Phishing, ransomware, and business malware have been the most widespread types of cyberattacks in the United States, resulting in data compromises. In 2024, 455 cases of phishing and its variations were detected. Ransomware followed in the second place, with 188 attacks.

In 2022, around 480,000 incidents of cyberattacks were reported in the United States. The figure has gradually increased since 2016, when approximately 250,000 cyberattacks were registered nationwide. The number saw an uptick in 2020, reaching 540,000.

In 2024, manufacturing saw the highest share of cyberattacks among the leading industries worldwide. During the examined year, manufacturing companies encountered more than a quarter of the total cyberattacks. Organizations in the finance and insurance followed, with around 23 percent. Professional, business, and consumer services ranked third, with 18 percent of reported cyberattacks. Manufacturing industry and cyberattacks The industry of manufacturing has been in the center of cyberattacks in a long time. The share of cyberattacks targeting organizations in this sector in 2018 was at 10 percent, while in 2024, it amounted to 26 percent. The situation is even more compliacted when we look at the cyber vulnerabilities found in this sector. In 2024, critical vulnerabilities in manufacturing companies lasted 205 days on average. IT perspective and prevention With recent technology developments, cybersecurity is crucial to an organization’s success. Realizing this, companies have been gradually increasing cybersecurity investments. Thus, in 2024, the cybersecurity budget worldwide was forecast to increase to nearly 283 billion U.S. dollars. Roughly nine in ten board directors of companies worldwide in professional services and media and entertainment industries say they expect an increase in the cybersecurity budget.

More than *** million cyberattacks were reported across India in 2022. This was a significant increase compared to 2019. The country was among the top **** with the most number of cybersecurity incidents that year. Furthermore, India ranked ***** in terms of internet user numbers.

In 2023, organizations in the education and research sector saw the highest average weekly number of cyberattacks. The industry registered 2,046 cyberattacks, down from 2,314 in 2022. Government and military entities ranked second, with 1,598 weekly cyberattacks on average, while healthcare followed, with detected 1,500 incidents.

In 2023, there were ***** reported cyber incidents in the financial industry worldwide, up from ***** in the preceding year. Coherently, the number of data breaches increased within the last two examined years, going from *** in 2021 to ***** in 2023. Overall, 2023 saw the most significant number of cyber incidents since 2013.

In 2023, ransomware was the most frequently detected cyberattack worldwide, with around 70 percent of all detected cyberattacks. Network breaches ranked second, with almost 19 percent of the detections. Although less frequently, data exfiltration was also among the detected cyberattacks.

The global indicator 'Estimated Cost of Cybercrime' in the cybersecurity market was forecast to continuously increase between 2024 and 2029 by in total *** trillion U.S. dollars (+***** percent). After the eleventh consecutive increasing year, the indicator is estimated to reach ***** trillion U.S. dollars and therefore a new peak in 2029. Notably, the indicator 'Estimated Cost of Cybercrime' of the cybersecurity market was continuously increasing over the past years. Ransomware and manufacturing industry Cyberattacks remain a significant challenge for organizations worldwide, sectors such as manufacturing, finance, and insurance were the most affected by these attacks. Among the various types of cyber threats, ransomware was the most frequently detected, accounting for around ** percent of all incidents. The manufacturing industry, in particular, faced the highest number of ransomware attacks, making it the most targeted sector globally. Cybersecurity awareness and investments Organizations worldwide became increasingly aware of the dangers posed by cyberattacks, approximately ** percent of internet users became familiar terms such as with "ransomware." In response to these threats, companies invested more in cybersecurity. In 2024, the average annual increase in IT security budgets was expected to reach *** percent. In fact, for companies worldwide, enhancing the cyber resilience of their cybersecurity teams was the top spending priority in 2023.

In 2022, over *** thousand cyber attacks have been recorded in China. The cost of internet crimes reached *** billion U.S. dollars in the same year. According to the forecasts, the costs were projected to reach *** trillion U.S. dollars by 2028.

In the fiscal year 2023, the number of cybersecurity incident reports by federal agencies in the United States was over 32 thousand, around five percent increase from the previous year. This number includes reportings by both CFO and non-CFO Act agencies.

According to a survey conducted among IT security professionals worldwide, an increase in cyber attacks since the COVID-19 pandemic has been mostly seen in the area of data exfiltration and leakage. This includes unauthorized removal or transfer of data from a device, either by a perpetrator or malware. Phishing emails were also increasingly encountered by **** of the respondents.

In 2023, nearly nine million cases of phishing scams were registered worldwide, making it the most frequently reported type of cybercrime. Personal data breach ranked second, with 1.66 million incidents, followed by 1.5 million non-payment/non-delivery cases.

In the first half of 2022, there were over 6.6 thousand cyber attacks recorded in Vietnam. In the year before, the number of cyber attacks in the country reached almost ten thousand. Vietnam is among the countries with the most internet and social network users in the world.

As of 2023, multipurpose malware, which includes banking Trojans and botnets, was the most frequently reported category of cyberattack across all global regions. This type of malware accounted for ** percent of globally reported attacks and ** percent of attacks in the Asia-Pacific (APAC) region. Infostealers ranked second, recording the highest percentage in the APAC region at ** percent. Among the reported categories, mobile attacks had the lowest share across all regions worldwide, ranging from **** to ***** percent.

Between the first quarter of 2023 and the third quarter of 2024, the number of records exposed in data breaches in the United States decreased significantly. In the most recent measured period, over 93.7 million records were reported as leaked, down from around 116 million in the previous quarter.

In 2023, the most common type of cyber crime reported to the United States internet Crime Complaint Center was phishing and spoofing, affecting approximately 298 thousand individuals. In addition, over 55 thousand cases of personal data breaches cases were reported to the IC3 during that year. Dynamic of phishing attacks Over the past few years, phishing attacks have increased significantly. In 2023, almost 300 thousand individuals fell victim to such attacks. The highest number of phishing scam victims since 2018 was recorded in 2021, approximately 324 thousand.Phishing attacks can take many shapes. Bulk phishing, smishing, and business e-mail compromise (BEC) are the most common types. In 2023, 76 percent of the surveyed worldwide organizations reported encountering bulk phishing attacks, while roughly three in four were targeted by smishing scams. Impact of phishing attacks Among the most targeted industries by cybercriminals are healthcare, financial, manufacturing, and education institutions. An observation carried out in the first quarter of 2023 found that social media was most likely to encounter phishing attacks. According to the reports, almost a quarter of them stated being targeted by a phishing scam in the measured period. Very often, phishing e-mails contain a crucial risk for the organization. Almost three in ten worldwide organizations that have experienced phishing attacks suffered from a customer or a client data breach as a consequence. Phishing scams that delivered ransomware infections were also common for the surveyed organizations.

In 2024, the number of data compromises in the United States stood at 3,158 cases. Meanwhile, over 1.35 billion individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. In 2024 the financial services, healthcare, and professional services were the three industry sectors that recorded most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw decrease. Largest data exposures worldwide In 2020, an adult streaming website, CAM4, experienced a leakage of nearly 11 billion records. This, by far, is the most extensive reported data leakage. This case, though, is unique because cyber security researchers found the vulnerability before the cyber criminals. The second-largest data breach is the Yahoo data breach, dating back to 2013. The company first reported about one billion exposed records, then later, in 2017, came up with an updated number of leaked records, which was three billion. In March 2018, the third biggest data breach happened, involving India’s national identification database Aadhaar. As a result of this incident, over 1.1 billion records were exposed.

In the fiscal year 2023, the U.S. government encountered ***** e-mail or phishing attacks. The majority of these attacks targeted CFO act agencies. Attacks that occurred due to a violation of an organization's acceptable usage by an authorized user, excluding mentioned categories, amounted to over ****** cases.

Mobile devices connected to the internet are vulnerable to targeted attacks and security threats. In December 2023, the number of global mobile cyberattacks was approximately 5.4 million, up by 147 percent compared to December 2022. Cyberattacks targeting mobile devices have been decreasing since the end of 2020, after experiencing an annual peak of almost 6.4 million in October 2020. Mobile concerns: Smishing While mobile operating systems come with vulnerabilities requiring patching and regular maintenance, watchful usage can reduce the risk for users of incurring security threats. Smishing attacks are especially reliant on users’ accidental mistakes or naivety. Smishing, or SMS phishing, uses text messages to lure users into accessing fake websites requesting personal data, or into clicking on malicious download links that could infect the device with malware. In the first quarter of 2024, AdWare and RiskTool were the most encountered types of mobile malware worldwide, while Trojan malware accounted for 11 percent of the total. Smishing attacks do not interest regular users alone, but can also target organizations and professionals. In 2023, it was found that the share of IT professionals and organizations targeted by smishing attacks was at 75 percent. Mobile app privacy According to a survey of global consumers carried out in August 2021, both Android and iOS users appeared equally keen to stop using an app if their privacy expectations were not met. Mobile apps have to collect different types of data for functionality purposes, including app diagnostic and device data for location-based services. However, mobile apps also collect other types of more personal user data, such as search history, browsing history, health data, and financial information. The data can be then used by the company that collected them in the first place (1st party data), or with entities that do not have a direct relationship with the users, and obtain data from the main tracking source (3rd party data). Social media apps, like other app categories, rely on acquiring 3rd party data from users for their advertisement business. As of February 2022, TikTok was found to have the highest number of potential 3rd party trackers, followed by Telegram, and Twitter.

In 2022, there were more than ****** cases of recorded cyberattacks in Malaysia, a slight decrease from around ****** attacks in 2021. The number of cyberattacks in the country has been increasing in the last four years.