Cybercrime statistics 2023: trends and threats

The FBI-run Internet Crime Complaint Centre (IC3) has released its annual report for 2022, providing valuable statistics and information on cybercrime in the United States and around the world from the previous year

Cybercrime statistics 2023: trends and threats


he Internet Crime Complaint Centre, or IC3, is the United State of America’s central hub for reporting cyber crime. It is run by the federal agency for domestic intelligence and security service, the Federal Bureau of Investigation (FBI).

As per its 2022 annual report, malware attacks witnessed a staggering increase of 358 percent in 2020 compared to 2019. Global cyberattacks surged by 125 percent in 2021.

The landscape of cyberattacks has been significantly impacted by Russia’s invasion of Ukraine. Phishing attacks originating from Russia targeting email addresses of companies with headquarters in Europe and the US have multiplied eight-fold since the start of the conflict. In the first quarter of 2022, breaches affecting approximately 3.6 million Russian internet users were reported, representing an 11 percent rise from the previous year.

In response to the invasion of Ukraine, the UK swiftly mobilised a £6.35 million package through the Ukraine Cyber Project, which was set up in 2022, to address the growing Russian cyber operations. This initiative includes firewall protection, DDoS protection to enable Ukrainian citizens to access vital information, and incident response measures to defend government entities in Ukraine from cyberattacks.

hishing continues to be the most widespread form of internet crime, with 50 percent of cybercrime victims falling victim to phishing attacks, affecting a staggering 323,972 online users. In 2021, nearly 1 in 5 internet users were exposed to phishing attempts via email. Despite being common, phishing attacks have the lowest average loss to victims, costing an average of $136 each.

In 2022, investment fraud emerged as the most lucrative type of cybercrime, with victims experiencing an average loss of $70,811 per incident. The number of victims has risen from 6 victims per hour in 2001 to 97 victims per hour in recent times, marking an increase of 1,517 percent over the span of 20 years.

It is evident that the Covid-19 pandemic has had a significant impact on the frequency of cybercrime victims. According to statistics from 2019, there were 53 reported victims every hour. However, in 2020 as the pandemic spread, the hourly victim count rose to 90, representing a 69 percent increase.

The average cost of data breaches per hour has surged globally. In 2001, the average hourly cost to individuals was $2,054. However, the hourly loss rate has since risen dramatically, reaching $787,671 in 2021. As workplace changes and increasingly sophisticated infiltration techniques embolden cybercriminals, the cost of data breaches to enterprises has risen significantly as well. In 2022, businesses spent an average of $4.35 million to prepare for data breaches.

Organisations worldwide are increasingly recognising the seriousness of the cyber security threat. This is reflected in their actions. A staggering 73 percent of small and medium-sized businesses (SMBs) acknowledge the urgent need for action on cyber security issues, with 78 percent planning to increase their spending on cyber security in the next 12 months and 67 percent feeling ill-equipped to handle data breaches internally.

There is a positive trend emerging as well. More SMBs are seeking assistance from managed service providers for cyber security. As of 2022, 89 percent of the SMBs were collaborating with managed service providers.

The Internet Crime Complaint Centre (IC3) received a total of 800,944 complaints in 2022, resulting in losses exceeding $10.3 billion. Phishing schemes were the most reported crime type with 300,497 complaints. For the first time, investment schemes resulted in the highest losses to victims, totalling over $3.3 billion. 

Ransomware attacks continue to pose a severe threat to individuals we well as organisations, with attackers employing increasingly sophisticated techniques that demand victims to make payments. In the first half of 2022, 236.1 million ransomware attacks were documented worldwide.

To combat these evolving threats, organisations globally must invest in more complex security measures, update their training programmes, and, particularly in larger businesses, recruit specialised cyber security professionals. In 2022, the average cost of a cyber breach was $4.35 million. Projections indicate that cybercrime is expected to cost the world economy $7 trillion in 2022 and $10.5 trillion in 2025.

In recent years, Pakistan has witnessed a growing problem with cybercrime, with financial fraud being the most reported type of crime. In 2020, out of a total of 84,764 complaints, 20,218 Pakistanis reported being victims of financial cybercrimes. Financial fraud ranks higher than hacking (7,966), cyber-harassment (6,023), and cyber-defamation (6,004) in terms of reported cases. An increasing number of Pakistanis are engaging in cybercrimes via social media platforms, with an 83 percent increase in financial theft on social media between 2018 and 2021. Facebook was used in 23 percent of the 102,356 cybercrimes reported in 2021.

India, like many other nations, is witnessing a significant rise in cybercrime as well. In 2018, a total of 208,456 cyber-related offences were reported, with more cybercrimes reported in the first two months of 2022 (212,485) than in the entire year of 2018. The impact of the pandemic has further exacerbated the situation, with reported crimes surging from 394,499 in 2019 to 1,402,809 in 2021 – a 15.3 percent rise between the first two quarters of 2022.

In addition to the increasing number of cybercrimes, Indian websites have also been targeted by hackers in recent years. In 2018, around 17,560 websites were compromised. This number rose to 26,121 in 2020.

Cybercrime has been on the rise in Malaysia, with internet users becoming a growing target. In 2021 alone, over 20,000 cybercrimes were reported, resulting in a total cost of RM560 million ($123 million) to the victims. Between 2017 and 2021, Malaysia lost an estimated RM2.23 billion ($490 million) due to cybercrime. The number of reported cybercrimes has continued to increase, with 11,367 cases reported from January to July 2022, marking a significant 61 percent increase in crime compared to the period from 2016 to 2022.

Despite having a relatively small population, Nepal has also been grappling with cybercrime. In the fiscal year 2020-2021, a total of 3,906 cases of cybercrime were reported. In just the first three months of the current fiscal year (2021-2022), they have already documented 1,547 instances of cybercrime. This alarming trend has resulted in Nepal being ranked 140th out of the 160 nations, according to the ICT Development Index. Robust measures are urgently needed to address the growing threat of cybercrime and improve cybersecurity in both Malaysia and Nepal.

Alarming statistics reveal the vulnerability of internet users to cybercrime. In the United States, 1 in 2 internet users fell victim to account breaches in 2021, and over half of the country’s citizens were affected by cybercrime in the first half of 2022. Similarly, in the United Kingdom, 39 percent of businesses reported experiencing cyberattacks in 2022, which is expected to cost them an average of £4,200. Shockingly, around 1 in 10 US organisations do not have insurance coverage against cyberattacks, leaving them financially exposed.

The rising tide of cybercrime calls for heightened vigilance and robust cybersecurity measures to safeguard against data breaches, ransomware attacks and other forms of cyber threats. It is crucial for individuals and businesses alike to prioritise cyber security and take proactive steps to protect their sensitive information and mitigate the financial and operational damages inflicted by cybercriminals.

The author is experienced researcher, writer and analyst in field of cyber security

Cybercrime statistics 2023: trends and threats