Latest Cybercrime Statistics (Updated March 2023) | AAG IT Support (2023)

Cyber ​​crime headline statistics

  • Nearly a billion emails were exposed in a single year, affecting 1 in 5 Internet users.
  • Data breaches will cost organizations an average of $4.35 million by 2022.
  • In the first half of 2022, around 236.1 million ransomware attacks were carried out around the world.
  • 1 in 2 US internet users had their accounts compromised in 2021.
  • 39% of UK businesses said they suffered a cyberattack in 2022.
  • Approximately 1 in 10 US businesses are uninsured against cyberattacks.
  • 53.35 US citizens were affected by cybercrime in the first half of 2022.
  • Cybercrime cost UK businesses an average of £4,200 in 2022.
  • In 2020, malware attacks increased by 358% compared to 2019.
  • Phishing is the most common cyber threat faced by businesses and individuals.

Cybercrime Overview

The global cybersecurity landscape has faced increasing threats in recent years. During the pandemic, cybercriminals took advantage of misaligned networks as businesses moved to remote work environments. In 2020, malware attacks increased by 358% compared to 2019.

From here, cyberattacks grew 125% globally through 2021, and cyberattacks continued to threaten businesses and individuals in 2022.

The Russian invasion of Ukraine had a massive impact on the cyber threat landscape. Since the war began, Russia-based phishing attacks targeting email addresses of European and US companies have increased eightfold. Nearly 3.6 million Russian internet users also experienced security breaches in the first quarter of 2022, an 11% increase from the previous quarter.

To protect Ukraine's critical infrastructure from Russian attacks, the UK launched the Ukraine Cyber ​​Program in 2022. The UK mobilized an initial package of £6.35 million in response to increased Russian cyber activities in the immediate aftermath of the invasion of Ukraine. This program provides incident response to protect Ukrainian government agencies from attacks, as well as DDoS protection to allow Ukrainian citizens continuous access to critical information, and firewalls to block attacks.

Phishing remains the most common form of crime online. According to reports, in 2021, 323,972 Internet users fell victim to phishing attacks. This means that half of the users who suffered a data breach fell for a phishing attack.

In 2021, nearly 1 billion emails were leaked, affecting 1 in 5 internet users. This could partly explain the continued prevalence of phishing attacks.

Despite its prevalence, phishing had the least loss to victims. People have lost an average of $136 from phishing attacks. This is well below the average data breach cost of $12,124. visit ourphishing statisticsPage for the latest information on global phishing trends.

In 2022, investment fraud was the costliest form of cybercrime, with an average loss of $70,811 per victim.

It is clear that the rate and cost of data breaches are increasing. Since 2001, the number of victims has increased from 6 victims per hour to 97, an increase of 1517% in 20 years.

Covid-19 has had a significant impact on the number of casualties per hour. Cybercrime statistics for 2019 show the toll per hour was 53. In 2020, the first full year of the pandemic, the toll per hour rose to 90, an increase of 69%.

The average hourly cost of data breaches globally has also increased. In 2001, the average cost per hour for individuals was $2,054. Since then, the hourly loss rate has increased and stood at $787,671 in 2021.

The cost of data breaches to organizations has steadily increased as changes in the workplace and more advanced penetration methods encourage cybercriminals. In 2022, data breaches cost organizations an average of $4.35 million, up from $4.24 million in 2021.

The growing threat to businesses around the world means that more and more companies are taking cybersecurity seriously. 73% of SMEs agree that action on cybersecurity concerns is needed now, and 78% say they will increase their cybersecurity investments in the next 12 months.

One worrying statistic is that 67% of SMBs feel they do not have the internal capabilities to deal with data breaches. However, this problem is alleviated as more SMBs collaborate with managed cybersecurity service providers; 89% as of 2022, up from 74% in 2020.

We work with many industries where compliance and regulation are important factors, providing IT support to law firms and financial services companies, among others. We know that taking cybersecurity seriously has never been more important.

Ransomware attacks continue to pose a serious threat to individuals and organizations, with more advanced attack methods forcing victims to pay. Around 236.1 million ransomware attacks were reported worldwide in the first half of 2022. You can find more information on ourRansomware Statisticspage of book.

Latest Cybercrime Statistics (Updated March 2023) | AAG IT Support (1)

Global Cybercrime Statistics:

  • The UK had the highest number of cybercrime victims per million internet users with 4,783 in 2022, a 40% increase on 2020 figures.
  • The country with the second highest number of victims per million internet users in 2022 was the US with 1,494, a 13% decrease from 2020.
  • 1 in 2 North American internet users had their accounts compromised in 2021.
  • The UK and US have disproportionately higher numbers of cybercrime victims per million internet users compared to other countries: the US had 759% more victims in 2021 than the second highest country, Canada .
  • The Netherlands has seen the largest increase in victims: 50% more than in 2020.
  • Greece has seen the biggest drop in casualties: a 75% drop since 2020.
  • By 2021, there will be an average of 97 data breach victims every hour around the world.
  • In 2021, an average of $787,671 per hour was lost due to data breaches.
  • The best country in the National Cyber ​​Security Index (NCSI) in January 2023 is Greece with a score of 96.10. The countries with the top 5 scores on the NSCI are:
    • Greece (96.10)
    • Lithuania (93.51)
    • Belgium (93.51)
    • Estonia (93,51)
    • Czech Republic (92.21)
  • Between May 2020 and 2021, cybercrime in Asia Pacific increased by 168%. Japan experienced a 40% increase in cyberattacks in May 2021 compared to earlier this year.
  • Between the second and third quarters of 2022, the countries that experienced the largest increase in data breaches were:
    • China (4852%, which is 14,157,775 hacked accounts)
    • Japan (1,423%, which equates to 1,246,373 hacked accounts)
    • South Korea (1007%, which equals 1,669,124 hacked accounts)
  • The countries with the largest decrease in data breaches between the second and third quarters of 2022 are:
    • Sri Lanka (-99%, representing 1,440,432 fewer hacked accounts)
    • Myanmar (-82%, representing 17,887 fewer hacked accounts)
    • Iraq (-78%, representing 16,113 fewer hacked accounts)
  • Q3 2022 saw a 70% increase in account breaches compared to Q2.
    • 108.9 million accounts were compromised between July and September 2022.
    • This equates to 14 leaked accounts every second.
  • 76% of respondents in a 2022 case study spanning the US, Canada, UK, Australia and New Zealand said their organization suffered at least 1 cyberattack this year. This is a huge increase from 55% in 2020.
  • According to the same study, only 30% have cyber insurance, and 69% fear that a successful cyberattack could bankrupt the SME entirely.
  • In 2021, Asian organizations suffered the most attacks in the world. The percentage of attacks on organizations by continent in 2021 is as follows:
    • Asia (26%)
    • Europa (24%)
    • North America (23%)
    • Middle East and Africa (14%)
    • Latin America (13%)
  • In 2021, there were some differences in the attack types used in attacking organizations:
    • In Asia, server access was the leading type of attack, accounting for 20% of observed attacks. This surpassed ransomware (11%) and data theft (10%).
    • In Europe, ransomware was the leading type of attack, accounting for 26% of attacks on the continent. Server access attacks (12%) and data theft (10%) were the second most common types of attacks.
    • Ransomware was also the top attack type in North America, accounting for 30% of attacks. This was ahead of business email attacks (12%) and server access attacks (9%).
    • In the Middle East and Africa, server access was the top type of attack, accounting for 18% of attacks. Server access attacks were also observed in 18% of attacks, followed by misconfiguration (14%).
    • In Latin America, ransomware was the main type of attack, accounting for 29% of attacks. This preceded business email compromise and credential harvesting (both seen in 21% of attacks).
  • The US IC3 division received reports of 24,299 victims of cybercrime. This amounted to more than $956 million in losses.
  • Love and trust scams are rampant in the US: IC3 received reports of 24,299 victims in 2021 with over $956 million in losses.
    • 32% of the victims were over the age of 60, the highest proportion of victims in 2021.
    • 16% were between 50 and 59 years old.
    • Only 2% were under 20 years of age.
  • Sextortion is another widespread problem in the United States. Cybercriminals threaten to release photos, videos, or sensitive information about the victim's sexual activity if their demands are not met.
    • IC3's department received more than 18,000 sextortion-related complaints in 2021. Casualty losses totaled more than $13.6 million.
  • Potential cybercrime losses by individuals in the US in 2022 totaled more than $10.2 billion. This is significantly more than in 2021, when people lost an estimated $6.9 billion. Taking into account that there were 5% fewer complaints in the US in 2022 compared to 2021, this suggests that cybercrime is costing more per victim than the year before.

Cybercrime trends 2022

Supply chain attacks

Supply chains are becoming more connected and complex as technology advances. However, vulnerabilities in a company can expose the partners with whom they are connected. Cyber ​​criminals target these vulnerabilities, and up to 40% of cyber threats now occur indirectly through the supply chain.

Research shows that cybersecurity leaders are burned out and in an "always on" state as digital connections grow and take longer.

Cyber ​​criminals use this fatigue to their advantage. One study found that only 23% of top security companies monitor their partners and vendors for cybersecurity risks in real time. These organizations also limit third-party coverage to their immediate vendors and suppliers. This excludes your broader ecosystem of customers, business partners, investors, and others.

(Video) Cybercrime statistics and trends to look out for in 2023

Awareness of third party risks is increasing. It is estimated that by 2025, 60% of organizations will use cybersecurity risk as a key factor in determining transactions and business relationships with third parties.

Recent research also underscores concerns among C-suite executives about supply chain vulnerabilities. When 900 companies were asked what they thought were the most likely types of cyberattacks targeting their business, 60% responded with supply chain attacks. That's the same as DDoS attacks, ahead of cyber espionage (59%) and APTs (57%), but less than ransomware and data theft (66%).

Atlassian shows the risks within the supply chain. Atlassian products are used by 83% of Fortune 500 companies and are loved by 180,000 customers in more than 190 countries around the world.

However, cybercriminals discovered a serious vulnerability in Atlassian Confluence in June 2022. As mentioned above, Atlassian products are used by some of the largest organizations in the world; The consequences of data leaks could be crippling. Research has revealed that nearly 200,000 businesses rely on organizations potentially affected by the vulnerability.

Internet of Things (IoT) devices

The IoT does not require human interaction to function, making IoT devices great assets in businesses to automate tedious workflows and reduce the chance of errors. The use of sensors and software to collect and process data means that IoT devices offer new ways to create revenue streams and better ways for companies to communicate with partners and customers.

However, these devices are a prime target for cybercrime. GPS trackers, “smart” wearables, and other IoT devices can contain valuable data, and those without strong security software are vulnerable.

This was discovered in the case of MiCODUS. MiCODUS MV720 GPS Tracker is a popular automotive tracking device designed to support vehicle fleet management. It is hardwired into the vehicles and enables anti-theft, fuel cutoff, geofencing and remote control functions.

MiCODUS products are used in 169 countries by the general public, government agencies, the military, law enforcement, and businesses. 6 serious vulnerabilities were found in the MV720. Exploiting these vulnerabilities means attackers can track shipments, cut off fuel for emergency vehicles, or extort ransoms by disabling fleets.

the human element

The human component remains a critical vulnerability for organizations and individuals. 82% of breaches against organizations involved a human element, such as error and social engineering.

Phishing attacks are the most common form of cyber threat, and the most malicious attacks often depend on the success of a malicious first email. Encouraging people to follow a link to a fake website and enter credentials or download malware gives hackers the tools they need to escalate attacks. Serious threats like ransomware can spread from there.

Cybercrime in social networks

The growth of social media in recent years has given cybercriminals another avenue of attack. Meta, the parent company of Facebook, discovered more than 400 malicious iOS and Android apps in 2022 that try to trick mobile users into stealing their Facebook credentials.

43% of these apps were "image editors," including those that allowed the user to transform into a cartoon. Another 15% were "commercial utility" apps that claimed to be able to provide hidden features not found in official apps on legitimate platforms. By creating fake reviews, cybercriminals can artificially inflate their app's ratings and disguise poor reviews that highlight issues. Unsuspecting users then download the app, where they are then prompted to log in via Facebook. All the entered details can be seen by the hacker.

In the second quarter of 2022 alone, Facebook removed 8.2 million pieces of content that violated its policies on bullying and harassment. In the first quarter of 2022, 9.5 million infringing content were removed, the highest number ever removed from the platform.

Cyber ​​criminals will use social media to spy on people and attack scams like B. love to cheat. In this type of scam, the criminal establishes a "relationship" with a target before tricking the hapless victim into sending money, ostensibly for plane tickets, urgent surgery, or some other ruse. In the UK, romance scams cost victims £14.6 million in May 2021 alone. Half of UK romance scam victims in 2021 were women, 39% were men and 11 Final % did not report their gender.

Latest Cybercrime Statistics (Updated March 2023) | AAG IT Support (2)

UK Cyber ​​Crime Statistics:

  • According to NCSI, as of January 2023, the UK ranks:
    • 22nd on the NCSI with a score of 77.92
    • Platz 2 in the Global Cyber ​​Security Index
    • 5th in the ICT Development Index
    • Platz 10 im Network Availability Index
  • In 2022, 39% of UK businesses experienced a cyberattack, the same as in 2021. However, since 2020 this number has decreased (46%).
  • 31% of these companies estimate that they were attacked at least once a week.
  • Cybercrime will cost UK businesses an average of £4,200 in 2021. For medium and large businesses alone, that comes to £19,400.
  • The most common cyber threat facing UK businesses in 2022 is phishing (83% of identified attacks).
  • Cybersecurity is a top priority for 82% of UK company directors or executives. This is an increase from 77% in 2021.
  • As of December 2022, 54% of UK businesses have taken steps to identify cybersecurity risks, up from 52% in 2021. However, the figures for 2022 are down from 64% in 2020.
  • Additionally, only 19% of organizations conduct additional training after a cyberattack.
  • 13% of UK companies assess the risks of their immediate suppliers.
  • Less than a fifth (19%) of UK businesses have a formal incident response plan in place.
  • 39% of UK businesses have assigned roles in the event of a cyber incident.
  • Only 6% of UK businesses were Cyber ​​Essentials certified and 1% Cyber ​​Essentials Plus certified in 2022; this is largely due to the low profile of the programs.
  • 45% of UK companies have employees using personal electronic devices for work purposes or have bring-your-own-device policies.
  • 16% of UK businesses are still using older versions of Windows.
    • For small businesses, this rises to 20%.
    • For large companies, this rises to 23%.
  • 23% of UK companies have a formal cybersecurity strategy.
    • Large UK companies are above average at 57%.
    • However, 'micro' companies are below the UK average by 20%.
  • In 2022, 43% of UK businesses were insured against cyber attacks, an increase from 2020, when only 32% were insured.
  • Phishing attacks are considered the most disruptive form of cybercrime for UK businesses, linked to threat actors impersonating the business in email or online.
  • People between the ages of 25 and 44 are the most likely targets of phishing attempts.
  • Between March 2020 and March 2022, retail and consumer fraud increased by 57%.
  • In 2022, 4.8% of fraud cases in the UK were related to coronavirus. One common scam involved scammers sending targets a link to book their next Covid-19 booster shot and asking them to enter their card details to pay for the shot itself or an administrative fee.

Cybercrime in Asia

Cybercrime in Pakistan

Cybercrime has become an increasingly serious problem in Pakistan in recent years. Financial fraud is the most commonly reported type; In 2020, 20,218 Pakistanis out of a total of 84,764 complaints reported being victims of online crime related to financial fraud. This is ahead of hacking (7,966), cyber bullying (6,023), and cyber slander (6,004).

More and more Pakistanis have experienced cybercrime through social media. Between 2018 and 2021, financial fraud through social media increased by 83%. Of 102,356 complaints received in 2021, 23% of cybercrimes used Facebook.

Cybercrime in India

Like many countries, India is increasingly suffering from cybercrime. The number of reported cybercrimes in 2018 was 208,456. In the first two months of 2022 alone, 212,485 cybercrimes were reported, more than all of 2018.

The numbers increased further due to the pandemic, with reported crimes increasing from 394,499 cases in 2019 to 1,158,208 in 2020 and 1,402,809 in 2021. Between the first and second quarters of 2022, cybercrime increased by 15, 3% in India.

Also, more and more Indian websites have been hacked in recent years. Around 17,560 websites were hacked in 2018. In 2020, another 26,121 websites were hacked.

78% of Indian companies experienced a ransomware attack in 2021, and 80% of these attacks resulted in data encryption. By comparison, the average attack rate was 66% and the average encryption rate was 65%.

Cybercrime in Malaysia

79% of Malaysian organizations were attacked by ransomware in 2021, with 64% of attacks resulting in data encryption.

Cyber ​​criminals are also increasingly targeting Internet users in Malaysia. In 2021, more than 20,000 cybercrimes were reported, resulting in RM560 million (US$123 million) in losses for victims. Between 2017 and 2021, the total amount lost to cybercrime in Malaysia was estimated at RM2.23 billion (US$490 million). From January to July 2022, 11,367 cases of cybercrime were reported, and the crime rate increased by 61% between 2016 and 2022.

Cybercrime in Nepal

Despite its small population, cybercrime remains a problem in Nepal. For the 2020-2021 financial year, 3,906 cases of cybercrime were registered. In the first 3 months of the current fiscal year (2021-2022) alone, 1,547 cybercrime cases were reported.

Nepal is currently ranked 101 out of 160 countries in the National Cyber ​​Security Index and 94 in the Global Cyber ​​Security Index. Nepal is also ranked 140th in the ICT Development Index.

Cybercrime in North America

Cybercrime in Canada

Canada has seen a significant increase in cybercrime in recent years. Between 2017 and 2021, reported cybercrime increased by 153%, from 27,829 cases in 2017 to 70,288 cases in 2021.

Along with this increase in cybercrime, there is growing concern among Canadians about the use of personal information online. A 2020 study found that 48% of Internet users in Canada were "extremely concerned" about their information being used for identity theft.

Canadian organizations are also significantly affected by cybercrime. In 2017, $1.5 billion was lost to cybercrime. In 2021, 85.7% of Canadian businesses experienced at least one cyberattack. For comparison, 89.7% of organizations in the US were attacked at least once in 2021; in the United Kingdom this percentage drops to 71.1%.

(Video) What was HACKED in February 2023 | RECAP

Phishing and online scams continue to plague Canada. In the first 6 months of the pandemic, 34% of Canadians received at least 1 phishing email. Additionally, Canadians lost $100 million to online scams in 2021.

The most common form of online fraud was romance, which cost victims $42.2 million. Investment fraud was also common.

Cybercrime in the US

An estimated 53.35 million US citizens were affected by cybercrime in the first half of 2022. Between July 2020 and June 2021, the US was the country most affected by cyberattacks, accounting for the 46% of attacks globally.

US citizens lost $6.9 billion to cybercrime in 2021, including romance scams ($956 million), investment fraud ($1.4 billion), and business email compromise ($2.39 billion).

For businesses, ransomware poses a serious security threat, with 60% of US businesses encrypting their data during successful ransomware attacks. The average cost to remediate these attacks was $1.08 million in 2021, 49% less than in 2020 ($2.09 million).

Only 50% of US businesses have full coverage cyber insurance. Another 28% have cyber insurance with exclusions or exceptions in the policy, meaning they may not be covered for certain attacks or circumstances. Most worryingly, approximately 1 in 10 US businesses (12%) lack protection against cyberattacks and risk financial ruin if attacked.

Cybercrime in Oceania

Cybercrime in Australia

Cybercrime continues to be a problem in Australia. Fraud is a major concern, with investment fraud costing Australians more than $48 million in 2022 so far. In total, more than $72 million was lost to fraud in 2022. Additionally, one in four Australians has been a victim of identity fraud.

On average, Australians are among the richest people in the world. A study of median wealth per adult put Australians at the top of the rich list with median wealth of $273,900, ahead of Belgium ($267,890) and New Zealand ($231,260). This may partly explain why cybercriminals target Australian individuals and organisations.

In September 2022, around 2.1 million customers were affected by a major data breach at the telecommunications company Optus. 9.8 million individual records were stolen, including addresses, names, dates of birth, and in some cases passport numbers. However, no bank details were compromised in the attack.

On average, there is a cyber attack every 10 minutes in Australia, and 43% of these attacks target SMEs. Education, health and government are the most affected areas.

From July 2021 to June 2022, cyber attacks in Australia increased by 81%. Network traffic increased by just 38% over the same period, underscoring the continued prevalence of cybercrime in the country. Attacks on financial sites increased by more than 200% in 2022.

Cybercrime in Africa

Cybercrime in Nigeria

In 2020, Nigeria was ranked 16th among the countries most affected by cybercrime in the world. A recent development in the Nigerian cyber threat landscape is that hackers trick employees of Nigerian organizations into posing as insider threats. The investigation has revealed that hackers have begun offering money to employees to reveal sensitive information on an organization's network. Although the report does not say whether any employees acted as insider threats, it is clear that this is a growing problem.

In Q3 2022, Nigeria experienced a 1,616% increase in data breaches, from 35,472 in Q2 to 608,765 in Q3.

However, the Nigerian government continues to fight cybercrime. Since the beginning of 2022, the Nigerian Economic and Financial Crime Commission (EFCC) has convicted 2,847 people in connection with cybercrime.

Cybercrime in Zambia

Zambia is ranked 58 out of 161 countries in the National Cyber ​​Security Index and 73 out of 194 countries in the Global Cyber ​​Security Index.

As a developing country, access to technology is somewhat limited: only 50% of Zambians own a PC. However, around 75% own a smartphone, making SMS fraud a particular problem. In 2021 alone, 10.7 million cybercrimes were reported to the Zambia Computer Incident Response Team (ZM-CIRT), including reverse mobile money scams and social media hijacking.

Zambia's GDP per capita is $4,000. Between 2020 and the second quarter of 2022, Zambia's financial sector suffered losses of more than ZMK 150 million (USD 872,000). During the same period, the SMS scam cost Zambians more than ZMK 1 million (US$58,000).

Cybercrime in Europe

Cybercrime in Russia

Russia experiences high levels of cybercrime. In the first quarter of 2022 alone, there were 42.92 million data breaches. While this dropped to 28.78 million violations in the second quarter of 2022, it is clear that cybercrime is a serious threat in Russia. There are an average of more than 249,000 cases of digital fraud each year. In a single day, more than 8 billion phishing emails were sent from Russian addresses.

In the third quarter of 2022, the accounts of 22.3 million Russian internet users were hacked, the highest number of any country. The 5 countries with the highest number of hacked accounts in Q3 2022 were Russia, France (13.8 million), Indonesia (13.2 million), the US (8.4 million) and Spain (3, 9 million). These countries accounted for more than half of all security breaches worldwide in the third quarter of 2022. As of November 2022, out of 1,000 internet users, 153 accounts were breached.

Cybercrime in Germany

A 2022 study found that 72.6% of German companies had suffered at least one successful cyberattack in the previous 12 months. By comparison, Colombian organizations suffered the worst, with 93.9% compromised by at least one successful attack. 74.3% of German companies stated that more cyberattacks are more likely to occur in the next 12 months.

However, German hackers are contributing to the global phishing threat. In 2022, 5.19% of spam came from Germany. The top 5 countries of origin for spam were Russia (29.82%), mainland China (14%), the US (10.71%), Germany (5.19%), and the Netherlands (3.70%). %).

Cybercrime cost UK businesses an average of £4,200 in 2021

For medium and large companies only, that increases to £19,400

Latest Cybercrime Statistics (Updated March 2023) | AAG IT Support (3)

Notable cyber breaches

What happened in the 2021 JBS ransomware attack:

JBS is the world's largest meat processing company. On May 30, 2021, cybercriminals using ransomware infiltrated the JBS network and disrupted facilities in the US, Canada, and Australia. All JBS-owned beef processing plants in the US have been temporarily out of service.

(Video) Cybersecurity Update March 15th 2023: Threats on the Rise, Patch Tuesday and More!

Impacts included the US Department of Agriculture being temporarily unable to offer wholesale prices for beef and pork, and revealing vulnerabilities in the meat processing supply chain.

On June 9, JBS paid cybercriminals $11 million in ransom to prevent further disruption and possible confidential data leaks. JBS said it spends more than $200 million a year on IT and employs more than 850 IT professionals around the world.

What happened in the 2021 Robinhood hack:

Robinhood is a US stock trading app. On November 3, 2021, cybercriminals stole and held 7 million users' data for ransom.

Hackers accessed this data through social engineering, divulging employee credentials to gain network access without brute force. This resulted in the email addresses of 5 million users being compromised and another 2 million having their full names exposed. Other personal information of 310 victims was stolen, including dates of birth and US zip codes.

The hackers demanded a ransom to prevent this data from leaking. Robinhood refused and hired a cyber security company to investigate the breach.

What happened in the Uber 2022 hack:

On September 16, 2022, Uber's AWS cloud account and Slack corporate account were hacked. The hacker likely purchased an Uber company password used by a contractor whose credentials were exposed after his personal device was infected with malware.

The hacker used these credentials to repeatedly log into the contractor's Uber account, prompting the MFA approval requests. Repeated MFA requests caused "MFA fatigue" where the contractor got tired of receiving notifications. When the contractor finally accepted a request, the hacker gained access to the account and escalated the attack.

Uber responded by identifying potentially compromised accounts, either by blocking them or by resetting their passwords. They also restored access to internal tools and locked down the code base to prevent further code changes. No public apps were accessed, meaning sensitive data such as customer credit card details and bank account information remained secure.

What Happened in the 2022 National Health Service (NHS) Cyber ​​Security Breach:

On August 4, Advanced, a major provider of NHS digital services such as patient records and NHS 111, suffered a ransomware attack by an unknown group of hackers.

The attack took several services offline, including software used by healthcare professionals for patient records, patient records and NHS 111. GP practices suffered as access to important patient information was blocked and they could not be sent electronic notifications between hospitals and GPs.

In-person visits had to be registered manually, increasing waiting times and adding workload to an already stretched NHS workforce.

As of August 22, NHS 111 services began to return to normal. Advanced has worked on its vulnerabilities and is restoring the affected services in a new, secure environment.

Nvidia Cyberangriff 2022

On February 23, Nvidia, a major microchip maker, suffered a data breach in which the source code fell into the hands of cybercriminals.

The Lapsu$ hacking group claimed responsibility for the attack, claiming they stole around 1TB of data. This included employee information such as account passwords and graphics card driver source code.

No ransomware was detected in the security breaches, instead the criminal group urged Nvidia to open up its drivers.

Nvidia responded by changing the passwords of all employees, ensuring that any information leaked would be useless. Lapsu$ also claimed that Nvidia launched a ransomware attack against them and encrypted the stolen data to prevent it from leaking.

WannaCry-Cyberangriff 2017

One of the most widespread cyber breaches in history, WannaCry was a global ransomware attack that affected more than 200,000 computers in more than 150 countries.

WannaCry exploited a vulnerability in unpatched versions of the Windows operating system. This vulnerability was known as "EternalBlue" and was allegedly developed in the US by the National Security Agency. A group of hackers called The Shadow Brokers discovered the problem before the attack happened.

Microsoft has released a patch that removes EternalBlue. However, companies and individuals around the world ignored the update, unaware of the danger to their computers.

As such, WannaCry was a devastating attack. The ransomware infected hundreds of thousands of computer systems around the world. The attackers encrypted the data on the affected machines and asked the victims to pay the attackers $300 in bitcoins to prevent their data from being wiped.

WannaCry is estimated to have caused over $4 billion in damage worldwide. In the UK, the NHS had to cancel 19,000 appointments, costing the health service around £92m.

Ransomware attack in Costa Rica 2022

A national emergency was declared in Costa Rica in 2022 amid a series of ransomware attacks against critical institutions.

The first attacks occurred from mid-April to early May, targeting 27 government agencies. The digital tax service and the computer system for customs control were paralyzed. Approximately 800 servers and several terabytes of data at the Ministry of Finance were also affected by the attacks.

The encryption of key data and systems meant that trade was affected, with losses for importing and exporting businesses estimated at $38 million to $125 million per day. A manual way to import was implemented after 10 days, but the increased paperwork still caused delays.

The second attack began on May 31, 2022. The main target this time was the Costa Rican Social Security Fund, which manages the country's healthcare system. An estimated 10,400 computers and more than half of the servers were affected, with key healthcare systems taken offline and doctors forced to cancel appointments. In the first week after the attack, around 34,677 appointments had to be rescheduled, 7% of all appointments that week nationwide.

A ransomware group known as "Conti" claimed responsibility for the first series of attacks and demanded a $10 million ransom to prevent the stolen information from leaking. The second series of attacks was claimed by the HIVE ransomware group, which has some ties to Conti.

Attack on the Marquard & Bahls supply chain in 2022

On January 29, 2022, two subsidiaries of the German fuel retailer Marquard & Bahls came under cyberattacks, forcing companies like Shell to divert supplies.

Oiltanking and Mabanaft were attacked by hackers, affecting their IT systems and supply chains. The consequences of these attacks were felt throughout Germany.

Aral, which operates the largest gas station network in Germany with some 2,300 gas stations, had to turn to alternative sources after the attacks.

The companies produce 1.6 million liters of heating oil and 2.1 million liters of fuel a year, and the disruption of these attacks has affected 233 filling stations in northern Germany. A spokesman for the Federal Office for Information Security said the situation was "serious, but not serious." Both affected companies said in a joint statement that they are working to resolve the issue as soon as possible.

Latest Cybercrime Statistics (Updated March 2023) | AAG IT Support (4)

(Video) HEAL Security Healthcare Cybersecurity Roundup: 29 March 2023

What is cybercrime?

According to the Crown Prosecution Service, cybercrime falls into 2 categories:

Cyber ​​crimes:Crimes that can only be committed through the use of technology, "where the devices are both the tool to commit the crime and the objective of the crime." Examples include malware that targets victims for financial gain and hacking to erase or corrupt data.

Cybercrime:“Traditional” crime that has a greater reach through the use of technology. Some examples are cyber fraud and data theft.

How much does cybercrime cost the economy?

Cybercrime cost the global economy around $787,671 per hour in 2021. For the year, this adds up to a total of $6,899,997,960 lost to cybercriminals worldwide.

How much does cybercrime cost in the UK?

UK businesses are estimated to have lost around £736m due to cybercrime in 2021. Including consumers, cybercriminals could have lost up to £2.5bn in 2021.

Why is cybercrime increasing?

Cybercrime against businesses in the UK had fallen before Covid (from 46% of UK businesses reporting a cyberattack in 2017 to 32% in 2019). However, changes to the workplace brought about by lockdowns during the pandemic led to a renewed rise in cybercrime, with 46% of UK businesses reporting having suffered a cyberattack in 2020.

Cybercrime against UK businesses has slowly declined since then: in 2021 and 2022, 39% of UK businesses reported having suffered a cyber attack.

The number of victims of cybercrime in the UK increased by 40% between 2020 and 2021, likely due to the use of personal electronic devices for work and the general increase in internet use during lockdown.

Who does cybercrime affect?

Cybercrime affects everyone.

Those under the age of 20 are typically the least affected, but college students who switched to studying online during the 2020 pandemic contributed to a nearly 100 percent increase in victims under the age of 20 (from around 10,000 to more than 20,000).

The numbers are down 36% in 2021, but are still 56% above pre-COVID-19 levels.

Retirees (60+) are the group most vulnerable to online crime. In 2020, the number of victims over the age of 60 increased by 55% and this trend has continued to reach more than 92,000 victims in 2021.

How common is cybercrime?

With an average of 97 cybercrime victims per hour, that means there is a cybercrime victim every 37 seconds.

Also, data from 2 internet users was leaked every second in 2022. This is an improvement over 2021, when data from 6 users was leaked every second.

Which country has the most cybercrime?

The latest cybercrime statistics show that hackers attack certain countries before others: in 2021, 71% of countries were below the global average breach density (16.5 emails leaked per 100 Internet users). Internet).

The United Kingdom has the highest density of cybercrime victims per million Internet users: 4,783. The United States follows with 1,494.

Russia currently has more than 3.5 million injured users, the highest number in the world in 2022. Next is the US with nearly 2.5 million injured users.

What is Hacking in Cybercrime?

"Hacking" is the act of gaining unauthorized access to a computer or data.

How common is hacking?

There is no single source of data on how many people are being hacked. However, it is estimated that there is a victim of cybercrime every 37 seconds. In 2021, the emails of 1 in 5 internet users were leaked, potentially leading to hackers accessing their accounts or targeting email in phishing attacks.

What are wiretaps in cybercrime?

"Listen" allows hackers to view, intercept, modify, or delete data sent between two devices. Eavesdropping can be passive, where the hacker "listens" to the transmitted data but does not otherwise intervene.

Active eavesdropping occurs when hackers intercept data packets on a network by posing as a real connection. Man-in-the-middle attacks are the most common form of active espionage. Hackers gain access to networks through social engineering or malicious software and can then steal, redirect, or delete data sent between devices on that network.

What is cyber fraud?

Online fraud occurs when criminals use technology to gain an advantage, usually financial, over an individual or organization. Fraud cost the UK £137bn in 2021, with losses exceeding Jeff Bezos' net worth.

What are the most common types of cybercrime?

The most common forms of cybercrime include phishing, ransomware, and personal data breaches.

With around 3.4 billion spam emails sent daily, phishing remains the most common form of cyberattack. Phishing is typically a "gateway attack" in which cybercriminals collect sensitive information (such as login credentials or credit card numbers) that they can then use to launch further attacks.

For example, phishing is the most common entry point for ransomware attacks. Hackers spam their targets until the victim follows the link. This link could contain ransomware or lead to a fake website where the victim unknowingly enters their credentials. Hackers can then use this information to gain internal access to a network, escalate their attack, and deliver ransomware.


Deep Instinct, Surfshark, IBM, World Economic Forum, ConnectWise, Statista, Gartner, Bulletproof, Kaspersky, Atlassian, BitSight, Verizon, NCSI, Regierung des Vereinigten Königreichs, Pakistan Federal Investigation Agency, CERT-IN, Statistics Canada, Cyber ​​​​Edge , Savvy, Optus, Credit Suisse, Imperva, Deloitte, EFCC, Bloomberg UK, JBS, BBC, Uber, Nvidia, Bloomberg, ZDNet, CPS, NCSC, National Fraud Intelligence Bureau, Action Fraud, Crowe , Microsoft, Sophos, Business Today, Commercial Crime Investigation Department (Malaysia), India Cyber ​​Crime Coordination Center, Nepal Police Cyber ​​Bureau, Meta, OSAC, ZM-CIRT, GCI, Reuters, IC3, Canadian Anti-Fraud Centre, Valimail

(Video) Cyber Security Challenge Germany (2023)

Charles GriffithsDirector of Technology and Innovation


1. Webinar: Top 3 Opportunities for MSPs in 2023 and Beyond - 16 March 2023
(WatchGuard Technologies)
2. Salary Range for Cyber Security Professionals as of march 2023
3. The FBI's New Cyber Super-Weapon Is The Dark Web's Worst Nightmare | Andy Greenberg
4. Evolution Equity TV, March 2023: Snyk, The Developer Security Company
(Cybercrime Magazine)
5. Top Cybersecurity Threats of 2023
(LMG Security)
6. HEAL Security Healthcare Cybersecurity Roundup: 22 March 2023
(HEAL Security)


Top Articles
Latest Posts
Article information

Author: Ms. Lucile Johns

Last Updated: 06/10/2023

Views: 5807

Rating: 4 / 5 (41 voted)

Reviews: 80% of readers found this page helpful

Author information

Name: Ms. Lucile Johns

Birthday: 1999-11-16

Address: Suite 237 56046 Walsh Coves, West Enid, VT 46557

Phone: +59115435987187

Job: Education Supervisor

Hobby: Genealogy, Stone skipping, Skydiving, Nordic skating, Couponing, Coloring, Gardening

Introduction: My name is Ms. Lucile Johns, I am a successful, friendly, friendly, homely, adventurous, handsome, delightful person who loves writing and wants to share my knowledge and understanding with you.