A Real 2021 Halloween Horror Story
Forget ghosts, zombies, maniacs on the loose, and other horror tropes, there’s a real-life horror story going on all around us in 2021 — it is called “the rise of cyber-attacks” and the threat is real.
So, what better time than Halloween to look at some recent cyber-security statistics, many of which are guaranteed to send chills down the spine.
The statistics used in this article have been collated from cyber-security reports and surveys coming from industry leaders and reputable news sources, including Symantec, IBM, Cisco, Gartner, Varonis, Accenture, Verizon, The Wall Street Journal, The Times & Bloomberg.
It’s news to no-one that the rate at which information systems, of all types and sizes, are being attacked by malicious actors has risen over the past few years — what may not be as readily apparent though is just how much it has risen.
Cyber Security commentors say that cyber-crime is 2021’s “other pandemic”, and that’s not an over-exaggeration.
Here are some general statistics that should spook you (I’m running with this Halloween theme — sorry, not sorry 🎃)
Oh, the horror…
· Email borne threats detected in 2020 rose by 68% over the previous year.
· 95% of cybersecurity breaches are caused by human error.
· 88% of organizations worldwide experienced spear phishing attempts in 2019.
· On average, only 5% of data is properly protected.
· Data breaches exposed 36 billion records in the first half of 2020.
· 86% of breaches were financially motivated and 10% were motivated by espionage.
· The average cost of a data breach was £2.8 million as of 2020.
· The average time to identify a breach in 2020 was 207 days.
· And the average lifecycle of a breach was 280 days from identification to containment.
· Personal data was involved in 58% of breaches in 2020.
· Security breaches have increased by 11% since 2018 and 67% since 2014.
· 64% of people polled have never checked to see if they were affected by a data breach.
· 56% of people polled didn’t know what steps to take in the event of a data breach.
Scary enough for you?
Want to see something really scary? Try this real-time view of Distributed Denial of Service (DDoS) attacks going on around the World right now! It’s mesmerising and terrifying!
Which brings us to some attack specific statistics that won’t improve your sense of wellbeing at all.
Ransomware and Malware
· 6 in 10 UK companies suffered a ransomware attack in the past 12 months.
· SME’s with 1–250 employees are the most targeted, with 1 in every 323 emails received being malicious.
· The average ransomware payment rose by 33% in 2020 over 2019, to £81k, while the average total cost of a ransomware attack rose to £96.5k.
· In 2018, an average of 10,573 malicious mobile apps were blocked per day.
· 94% of malware is delivered by email.
· 48% of malicious email attachments are office files, with the most common file extensions being .doc and .dot, the next highest is .exe at 19.5%.
· 60% of malicious domains are associated with spam campaigns and about 20% of those active at any given moment were created and registered less than a week ago!
· After declining in 2019, phishing increased in 2020 to account for 1 in every 4,200 emails.
· Phishing attacks were involved in 80% of all cyber-security incidents so far in 2021
· 65% of groups used spear-phishing as the primary infection vector.
· Phishing attacks account for more than 80% of reported security incidents.
· Around £12.8k is lost every minute due to a phishing attack.
IoT, DDoS, and Other Attacks
· By 2023, the total number of DDoS attacks worldwide is estimated to be 15.4 million.
· Attacks on IoT devices tripled in the first half of 2019.
· 30% of data breaches involve internal actors.
· There are about 5,200 attacks per month directed at IoT devices.
· 90% of remote code execution type attacks are associated with crypto mining.
· 1 in 36 mobile devices have high-risk apps installed.
Who will save us?
It is a scary situation, and we should all be wary, but the truth is that it is not so hard to protect yourself and your organisation from the cyber-security threats we’re facing.
Be aware of the different attack types and implement sensible precautions to mitigate for them — it really is no more occult than that.
We have a lot of cyber security advice and resources available — check my profile or visit the resources page of our website if you would like to see more — and if you would like to know more about IT managed services that can drastically reduce your cybersecurity risk, get in touch with us.
👻 Happy Halloween. 💀