yourself.

Phishing, ransomware, and business malware have been the most widespread types of cyberattacks in the United States, resulting in data compromises. In 2025, 466 cases of phishing and its variations were detected. Ransomware followed in second place with 143 attacks. The total number of such cyberattacks in the U.S. in 2025 was measured at 2,656.

Some industries are affected by cyber attacks more than others. These next cybersecurity statistics detail specifically who is affected by cyber-attacks and why they are.

Pay attention to the following cybersecurity statistics to learn how to protect yourself from attacks.

A 2022 survey of working adults and IT professionals worldwide revealed that bulk phishing attacks were the most common cyber incidents experienced by ** percent of organizations in 2022. Spear phishing ranked second, with ***** in **** respondents stating having encountered such incidents during the same year. Overall, between 2021 and 2022, there has been a decrease in the most common types of attacks.

Mobile devices connected to the internet are vulnerable to targeted attacks and security threats. In December 2023, the number of global mobile cyberattacks was approximately 5.4 million, up by 147 percent compared to December 2022. Cyberattacks targeting mobile devices have been decreasing since the end of 2020, after experiencing an annual peak of almost 6.4 million in October 2020. Mobile concerns: Smishing While mobile operating systems come with vulnerabilities requiring patching and regular maintenance, watchful usage can reduce the risk for users of incurring security threats. Smishing attacks are especially reliant on users’ accidental mistakes or naivety. Smishing, or SMS phishing, uses text messages to lure users into accessing fake websites requesting personal data, or into clicking on malicious download links that could infect the device with malware. In the first quarter of 2024, AdWare and RiskTool were the most encountered types of mobile malware worldwide, while Trojan malware accounted for 11 percent of the total. Smishing attacks do not interest regular users alone, but can also target organizations and professionals. In 2023, it was found that the share of IT professionals and organizations targeted by smishing attacks was at 75 percent. Mobile app privacy According to a survey of global consumers carried out in August 2021, both Android and iOS users appeared equally keen to stop using an app if their privacy expectations were not met. Mobile apps have to collect different types of data for functionality purposes, including app diagnostic and device data for location-based services. However, mobile apps also collect other types of more personal user data, such as search history, browsing history, health data, and financial information. The data can be then used by the company that collected them in the first place (1st party data), or with entities that do not have a direct relationship with the users, and obtain data from the main tracking source (3rd party data). Social media apps, like other app categories, rely on acquiring 3rd party data from users for their advertisement business. As of February 2022, TikTok was found to have the highest number of potential 3rd party trackers, followed by Telegram, and Twitter.

Overview

The RT-IoT2022, a proprietary dataset derived from a real-time IoT infrastructure, is introduced as a comprehensive resource integrating a diverse range of IoT devices and sophisticated network attack methodologies. This dataset encompasses both normal and adversarial network behaviours, providing a general representation of real-world scenarios. Incorporating data from IoT devices such as ThingSpeak-LED, Wipro-Bulb, and MQTT-Temp, as well as simulated attack scenarios involving Brute-Force SSH attacks, DDoS attacks using Hping and Slowloris, and Nmap patterns, RT-IoT2022 offers a detailed perspective on the complex nature of network traffic. The bidirectional attributes of network traffic are meticulously captured using the Zeek network monitoring tool and the Flowmeter plugin. Researchers can leverage the RT-IoT2022 dataset to advance the capabilities of Intrusion Detection Systems (IDS), fostering the development of robust and adaptive security solutions for real-time IoT networks.

Introductory Paper Quantized autoencoder (QAE) intrusion detection system for anomaly detection in resource-constrained IoT devices using RT-IoT2022 dataset By B. S. Sharmila, Rohini Nagapadma. 2023 Published in Cybersecurity

Variable Table available here: https://archive.ics.uci.edu/dataset/942/rt-iot2022

Column Details: id.orig_p id.resp_p proto service flow_duration fwd_pkts_tot bwd_pkts_tot fwd_data_pkts_tot bwd_data_pkts_tot fwd_pkts_per_sec bwd_pkts_per_sec flow_pkts_per_sec down_up_ratio fwd_header_size_tot fwd_header_size_min fwd_header_size_max bwd_header_size_tot bwd_header_size_min bwd_header_size_max flow_FIN_flag_count flow_SYN_flag_count flow_RST_flag_count fwd_PSH_flag_count bwd_PSH_flag_count flow_ACK_flag_count fwd_URG_flag_count bwd_URG_flag_count flow_CWR_flag_count flow_ECE_flag_count fwd_pkts_payload.min fwd_pkts_payload.max fwd_pkts_payload.tot fwd_pkts_payload.avg fwd_pkts_payload.std bwd_pkts_payload.min bwd_pkts_payload.max bwd_pkts_payload.tot bwd_pkts_payload.avg bwd_pkts_payload.std flow_pkts_payload.min flow_pkts_payload.max flow_pkts_payload.tot flow_pkts_payload.avg flow_pkts_payload.std fwd_iat.min fwd_iat.max fwd_iat.tot fwd_iat.avg fwd_iat.std bwd_iat.min bwd_iat.max bwd_iat.tot bwd_iat.avg bwd_iat.std flow_iat.min flow_iat.max flow_iat.tot flow_iat.avg flow_iat.std payload_bytes_per_second fwd_subflow_pkts bwd_subflow_pkts fwd_subflow_bytes bwd_subflow_bytes fwd_bulk_bytes bwd_bulk_bytes fwd_bulk_packets bwd_bulk_packets fwd_bulk_rate bwd_bulk_rate active.min active.max active.tot active.avg active.std idle.min idle.max idle.tot idle.avg idle.std fwd_init_window_size bwd_init_window_size fwd_last_window_size Attack_type

Class Labels

The Dataset contains both Attack patterns and Normal Patterns. Attacks patterns Details: 1. DOS_SYN_Hping------------------------94659 2. ARP_poisioning--------------------------7750 3. NMAP_UDP_SCAN--------------------2590 4. NMAP_XMAS_TREE_SCAN--------2010 5. NMAP_OS_DETECTION-------------2000 6. NMAP_TCP_scan-----------------------1002 7. DDOS_Slowloris------------------------534 8. Metasploit_Brute_Force_SSH---------37 9. NMAP_FIN_SCAN---------------------28 Normal Patterns Details:

1. MQTT -----------------------------------8108
2. Thing_speak-----------------------------4146
3. Wipro_bulb_Dataset-------------------253

As of April 2023, ** percent of respondents from the AMER (North, Central, and South America) region stated that their company perceived cyber attacks as an important threat. Overall, ** percent of respondents worldwide stated that their company was threatened by cyber attacks.

Revenue in the cybersecurity industry worldwide reached $146.32 billion in 2022.

Introduction

Cyber Insurance Statistics: Cyber insurance is a form of coverage that safeguards individuals and businesses against financial losses from cyberattacks and data breaches.

In today's interconnected digital world, where cyber threats like hacking, malware, and ransomware are ever-present, having cyber insurance is crucial.

This insurance protects data breach expenses, ransomware incidents, and business interruption. Cyber extortion, data restoration, liability claims, regulatory fines, and crisis management.

The specifics of coverage and costs can vary, but cyber insurance is an essential component of a comprehensive risk management strategy in an era where cybersecurity threats evolve.

Helping organizations recover faster and minimize the financial and reputational damage caused by cyber incidents.

https://scoop.market.us/wp-content/uploads/2023/10/Cybersecurity-Insurance-Statistics.png" alt="Cybersecurity Insurance Statistics" class="wp-image-38250" style="aspect-ratio:1.0014749262536873;width:531px;height:auto">

The dataset "Cybersecurity Cases in India" is a comprehensive collection of real-world cybersecurity incidents reported across various cities in India. The dataset encapsulates the financial loss, incident types, and categories, providing a detailed overview of the cybercrime landscape in one of the world’s largest digital economies. With over 1000 records, it spans incidents from 2020 to 2024, covering various types of cybercrimes such as phishing, online fraud, malware attacks, ransomware, data breaches, DDoS attacks, identity theft, and more. Each record captures important attributes of the incidents, such as the year, date of occurrence, amount lost in INR, the type of incident, the city in which it occurred, and the category of the affected entity (e.g., financial, personal, corporate).

The dataset is structured to enable analysis of the trends in cybercrime over time, the financial impact of various cyberattacks, and the geographic distribution of incidents across Indian cities. It serves as a critical resource for cybersecurity professionals, policymakers, law enforcement agencies, and academic researchers seeking to understand the challenges posed by cybercrime in India and to identify strategies to combat these challenges.

1. Dataset Purpose and Scope

The dataset’s primary purpose is to provide an extensive, granular view of the nature and scope of cybersecurity incidents in India. It enables the analysis of the frequency, severity, and financial impact of cybercrimes across different types of attacks, cities, and time periods. As cybercrimes continue to rise globally, including in India, this dataset serves as an important tool for understanding the evolving threats and risks in cyberspace. Cybersecurity experts and analysts can leverage this dataset to identify patterns and trends, while government and law enforcement agencies can use it to devise more targeted interventions and preventive measures.

India, with its large and growing digital footprint, is a prime target for cybercriminals. The country's rapidly expanding internet user base, coupled with increasing digital adoption in various sectors like finance, healthcare, education, and e-commerce, makes it an attractive target for cyberattacks. This dataset allows stakeholders to understand how cybercrime evolves in response to these dynamics.

The dataset is a rich resource for understanding the following:

• Incident Frequency: How often different types of cybercrimes are reported in various Indian cities.
• Financial Impact: The monetary losses associated with each type of cybercrime.
• Geographic Distribution: The prevalence of specific types of cybercrimes in particular cities or states.
• Trend Analysis: How cybercrime has evolved over the years in terms of volume and impact.

2. Dataset Structure and Variables

The dataset includes the following key variables, each contributing valuable information to the analysis:

• Year: The year in which the cybercrime incident occurred. This variable helps track the growth or decline of cybercrime incidents over time.
• Date: The specific date of the cybercrime incident. This allows for time-series analysis of the data.
• Amount_Lost_INR: The financial loss associated with the cybercrime incident, expressed in Indian Rupees (INR). This variable highlights the economic impact of each cyberattack and can be used to assess the severity of different incidents.
• Incident_Type: The type of cybercrime incident. This can include phishing, online fraud, malware attacks, ransomware, data breaches, DDoS attacks, and identity theft. This variable is crucial for understanding which types of cybercrimes are most prevalent and how they differ in their impact.
• City: The city where the incident occurred. This allows for the geographic analysis of cybercrime, helping to identify high-risk areas and cities where certain types of cyberattacks are more common.
• Category: The category of the entity affected by the cybercrime, such as financial institutions, government bodies, corporations, educational institutions, or individuals. This variable provides insights into which sectors are more vulnerable to specific types of cyberattacks.

3. Cybersecurity Threat Landscape in India

India's digital transformation has made it a prime target for cybercriminals. As of 2023, India is one of the largest internet markets in the world, with over 600 million active internet users. The rapid growth of e-commerce, digital banking, social media, and government services has created new opportunities for cybercriminals to exploit vulnerabilities in digital systems. According to a 2022 report by the Indian Computer Emergency Response Team (CERT-In), India witnessed a significant increase in cybersecurity incidents, with millions of cyberattacks targeting individuals, b...

Over 95% of cybersecurity breaches occur as a result of human error.