How Many Cyber Attacks Occur Each Day? (2024)
The risk of cyberattacks has increased substantially in recent years.
But just how prevalent are cyberattacks in 2024?
In this report we'll cover the latest data on cybersecurity threats, the average cost of a data breach, and the ways cybercriminals look to steal organizations’ sensitive data.
Contents
- Top Cyberattack Statistics
- How Many Cyberattacks Happen per Day?
- How Many Businesses Get Hacked Each Year?
- Phishing Attack Statistics
- Malware Statistics
- Ransomware Statistics
- Cryptojacking Statistics
- IoT, DDoS, and Other Attacks
- Most Common Causes of Data Breaches in Cybersecurity
- Cost of Cybersecurity
- Cybersecurity Growth Rate
- Data Breach Statistics
- Cybersecurity Risks
- Largest Data Breaches and Hacking Statistics
- Cybersecurity Job Statistics
Top Cyberattack Statistics – Editor's Choice
- Someone falls victim to a cyberattack roughly once every 11 seconds.
- Almost 6 in 10 businesses have suffered a ransomware attack this year.
- North America has seen a 15% increase in ransomware attacks this year.
- The average cost of a successful attack on an Internet of Things (IoT) device is more than $330,000.
- Data breaches from phishing attacks cost companies an average of $4.88 million.
- The largest recorded data breach compromised more than 3 billion user accounts.
How Many Cyberattacks Happen per Day?
Cyberattacks have become increasingly common in recent years.
The exact numbers vary massively depending on how you choose to define an attack. For instance, one report claims there are 5.5 billion malware attacks per year, and 6.3 trillion intrusion attempts.
But the Identity Theft Resource Center (ITRC) Annual Data Breach Report recorded 2,365 cyberattacks leading to data compromises in 2023. This marks an increase from 1,584 the previous year, and 754 in 2018.
That’s approximately 6.5 attacks per day. However, the number of victims is substantially higher: over 343 million per year. That’s more than 940,000 per day, or nearly 11 per second.
Source: ITRC Annual Data Breach Report, Sonic Wall
How Many Businesses Get Hacked Each Year?
According to a Sophos study, 59% of businesses have been hit by ransomware this year. That’s a drop from a high of 66% in each of the previous two years.
In the UK, half of all businesses and 32% of charities report being targeted by some form of cyberattack within the past 12 months.
Source: Sophos, UK Government
Phishing Attack Statistics
Phishing and pretexting are the most commonly used kinds of cyberattack.
(Pretexting is effectively a kind of phishing where attackers seek to build up a prior relationship of trust before trying to exploit it.)
50% of all phishing and pretexting attacks target user credentials. This is especially troubling as almost 8 in 10 web users reuse passwords for multiple accounts.
Meanwhile, 95% of attacks have an ultimately financial motive. The remainder are motivated by espionage.
When phishing or pretexting leads to a transaction, the median amount is approximately $50,000. In almost one in five cases, none of that money is recovered.
As of Q1 2024, cybercriminals create nearly 1 million phishing sites per month – that's almost 7x as many as in Q2 2020.
Sources: Verizon 2024 Data Breach Investigations Report, Forbes, APWG
Malware Statistics
In 2023, there were over 6 billion malware attacks worldwide. That figure has remained fairly steady, ranging from 5.4 billion to 6.06 billion between 2020 and 2023.
The single worst year for malware attacks over the last decade was 2018 (10.5 billion attacks).
Here's a breakdown of the number of malware attacks worldwide since 2015:
| Year | Number of Malware Attacks |
| 2015 | 8.2 billion |
| 2016 | 7.9 billion |
| 2017 | 8.6 billion |
| 2018 | 10.5 billion |
| 2019 | 9.9 billion |
| 2020 | 5.6 billion |
| 2021 | 5.4 billion |
| 2022 | 5.5 billion |
| 2023 | 6.06 billion |
From March to May of 2024, instances of malware increased by 30%. Encrypted threats increased by 92%, indicating that malware attacks are growing more sophisticated.
Ransomware Statistics
Ransomware has become one of the most pervasive and fast-growing threats to individuals and organizations worldwide.
By the highest estimates, attacks occurred every 39 seconds throughout 2023. Cybersecurity professionals estimate that more than 300 million ransomware attacks were attempted throughout the year.
Here's a look at the number of ransomware attacks per year since 2017:
| Year | Number of Ransomware Attacks |
| 2017 | 186.3 million |
| 2018 | 206.4 million |
| 2019 | 187.91 million |
| 2020 | 304.64 million |
| 2021 | 623.25 million |
| 2022 | 493.33 million |
| 2023 | 317.59 million |
North America currently receives the largest proportion of industrial ransomware attacks (43%).
Here's a breakdown of industrial ransomware attacks by region:
| Region | Distribution of Ransomware Attacks |
| North America | 43% |
| Europe | 32% |
| Asia | 14.4% |
| South America | 4.4% |
| Middle East | 2.5% |
| Africa | 1.5% |
| Australia | 1.5% |
North America is also one of the regions that saw an increase in ransomware in the first half of 2024. Attacks are up 15% compared to 2023, although in Europe they are down by 49%.
Sources: SonicWall, WatchGuard, Dragos, SonicWall (2)
Cryptojacking Statistics
Cryptojacking is a form of cybercrime in which hackers use an individual or organization's computer system to mine cryptocurrencies like Bitcoin. While relatively new, the latest data indicates an uptick in unauthorized mining activities.
Criminals may initiate a cryptojacking attack in several ways, such as installing malicious software through an email attachment or infecting a webpage with JavaScript that launches the mining process when opened in a browser.
Cryptojacking volume in Q1 2023 reached 332.3 million. And across the year attacks rose by 659%.
Sources: SonicWall
IoT, DDoS, and Other Attacks
Internet of Things (IoT) attacks target connected devices to find vulnerabilities within networks.
In 2023, there was a reported 400% rise in IoT malware.
And the average cost of a successful IoT device attack is more than $330,000.
IoT devices can also be turned into “zombies” for carrying out distributed denial of service (DDOS) attacks, flooding a target server with traffic in order to crash it.
In Europe, there is an average of almost 70 IoT attacks per organization per week. The figure in North America is close to 40.
IoT attacks per organization per week across different regions.
Sources: TechRadar, PSA Certified, World Economic Forum
Most Common Causes of Data Breaches in Cybersecurity
Of the 2,365 cyberattacks recorded in 2023 by the Annual Data Breach Report, 438 were phishing or related “social engineering” attacks. This made it the most common form of attack.
Ransomware accounted for 246 of the cyberattacks, or a little over 10%. It was the second most common kind of attack in three out of four quarters last year.
Malware was the next most common cyberattack leading to a data breach. There were 118 recorded malware attacks last year.
“Zero-day attacks” and “credential stuffing” made up the majority of remaining classified cyberattacks.
A further 729 breaches were caused by system or human error without any malicious intent, while 53 came from physical attacks. But cyberattacks accounted for the vast majority of data breach victims.
Source: ITRC Annual Data Breach Report
Cost of Cybersecurity
Cyberattackers have begun launching more advanced – and expensive – attacks in recent years.
Data breaches caused by malicious insiders come at the highest average cost to organizations, calculated at $4.99 million.
That’s closely followed by phishing and other business email compromise (BEC). Data breaches that come about in this manner cost an average of $4.88 million.
Data breaches from stolen or compromised credentials cost businesses an average of $4.81 million.
As of 2024, the average cybersecurity spending per employee is an estimated $52.16.
Cybersecurity Growth Rate
A US Bureau of Labor forecast indicates that information security analyst roles will increase by 33% between 2023 and 2033. That’s much faster than average.
This will result in more than 17,000 openings each year.
The cybersecurity market is worth $185.7 billion. That’s projected to reach $271.9 billion by 2029 at a CAGR of nearly 8%.
Sources: US Bureau of Labor Statistics, Statista
Data Breach Statistics
There was a 20% increase in data breaches in 2023. The number of victims doubled.
In the entirety of 2023, there were 3,205 breaches impacting over 350 million people.
The healthcare industry was the most affected, with more than 800 companies suffering breaches. Financial services were also impacted badly, experiencing more than twice as many breaches as the next-most affected sector.
Sources: Harvard Business Review, ITRC Annual Data Breach Report
Cybersecurity Risks
15.7 million encrypted attacks were recorded last year. There was a 30% increase in North America, but triple-digit percentage jumps were recorded in Europe, Asia and Latin America.
Legacy firewalls are often unable to detect these threats.
In total, 74% of CEOs are concerned about their organization’s ability to avert or minimize damage from cyberattacks.
Businesses of all sizes can be targeted by cyberattacks. However, given the typically financial motivations, large organizations are the most common targets.
47% of businesses with annual revenue of less than $10 million have been targeted by ransomware, compared to 59% of businesses with annual revenue between $250 million and $500 million. Among businesses making $5 billion or more, 67% have been targeted.
In the UK, across all kinds of cyberattack, 58% of small businesses have been targeted in the last 12 months. In the same time frame, 74% of large businesses have identified breaches or attacks.
Sources: SonicWall, Accenture, Sophos, UK Government
Largest Data Breaches and Hacking Statistics
2024 has seen a number of significant (and well-publicized) cyberattacks. Some of the biggest attacks have occurred in the telecom and healthcare industries.
Change Healthcare Hack
In February, the cybercrime group known as BlackCat/AlphV staged a ransomware attack against Change Healthcare (part of United Healthcare, a large organization with annual revenues of $370 billion).
Handling 15 billion healthcare transactions annually, Change Healthcare counts the US military among its service users. The hack caused difficulties in filling prescriptions and collecting payments from insurers.
Change Healthcare filed an 8-K report to the SEC, attributing the attack to a “nation-state associated cyber security threat actor.” It ultimately paid a $22 million ransom.
AT&T Breach
In March, telecoms giant AT&T confirmed that customer data had been released on the dark web. Personal records including social security numbers were compromised.
The actual breach appeared to be from 2019 or earlier. Around 7.6 million current customers and more than 65 million former customers were impacted.
Ascension Attack
In another instance of a healthcare provider being targeted, Ascension suffered an attack in May after an employee inadvertently downloaded malware. It forced the organization to divert emergency care from some of its hospitals.
Ascension confirmed that there is evidence of data being stolen.
Historic Data Breaches
According to ArcticWolf, the “modern history of cybercrime” began in 1962, when Allen Scherr stole passwords from an MIT database via punch card.
Since then, cybercriminals have moved with the times, ramping up their efforts and impacting major corporations, government organizations and social media platforms.
For example, the Wannacry virus affected thousands of groups worldwide, resulting in $4 billion or more in costs. The biggest data breach in history occurred at Yahoo in 2013, with in excess of 3 billion user accounts exposed.
Notable Breaches:
- A security breach that exposed the information of more than 339 million guests came to light at Marriott in 2018.
- A 2020 Twitter (now X) breach accessed accounts of former presidents and world figures like Elon Musk and BIll Gates, promoting a cryptocurrency scam that netted $120,000 in a matter of hours.
- In 2016, hackers stole the information of more than 57 million Uber drivers and customers.
- In 2015, the Pentagon was forced to take an email system used by the Joint Chiefs of Staff offline after a phishing attack that was traced to Russia compromised the details of thousands of military and civilian personnel.
Sources: Arctic Wolf, New York Times, The Hacker News, Uber, CBS
Cybersecurity Job Statistics
The cybersecurity space continues to grow. 75% of organizations within the industry expect to recruit more permanent staff this year.
Meanwhile, more than 7 in 10 businesses have vacant cybersecurity positions.
In the public sector, 52% of organizations cite resources or skills gaps as the “biggest challenge” when designing for cyber resilience.
In 2022, 94.7% of low-revenue organizations believed that they had the skills to respond to and recover from a cyberattack. That has dropped significantly to just 49.2%.
The median wage for an information security analyst is $120,360.
Sources: Barclay Simpson, World Economic Forum, US Bureau of Labor Statistics, Cybint, Cybercrime Magazine
Conclusion
There's no doubt about it: cyberattacks have become an increasing concern for major organizations, small businesses, and individuals.
With data showing that the cybersecurity industry will be worth more than $270 billion within the next five years, it pays to invest in training, tools, and professionals to protect sensitive information from cybercriminals.
For more related content, check out Huge Cybersecurity Trends, Top Cybersecurity Startups to Watch, and The Ultimate List of Cybersecurity Statistics.
