In The Trenches LogoThe Devolutions Blog Logo
The Front Line Against
IT Chaos & Cyber Threats

20 Shocking Statistics About Cybercrime


Just how massive and destructive has cybercrime become? Here are 20 statistics that paint a shocking picture — like InfoSec World’s version of Edvard Munch’s The Scream.

  1. The cybercrime economy has grown to $1.5 trillion a year. [Source]
  2. Security breaches in 2018 climbed 11% from 2017, and they have increased 67% since 2013. [Source]
  3. The volume of malicious PowerShell scripts increased by 1,000% in 2018. [Source]
  4. Unpatched and outdated software is responsible for 22% of security incidents. [Source]
  5. Third-party app stores host 99.9% of all discovered mobile malware. [Source]
  6. Small and Mid-Size Businesses (SMBs) are targeted in 43% of cyberattacks. [Source]
  7. Email is responsible for distributing 92% of all malware. [Source]
  8. The overall damage caused by cybercrime will reach $6 trillion a year by 2021, up from $3 trillion a year in 2015. [Source]
  9. The average cost of a data breach is $7.91 million for companies in the U.S., and $3.86 million for companies worldwide. [Source]
  10. It takes an average of 196 days to discover a data breach. [Source]
  11. It takes an average of 49.6 days between discovering a data breach and reporting it. [Source]
  12. Every 14 seconds there is a new ransomware attack, which will cost victims $20 billion by 2021. [Source]
  13. Hackers can purchase cybercrime toolkits on the dark web for as little as $1. [Source]
  14. The #1 country that cybercriminals target is the U.S. [Source]
  15. By 2023, cybercriminals will steal an estimated 33 billion records. [Source]
  16. 88% of companies with more than 1 million folders lack appropriate access limitations, and 58% of companies have more than 100,000 folders accessible to all employees. [Source]
  17. 95% of HTTPS servers are vulnerable to Man-in-the-Middle (MitM) attacks. [Source]
  18. Phishing attacks posing as SaaS platforms increased 237% in 2017. [Source]
  19. 46% of websites have high security vulnerabilities, and 87% of websites have medium security vulnerabilities. [Source]
  20. 70% of employees don’t understand basic cybersecurity. [Source]

Things Are Getting Worse

OK, you can come out from under your desk now — we’ve stopped with the scream-inducing cybercrime statistics (for now). Regardless of how you crunch the numbers and analyze the trends, this much is abundantly clear: the cyberthreat landscape is getting riskier and costlier by the day. And not just for large corporations, either. Since they are easier to target and have valuable data to steal, small businesses are now ground zero for cyberattacks — and 60% of small businesses fold within six months of a cyberattack.

Minimizing Cyberattacks

With this in mind, is it possible to 100% prevent a cyberattack? Unfortunately, the answer is no. If cybercriminals are motivated, skilled and well-funded, it is only a matter of time before they break down (or break through) endpoint and network defense tools and systems.

However, companies can — and frankly, they must — make it as difficult as possible for cybercriminals to raid their digital fortresses. It is similar to safeguarding a home. Seasoned burglars can break into virtually any home they want to, but they are much more inclined to target homes with weak security than those with state-of-the-art surveillance and alarm systems. Cybercriminals are just as pragmatic. They aren’t looking to win any creativity awards. They’re looking to steal data and make money — and the easier, the better.

Best Practices for Preventing Data Hacks

Our Product Marketing Specialist, Jenny, recently published a list of best practices for preventing data hacks that you can find here. Its timely information and advice can help your organization stay at least a step or two ahead of the bad guys — and lower your chances of becoming a terrifying cybercrime statistic.

Joey Dupont

Greetings! My name is Joey Dupont, and I’m the Digital Marketing Specialist here at Devolutions. I have been here for several years, and am proud to be one of the most senior employees at this great company. I oversee many aspects of our digital marketing program, including email marketing, email automation, partnership relations, search engine marketing, and search engine optimization. I am also constantly learning new things about IT and online security. Academically, I have a bachelor’s degree in marketing. When I’m not working, I enjoy spending time with friends, playing video games, and playing music. I’m always happy to help, and you can contact me directly at

Devolutions is a leading provider of remote connection, password and credential management tools for sysadmins and IT pros.

DEVOLUTIONS.NET | 1000 Notre-Dame, Lavaltrie, QC J5T 1M1, Canada |
All rights reserved © 2022 Devolutions