25 Alarming Cyberattacks and Stats

08263 Cyberattacks and Stats_600x400To say life as we know it has changed this year would be quite the understatement. Daily life, once conducted in person, has now gone nearly completely virtual. And, it literally happened overnight. While the upstanding citizens of the world try to find ways to connect, collaborate and move forward, the bad actors have upped their game – and are expanding their base.

One of the major themes of CompTIA’s State of Cybersecurity 2020 report is that businesses are going through serious changes to their cybersecurity approach. The COVID-19 pandemic is a primary trigger for change. For example, 53% of companies say that the shift to a remote workforce has driven new tactics. It’s not just internal responses driving change, though. The attacks coming from the outside are taking advantage of the disruption.

Research conducted by Cybernews suggests an unprecedented amount of interest in hacking and cybercrime during this global pandemic. In fact, their review of Google search trends indicates that during the months of March, April and May 2020, online searches related to hacking, scamming and other forms of cybercrime skyrocketed. Additionally, visits to popular hacking websites and forums increased by 66% in March 2020 alone.

Is this sudden interest in malicious cyber behavior a product of desperate times, call for desperate measures? Or, are outdated and unsecure systems allowing cybercriminals to leverage fear and uncertainty to profit at your expense? Whatever the case, cyberattacks exploiting the pandemic are showing no sign of slowing down.

Here’s the 2020 story, so far.

Let’s start with some basic hacking statistics. First, how many cyberattacks per day happen worldwide?

  • 30,000 websites are hacked daily.
  • 64% of companies have experienced at least one form of a cyberattack.
  • Each second, 75 records go missing.
  • About 94% of all malware is spread through email.
  • An average of 24,000 malicious mobile apps are blocked daily on the internet.

(Source: TechJury)

Of course, as we continue to stay home and move further into a virtual era, our digital footprints are growing.

08263 Cyberattacks and Stats_1

There are approximately 300 billion passwords out there today – that’s an average of 38.4 passwords per person worldwide.

(Source: SC Magazine)

: An illustration of two people holding up the arrow of a chart with the caption, “By 2020, the estimated number of passwords used by humans and machines worldwide will grow to 300 billion.

The truth is large-scale cybersecurity breaches are growing in both intensity and frequency this year.

08263 Cyberattacks and Stats_2

65% of companies have more than 1,000 stale user accounts.

(Source: Varonis)

08263 Cyberattacks and Stats_3

As of early July 2020, there were 15 billion credentials available on cybercriminal marketplaces.

(Source: Digital Shadows)

08263 Cyberattacks and Stats_4

The number of data records exposed in the first quarter of 2020 climbed sharply to 8.4 billion – that’s a 273% increase compared to first quarter of 2019.

(Source: Iomart)

08263 Cyberattacks and Stats_5

At least 16 billion records, including credit card numbers, home addresses, phone numbers and other highly sensitive information have been exposed through data breaches since 2019.

(Source: SelfKey)

For example, ransomware operators are demanding more from their victims.

08263 Cyberattacks and Stats_6

The average ransom payment is $111,605, up 33% from the last quarter of 2019.

(Source: Coveware)

08263 Cyberattacks and Stats_Image 2

And, identity theft continues to be a substantial part of cyberattacks each and every year.

08263 Cyberattacks and Stats_8

Approximately 60 million Americans are victims of identity theft every year – costing them around $15 billion annually.

(Source: Norton Security)

08263 Cyberattacks and Stats_7

There will be a ransomware attack every 11 seconds by 2021. By that time, the global cost will be $20 billion yearly.

(Source: Cyber Security Ventures)

08263 Cyberattacks and Stats_9

By 2023, cybercriminals will steal 33 billion records.

(Source: Norton Security)

Of course, the advent of COVID-19 opened the door for many new (or evolved) types of cyberattacks.

08263 Cyberattacks and Stats_10

Mobile device infection vectors have expanded and bypassed security protections, placing malicious apps in official app stores. One threat actor used an international corporation’s Mobile Device Management system to distribute malware to more than 75% of its managed mobile devices.

(Source: Check Point)

08263 Cyberattacks and Stats_11

Increased reliance on public cloud storage due to the pandemic has led to an increase in attacks targeting sensitive cloud workloads and data.

(Source: Check Point)

Cybercriminals are taking advantage of the work-from-home crowd.

08263 Cyberattacks and Stats_12

Since the beginning of the year, more than 3,300 new domain names containing the word “Zoom” have been registered – and over 30% of these have activated an email server, which is an indication that they are being used to process phishing attacks.

(Source: BrandShield)

08263 Cyberattacks and Stats_13

Attackers are changing Domain Name System (DNS) settings in routers, pointing users to what they believe to be legitimate websites with a pop-up message containing COVID-19 information. However, once a user clicks, a fake coronavirus-related app with malware may be downloaded.

(Source: BitDefender)

08263 Cyberattacks and Stats_14

47% of all vulnerable devices on home networks are cameras. But don’t blame just your camera. An average U.S. household has 17 IoT devices, and most of them have some kind of vulnerability.

(Source: ZDNet)

08263 Cyberattacks and Stats_15

However, in an effort to trim expenses, 40% of global organizations have cut their cybersecurity budgets during COVID-19, although 56% of them plan to continue widespread remote work post-pandemic. Read how to properly protect remote workforces.

(Source: Barracuda)

08263 Cyberattacks and Stats_Image 3

Unfortunately, the unemployed and struggling are equally at risk.

08263 Cyberattacks and Stats_16

Cybercriminals are taking advantage of the massive uptick in unemployment across the United States. In a recent spear-phishing campaign, hackers send out fake resumes from purported job-seekers that actually spread banking credential-stealing malware.

(Source: RiskIQ)

08263 Cyberattacks and Stats_17

Many states are warning unemployment applicants that their personal information may have been leaked. The exposed information included names, full social security numbers, banking details, addresses, number of dependents and more.

(Source: Forbes.com)

08263 Cyberattacks and Stats_18

An aggressive business ID theft ring that formerly targeted small businesses nationwide is now using their resources to access pandemic assistance loans and unemployment benefits.

(Source: KrebsOnSecurity)

Don’t let your guard down when binge watching either.

08263 Cyberattacks and Stats_19

Phishing attacks targeting Netflix users has increased by a whopping 646% by attackers looking to capitalize on Netflix’s growth.

(Source: Webroot)

08263 Cyberattacks and Stats_20

Netflix users have also reported receiving suspicious texts, offering them “free passes” to the streaming service if they click a specific link.

(Source: Business Insider)

And be cautious with your vote.

08263 Cyberattacks and Stats_21

Experts are sounding alarms about potential security risks related to the 2020 U.S. elections. Cybersecurity pros warn that hackers could infiltrate voter databases and election night reporting, for example.

(Source: The Washington Post)

The second wave of COVID-19-themed cyberattacks will be related to the vaccine, according to Interpol.

08263 Cyberattacks and Stats_22

The U.S. Department of Homeland Security says we should expect to see every intelligence service attempt to target and steal COVID-19 research and data – including Chinese-backed hackers targeting U.S. organizations working to develop vaccines for the virus.

08263 Cyberattacks and Stats_23

Microsoft is warning of an ongoing COVID-19-themed phishing campaign that installs the NetSupport Manager remote administration tool. The massive campaign is spreading via malicious Excel attachments in emails pretending to be from the Johns Hopkins Center.

08263 Cyberattacks and Stats_24

Google says it blocks 18 million COVID-19-related scam emails each day – not counting more than 240 million daily spam messages launched at Gmail users that try to capitalize on the coronavirus crisis.

Even puppies can’t be trusted.

08263 Cyberattacks and Stats_25

Sadly, nearly 85% of people who post pictures of puppies online are apparently just trying to scam you out of money – charging victims for a pet that doesn’t even exist.

(Source: Better Business Bureau)


COVID-19 is the virus hackers didn’t expect but love to exploit.

Believe it or not, fraudsters have even found a way to use the coronavirus pandemic for blackmail. Reports of phishing scams threatening to infect every member of a victim’s family with the virus are real and, quite frankly, disturbing.

That said, there has to be some good news, right?

The good news lies in the fact that trained and qualified cybersecurity experts are working around the clock to mitigate the majority of bad actor efforts. In fact, in February Amazon mitigated the biggest ever DDoS attack. That’s good news.

We have the technology to combat hackers – we just need the people. Currently, demand is greater for cybersecurity professionals than to the pool of candidates who can fill open positions. And that is only expected to grow. Microsoft data estimates that 6 million new cybersecurity jobs will be added in just 5 years. Are you up for the challenge?

Keep your cybersecurity skills sharp with CompTIA Security+. Download the exam objectives to see what’s on the new version (SY0-601).

Read more about Cybersecurity.

Tags : Cybersecurity