Lale Çorumlu

ESET, the world leader in cybersecurity, has brought together statistical information to help remember developments on the latest cybersecurity trends as we start a new year.

Here are the 22 most influential or interesting cybersecurity statistics to know for 2022:

1. In 2021, the average cost of a data security breach reached its highest level in 17 years. On an annual basis, this cost increased from US$3.86 million to US$4.24 million. (IBM Cost of Data Leak Report, 2021)
2. The shift to remote work due to COVID-19 has directly impacted data breach costs. The average cost of a data leak where remote work is one of the causes of security breaches is more than $1.07 million. (IBM Cost of Data Leak Report, 2021)
3. The most common cause of security breaches in data was theft of user information. As a widely used attack vector, they account for 20 percent of security breaches, costing an average of $4.37 million. (IBM Cost of Data Leak Report, 2021)
4. In mid-2021, IT management software provider Kaseya's systems suffered a security breach by the Sodinokibi ransomware. The $70 million ransom demand by the attackers was the highest ever requested. (ESET Threat Report D2 2021)
5. 36 percent of security breaches were linked to a phishing theft attack. It can be said that one of the important reasons for the increase in these attacks by 11 percent is the COVID-19 pandemic. Not surprisingly, threat actors rearrange their phishing campaigns based on hot topics. (Verizon 2021 Data Breach Investigations Report)
6. Social engineering attacks are the biggest threat to public administration, accounting for 69 percent of breaches in public administration, according to a 2021 analysis by Verizon. (Verizon 2021 Data Breach Investigations Report)
7. A critical vulnerability in the Log4j login tool, Log4Shell, which was disclosed in December 2021, was detected by ESET, preventing hundreds of thousands of exploits, mostly in the US and UK. (ESET Research)
8. 2021 saw an incredible increase in the number of malware in banking apps on Android devices. It showed a huge increase with 158.7 percent in the first four-month period and continued to grow by 49 percent in the second four-month period. Banking trojans that directly affect their targets' financial assets should be considered a worrying trend. (ESET Threat Report D2 2021)
9. Four years later, WannaCryptor (aka WannaCry) is still a global threat that should not be ignored. This notorious trojan, which affects machines vulnerable to the EternalBlue leak, took its place at the top of the malware charts detected by ESET with a rate of 21.3 percent in the second four months (May-August). (ESET Threat Report D2 2021)
10. Cryptocurrency investment scams remain as popular as ever. Between October 2020 and May 2021, victims were defrauded more than $80 million. The real figure is thought to be much higher, as many people are too embarrassed to admit that they have been deceived. (Federal Trade Commission)
11. Cryptocurrency has been the preferred payment method for cybercriminals for some time, especially when it comes to ransomware. Outbound Bitcoin transactions worth $5.2 billion can be attributed to ransomware payments, including the 10 most common ransomware variants. (FinCEN Ransomware Trends Report by Bank Secrecy Law Data)
12. The notorious Emotet botnet, one of the longest running and most aggressive malicious threats, was busted in early 2021 in a large-scale global law enforcement operation. Up to 700 command and control servers were disabled during the raid. (Europol)
13. Cybersecurity Workforce Estimate, which measures the number of cybersecurity professionals available worldwide, calculated that in 2021, experts in this field were around 4.2 million. We see that this number has increased by 700,000 compared to the previous year. [2021 (ISC)2 Cybersecurity Workforce Study]
14. In addition, according to the same study, the cybersecurity workforce gap decreased this year, as it did last year. In 2020, the number of additional cybersecurity experts needed by organizations to protect their assets decreased from 3.12 million to 2.72 million in 2021. [2021 (ISC)2 Cybersecurity Workforce Study]
15. To compensate for the reduction in the number of cybersecurity professionals required to effectively protect organizations' critical assets, the worldwide cybersecurity workforce needs to increase by 65%. [2021 (ISC)2 Cybersecurity Workforce Study]
16. 82% of organizations admit that they have increased their cybersecurity budgets compared to last year and state that this budget can reach up to 15% of total IT spending. (State of Accenture's Cybersecurity resilience 2021 report)
17. In recent years, threat actors have gone beyond infecting systems with ransomware and began to use double blackmail to steal data to sell or disclose it to the public. Threats of leaking stolen data rose from 8.7 percent in 2020 to 81 percent in the second quarter of 2021. (ENISA Threat Environment 2021)
18. There is a significant increase in the overall cost of eliminating the effects of a ransomware attack. From $761,106 in 2020, the overall cost of compensating for a ransomware attack increased dramatically to $1.85 million in 2021. (ENISA Threat Environment 2021)
19. The number of Distributed Transfer of Services (DDoS) attacks is also increasing due to the COVID-19 pandemic. In 2020, the number of these attacks exceeded 10 million, increasing by 1.6 million compared to the previous year. (ENISA Threat Environment 2021)
20. In 2020, the Internet Crime Center (IC3) of the Federal Bureau of Investigation (FBI) broke a record with 791,790 cybercrime complaints, reporting that these complaints caused approximately US$4.2 billion in losses. (FBI 2020 Internet Crime Report)
21. Corporate Email Threat (BEC) scams are the most damaging cybercrime, with losses of over US$1.86 billion in 2020 according to the latest available data from the FBI. In the area of trust/romantic relationship fraud, the second most damaging type of fraud, recorded losses are “only” around US$ 600 million. (2020 Internet Crime Report)
22. Elderly people have also been affected by cybercrime. Almost 28% of the total losses caused by frauds were victims over the age of 60. This figure represents an average loss of US$ 1 billion for elderly victims. (IC3 2020 Elderly Person Fraud Report)

We have to admit that these statistics are just the tip of the iceberg when it comes to threats to individuals and organizations. However, we hope that it will give you an idea in terms of seeing the evolution of cyber threats and how large they have reached.

Source: https://www.eset.com/tr/about/newsroom/press-releases/basin-bultenleri/2022-icin-bilinmesi-gereken-22-siber-guevenlik-istatistigi/