Inconvenient truths about our cybersecurity

Not many people know about cybersecurity, but it’s crucial and impacts many people. We’re more vulnerable to cyberattacks in the digital world than ever before. These attacks are getting more intelligent and innovative, especially as they evolve to target all our new devices. It would be best to be careful on your computer or phone, but now you also need to watch out for your refrigerator, smart thermostat, or even smartwatch. As the years go by, our cybersecurity risk increases. Take a look at the statistics for 2021 below:

Cybersecurity statistics for 2021

ESET has compiled statistics from last year to help you understand why it’s crucial to stay up to date with the latest attack trends.

There is no doubt that security awareness comes at a price. First and foremost, there is the attention and caution, and of course, the minor inconvenience and loss of time that comes with more secure procedures and solutions. And sometimes, an actual price is a virus protection package or an external drive for backup. Perhaps this is why many people are reluctant to take their protection seriously, often explaining their attitude with the “I’m not important/rich enough to be found!” mentality.

However, to ensure that we are prepared to face cyber threats in 2022, here are 12 statistics to keep in mind in the coming months to ensure our security and privacy. The list is ESET’s way of showing how cybersecurity permeates every aspect of our digital lives, and it’s certainly not something to be treated as a secondary concern.

The 13 most essential and exciting cybersecurity statistics for 2021

  • The cost of data breaches reached a 17-year high in 2021, with the average cost rising from $3.86 million to $4.24 million per year. This was $1.07 million higher in cases where telecommuting was a factor in the data breach. The most common motive behind data breaches was the theft of user data. (Source: IBM Data Breach Costs 2021 Report)
  • 36% of data breaches were related to phishing attacks, an increase of 11% – partly due to the crown virus epidemic. As expected, cybercriminals have always based their phishing campaigns on current news, the topics that matter most to people. (Source: Verizon 2021 data breach report)
  • There was a sharp increase in the detection of mobile banking malware on Android devices in 2021. The first third of the year saw a dramatic increase of 158.7% in detections, and the second third saw a further 49% increase. This is a particularly worrying trend as mobile banking Trojans can cause huge financial losses to victims. (Source: ESET’s Second Third Quarter Virus Report 2021)
  • Unfortunately, investment scams based on cryptocurrencies continue to be extremely common. Between October 2020 and May 2021, a total of more than $80 million was swindled from victims using this method. The actual amount is likely to be even higher, as many are ashamed to admit they have been scammed. (Source: US Federal Trade Commission)
  • So-called social engineering attacks i.e. attacks based on human deception, pose the greatest threat to public administrations, accounting for 69% of administrative data breaches in 2021. (Source: Verizon 2021 data breach report)
  • Following the disclosure of the serious vulnerability in the Log4ShelI logging utility Log4j in December 2021, ESET detected and blocked hundreds of thousands of attack attempts, the majority of which occurred in the US and UK. (Source: ESET research)
  • In recent years, cybercriminals have begun to move from simple ransomware to doxing, threatening to sell or make public the data obtained during encryption if a ransom is not paid. The number of such threats has increased dramatically, from 8.7% in 2020 to 81% in the second quarter of 2021. And with this, the overall cost of countering ransomware attacks has also increased significantly. (Source: ENISA Virus Report 2021)
  • In mid-2021, IT management software provider Kaseya’s systems were attacked by the Sodinokibi ransomware, with the perpetrators demanding a ransom of $70 million – the largest ransom demand ever (Source: ESET’s second 2021 Third Year Virus Report)
  • The number of overload DDoS attacks that disrupt services is also on the rise, thanks in part to the coronavirus epidemic. In 2020, there were more than 10 million such attacks, 1.6 million more than the previous year. (Source: ENISA Virus Report 2021)
  • Four years after its first detection, Wannacryptor (also known as WannaCry) remains a global threat. This Trojan malware, which attacks machines with the EternalBlue vulnerability, still accounted for 213 percent of ransomware detections between May and August. (Source: ESET’s Second Tertiary Virus Report 2021)
  • Globally, there is still a shortage: the cybersecurity workforce would need to grow by 65% to have enough professionals to effectively protect organizations’ most critical assets. (Source: 2021 Cybersecurity Workforce Report)
  • Older people are disproportionately victims of cybercrime: 28% of all fraud-related financial losses were suffered by people aged 60 and over. (Source: IC3 2020 Elder Fraud Report)

The last point also answers the objection raised at the beginning of the article, as not many people over 60 are in important jobs that make them a target. It is also unlikely that, in their case, their superior wealth would have been the reason for the attack. It is simply that this age group is an easier target, especially for groups specializing in support fraud.

Unfortunately, these statistics are only the tip of the iceberg regarding threats to individuals and organizations. But perhaps this is a good indication of the enormous scale and staggering magnitude of the evolution of cyber threats. All actors should take the fight against them very seriously and ensure protection.

More about the compilers of the statistics

ESET

ESET is a company that specializes in antivirus software. ESET’s expertise in technology and security has created some of the most influential and effective antivirus solutions. Besides their great products, ESET offers outstanding customer service, phone support to help with any problem or answer any question you may have.

ESET is not just an antivirus provider but also offers internet security, data protection, and mobile security. ESET has over 400 million customers in 200 countries and territories worldwide and is ranked as one of the top 5 antivirus software companies worldwide.

IBM

IBM is the third-largest technology company in the world. They are also the most prominent computer company and offer various services, including software, tech support, consulting, etc. IBM was founded in 1911 by Herman Hollerith, trying to make an improved census machine. His machine-read cards with punched holes could process data faster than ever before. In 1914, they started making tabulating machines for businesses to help keep track of their finances. In 1935 they opened their first research lab to explore new ways to use computers. That same year they developed the first electromechanical calculator, which you might know as a “brick”.

Verizon

Verizon is the largest wireless company in the United States. It has over 90 million subscribers and nearly 1,700 stores. The Verizon Wireless arm of Verizon offers 4G LTE coverage for about 98% of the U.S. population. It also introduced an unlimited data plan with no limits for customers who need to use their data for streaming media, gaming, or other purposes.

US Federal Trade Commission

The U.S. Federal Trade Commission is a federal government agency that regulates advertising. Congress created the FTC in 1914, and its mission is to investigate and take action against false advertising. It’s their job to protect consumers from unfair or unsafe business practices. One of the best ways they do this is by enforcing truth-in-advertising laws.

ENISA

ENISA, the European Union Agency for Network and Information Security, has a role in helping to build and maintain a secure information society. Essentially, ENISA is responsible for assessing and managing the risks from security breaches. They also help to set standards for IT and communications service providers, provide training courses on cybersecurity issues, and perform research into such matters.

Cybersecurity Workforce Report

The Cybersecurity Workforce Report, published by the International Consortium of Buyers, found global shortages in cybersecurity professionals. The report also found several regions where companies couldn’t find qualified employees to fill their open positions. These include countries in Africa, Latin America, and Eastern Europe.

IC3

IC3 is a certification developed by the U.S. National Security Agency (NSA) in cooperation with the Central Intelligence Agency (CIA). It is designed to test “a candidate’s knowledge and skills required to understand foreign intelligence related to cyber threats, identify or mitigate those threats, and make sound decisions on how best to protect personally identifiable information.” IC3 certification stresses the importance of understanding technology systems and how they can be exploited by malicious actors and knowing how to defend against such postings.

Conclusion

Cybersecurity is critical, important, and needs to be taken seriously, but people don’t know how to protect themselves. It’s more dangerous than ever because cyberattacks are getting more intelligent and innovative.