Cybersecurity is the protection of computers, mobile devices, networks and Internet of Things devices from the theft or damage, or disruption of, hardware, software, electronic data and services.
Cybersecurity is more important than ever due to the increased reliance of individuals and corporations on the internet. This has led to wide use of Bluetooth and WiFi wireless communications, leaving users more vulnerable to hackers.
The growth rate of devices like smart TVs, streaming boxes, game consoles, smartphones and tablets has also made cybersecurity an increasingly important factor in protecting online users.
In this article, I’ll offer a rundown of some important statistics related to the world of cybersecurity in 2020, and how those statistics affect users and the future of online communications.
1. Email Is the Most Popular Method of Malware Infection
Verizon’s 2019 Data Breach Investigations Report found that 94% of all detected malware infecting computers at median firms arrived via email. Employees and executives click links or open attachments found in emails, infecting their machine and then other networked machines with the malware.
These types of phishing attacks account for over 80% of reported internet security incidents.
During 2019, 71% of companies that experienced malware activity saw it spread from one employee to another. While 85% of companies surveyed believe the volume of email spoofing will increase, only 1 in 5 companies offer monthly training sessions to educate employees on the dangers of links and attachments in emails.
2. Cybersecurity Data Breaches Are Expensive
The costs of the damage done by malware infections and phishing attacks are mind-blowing. RiskIQ estimates that cybercriminals cost the global economy $1.5 trillion in 2018 alone. (Cybercrime damages are expected to hit $6 trillion annually by the year 2021.)
Every minute, around $2,900,000 is lost to cybercriminals, and companies pay $25 per minute on average to cybersecurity breaches. Damage costs from ransomware attacks are predicted to grow 57x or more from 2015 to 2021.
3. 70% of All Cryptocurrency Transactions Will Soon Be Related to Illegal Activity
Crypto-crime is a growing industry in the cybercrime category. Bitcoin is used for approximately $76 billion in illegal activity, says a study by the University of Sydney in Australia.
It is predicted that by 2021, more than 70% of all cryptocurrency transactions will be for illegal activity.
4. Spending on Cybersecurity Continues to Grow
Global spending on cybersecurity products and services are expected to amount to over $1 trillion (overall) for the five-year period covering from 2017 to 2021.
Spending on managed security solutions (otherwise known as getting cybersecurity help from an outside firm) hit $64.2 billion in 2019. That is more than double the amount businesses spent on network security equipment and infrastructure protection. It is expected that spending on cybersecurity solutions will grow at double digit numbers over the next four years.
5. Many Businesses Are Unprepared for Cyber Attacks
In 2019, Keeper Security surveyed 500 senior decision makers at SMBs to probe their mindsets about cybersecurity, digital threats and what common misconceptions they shared.
They found that 60% of all respondents said they did not have a cyber attack plan. Only 9% of respondents ranked cybersecurity as a top priority, and a staggering 66% of those responding believe a cyber attack is unlikely.
Companies that have been in business less than 5 years believe they are more vulnerable to a cyber attack, with 28% believing they are “very likely” to be attacked, while only 6% of companies in business for over 10 years felt they were likely to be attacked.
60% rank cybersecurity as a priority below recruitment, sales, marketing and contributing to the social good. 25% of those surveyed said they wouldn’t know where to begin putting a cybersecurity plan into place.
6. Businesses Are Getting Smarter About Passwords
Security awareness is growing by businesses. Nearly 69% of the Keeper Security SMB survey respondents associate passwords with being the first line of defense against a cyber attack. 75% of survey participants have policies in place to either require or encourage employees to update their passwords on a regular basis.
7. Businesses Don’t Seem to Be Getting Smarter About Applying Patches
Security Boulevard says 60% of information security breaches in 2019 involved unpatched vulnerabilities that had a patch available. Data breaches of that type include the 2017 Equifax data breach.
This is despite the fact that 3,000 security professionals in 9 nations report cyber attacks had increased 17% over the past year, and the severity of the attacks rose by 28%.
Businesses also reported a 34% increase in weekly costs for applying patches compared to 2018, along with 30% more downtime related to delays in patching data security holes. 69% of survey participants say they expect to hire an average of five more employees that will be dedicated to applying patches.
However, all of the blame can’t go on the lax patching practices of companies. The Common Vulnerabilities and Exploits (CVE) database contains over 11,000 vulnerabilities that can be exploited in commonly used systems and software. As of mid-2019, 34% of those vulnerabilities had no patches.
It should also be noted that 63% of companies that had data compromised in the last year said it was due to a hardware- or silicon-level security flaw. In other words, something a patch might not be available for.
8. Attacks on Internet of Things Devices Are on the Upswing
Cybersecurity solutions provider F-Secure estimates that attacks on Internet of Things (IoT) devices tripled in the first half of 2019. During that period, the largest part of attack traffic (760 million events) was carried out via the Telnet protocol, which IoT devices use.
F-Secure’s global network of honeypots were infected with malware dominated by numerous versions of Mirai, which infects IoT devices using default credentials, enrolling the devices into botnets used for Distributed Denial of Service (DDoS) attacks.
The IP addresses that attackers used were located mostly in China, the United States, Russia and Germany. The countries that were targets of the attacks were led by the U.S., Austria, Ukraine, U.K., the Netherlands and Italy.
9. 1 in 5 Internet Users Were Victims of Malware Infections
Malware varieties continue to flourish. Information security company Kaspersky reports that its web antivirus platform identified over 24,600,000 “unique malicious objects” during 2019. That is 14% more detections than it saw in 2018.
Kaspersky says nearly 1 in 5 internet users were the victim of some sort of malware attack. However, these attacks were not made randomly. Instead, Malwarebytes Labs says attackers are targeting victims with deeper pockets, as malware attacks on consumers dropped 2% in 2019, while malware attacks on businesses spiked 13%.
Malwarebytes Labs noted a 224% increase in infections by a category of malware known as “hack tools.” These are malicious programs that probe systems and computer networks for weaknesses, then download other malicious payloads to attack the discovered weaknesses.
10. Windows Continues to Be a Favorite Target of Hackers
Recently, security expert Wietze Beukema reported that more than 300 Windows 10 executables are vulnerable to DLL hijacking attacks.
DLL hijacking is a popular method of delivering and executing malicious payloads on the Windows platform. (DLLs are Dynamic Link Libraries, which Windows apps use to perform various functionality, such as a “Save” dialog.)
However, Mac users shouldn’t let their guard down, as a new wave of Mac malware was recently discovered spreading via poisoned YouTube video search results on Google. The user is diverted to malicious web pages that display a notice saying Flash Player requires an update.
As we’ve seen above, the world of cybersecurity continues to be a challenging one. While companies work to protect their computer networks from attackers, the bad guys continue to develop new approaches to deliver their dirty payloads.
We all need to stay alert, keep our devices and computer systems updated, and play it smart while we’re online.
Stay safe, my friends.
How Do Cyber Attacks Affect Individuals?
The impact of cyber attacks on individuals can vary, depending on the target of the cyber attack and the exposure of data involved.
These include economic (bank and credit card data breaches), psychological (depression, shame and embarrassment) in breaches like happened with online dating website Ashley Madison, or even physical if a data breach leads to a loss of life or damage to infrastructure.
How Much Would an SMB Be Willing to Spend on a Cybersecurity Solution?
The 2019 SMB IT Security Report by Untangle reveals that 29% of small businesses spend less than $1,000 annually on cybersecurity, and 26% of respondents have no idea what their cybersecurity budgets are. This adds up to 55% of SMBs that either don‘t spend enough, or are not tracking how much they spend.
Meanwhile, the same report by Untangle showed 48% of all surveyed SMBs said they budget less than $5K on IT security. That’s down 6% from the 54% reported last year. More than half of those surveyed (52%) do not have an in-house IT security professional on staff, instead spreading security responsibilities among multiple other staff members.
Where Are Cyber Attacks Coming From?
Close to 30% of all cyber attacks are launched from China, while over 17% originate from the United States. Russian bad actors are responsible for a little over 5% of all cyber attacks, while Turkey is responsible for 4.7% and Brazil nearly 9% of all cyber attacks.
Is Mobile Malware Rising?
Mobile malware attacks are booming. Researchers at Check Point examined known cyber attacks for the first half of 2019 and found that attacks targeting mobile devices were up 50% compared to 2018.
The report indicates that one key reason for the sharp increase in mobile device attacks is the increased use of mobile banking apps. This has led to an increase in malware designed to steal login credentials, payment data, and even funds from a victim’s bank accounts.
Are Cyber Criminals Using Artificial Intelligence?
Just as the good guys are making use of artificial intelligence to improve how they analyze, study, understand and battle cybercrime, the bad guys are finding ways to use it against cybersecurity pros and their defenses.
Bad actors are finding ways to use adversarial AI to trick AI-based security systems into misidentifying or misclassifying objects that may be looking to perform a cyberattack.
- 1. Email Is the Most Popular Method of Malware Infection
- 2. Cybersecurity Data Breaches Are Expensive
- 3. 70% of All Cryptocurrency Transactions Will Soon Be Related to Illegal Activity
- 4. Spending on Cybersecurity Continues to Grow
- 5. Many Businesses Are Unprepared for Cyber Attacks
- 6. Businesses Are Getting Smarter About Passwords
- 7. Businesses Don’t Seem to Be Getting Smarter About Applying Patches
- 8. Attacks on Internet of Things Devices Are on the Upswing
- 9. 1 in 5 Internet Users Were Victims of Malware Infections
- 10. Windows Continues to Be a Favorite Target of Hackers
- In Closing
- Cybersecurity FAQ
- How Do Cyber Attacks Affect Individuals?
- How Much Would an SMB Be Willing to Spend on a Cybersecurity Solution?
- Where Are Cyber Attacks Coming From?
- Is Mobile Malware Rising?
- Are Cyber Criminals Using Artificial Intelligence?