Cybercrime statistics we can’t ignore

26 Jul, 2021
Nigel Thorpe
Nigel Thorpe
Technical Director
- Even as crime numbers fell overall in Singapore between 2016 and 2017, the percentage of cybercrimes grew from 15.6% to 16.6% of total crimes. This motivated the Singapore Police Force and the National Crime Prevention Council to re-enact cybercrime cases in a popular crime watch series.

- In Australia, the Australian Cyber Security Centre’s Annual Cyber Threat report shows that a cyber crime is reported, on average, every ten minutes.

- In the United Kingdom, Financier Worldwide, reports that cybercrime was 0.8% of all offences recorded by the police in England and Wales, but in the year 2018, this figure rose to 2%. 

- In the United States, a report by the Insurance Information Institute showed that the average annual cost of cybercrime rose 29% in 2018, to $27.4 million, compared with $21.2 million in 2017. In a more recent report by Spectrum News 1, last year's complaints total 791,790, a 69% increase from 2019, with losses of over $4.1 billion.

What exactly is cybercrime?

Cyber crime or cyber attacks refer to any type of aggressive or offensive action taken against digital infrastructure. This could include computer databases, private or public networks, computer or mobile devices, amongst other things that serve to prop up or contain a company’s digital property.

While not always the case, cyber crime is typically conducted in order to steal, damage, or destroy information, intellectual property, personal and financial data, amongst other things. 

The tactics that hackers use to extort information typically involve attempts at infiltrating information systems, be it from within or without, in order to gain unauthorised access to valuable information that can be sold or used for their own agenda. For example, Structured Query Language (SQL) injection attacks is a tactic whereby hackers write a code known as SQL into a target database.

Once executed, this code will print out data in a form that allows the hacker to transfer it into their own devices easily. Typically, SQL attacks are conducted by individuals who already have access into a company’s backend systems infrastructure, although hackers can also inject SQL code through remote access of company devices. This is also one of the reasons why remote work has made it much easier for hackers to infiltrate previously opaque security systems.

Most remote workers typically conduct their work via personal wifi networks, which are notorious for being unsecured. Most companies use VPN networks to add as an extra layer of security, because all it takes is one worker to have his network infiltrated for a hacker to gain unauthorised access.

Phishing Attacks are another widely used tactic where cyber criminals pose as legitimate companies and send emails in the guise of promotions, job offers, or even warning letters. These emails typically contain clickable links or interactable elements that will lead victims to malicious URLs once clicked upon. While insufficient, awareness is usually the best tactic against phishing attacks, seeing how it can be difficult to identify and block the email addresses of every single phishing hacker out there. Companies and institutions might choose to conduct routine briefings on phishing emails, and advise employees to always double check the identity of the sender where possible, and to never click on any links within emails when in doubt - a wise move, but not bulletproof.

But, let’s be honest - not all cyber attacks are conducted with the aim of gaining access to data. Competing companies, cyber terrorists or even individuals who wish to disrupt public service for malicious intent may attempt to conduct a Denial of Service Attack (DoS). This is where your system is flooded with an overwhelming amount of traffic that renders the website or network unusable. The effect is similar to what you might experience on an e-commerce site during the sales period, except that there are no real patrons, only bots deployed by the hacker. Hackers typically do not gain any tangible digital assets from such attacks, although business competitors or political stakeholders might stand to gain an advantage from having a rival service disabled.

Why is cybercrime rising?

Cybercrime has existed since the inception of the internet, it’s not new. But, what was once a fringe threat to our livelihoods and security, is now arguably one of the most present threats that humanity faces today. The pandemic has fundamentally changed the way we - and cyber criminals, work.

To say that cybercrime has increased in conjunction with online work would be an understatement. With companies now relying nearly exclusively on networks to maintain communications and operations, cyberspaces are ripe harvest fields for cyber criminals.

According to technology research hub Canalys, the number of data breach cases in 2020 alone topped the collective total number of cases between 2005-2019.

Which is why companies are on high alert.

The most concerning part is that cybercrime is not just a prominent threat now, but one that will likely continue to plague companies and societies for the foreseeable future.

In fact, by 2025, Cybercrime Magazine estimates that cybercrime alone could cost the world $10.5 trillion annually. That would make cybercrime the third largest economy in the world (if it could form a nation) - behind only the U.S. and China.

What do companies stand to lose to cybercrime attacks?

Companies that are subjected to cyber crime risk losing massive amounts of revenue when they have to pay for data recovery services, pay ransomware to the hackers themselves and patch up damages done to the corporate brand.

According to a CNBC investigation, ransomware attacks went up by a whopping 90% in 2020, and attackers demanded an average of $170,000 before they would release encrypted files and systems back to their victims.

Beyond just monetary loss, however, businesses could feel the lingering effects of cyber attacks long after they have been fended off.

In Europe, 50% of consumers said that they would stop patronising their favourite brand if they fell victim to a phishing attack involving that brand.

The scary thing is that even with the knowledge that cyber attacks can occur at any moment, awareness alone might not be enough. Fake web domains are mushrooming faster than they can be identified and eliminated.

The number of brand impersonations increased from 14.5 million in February 2019 to 39.2 million in February 2021 and it seems like the cyber attackers are winning. The number of people clicking on malicious URLs increased by 84.5% in 2020.

Get better protection with SecureAge Technology

With PKI-based encryption that operates at the file-level, along with proactive AI-driven malware protection, SecureAge Technology has the tools to help you avoid becoming the next cybercrime statistic.

We know the security solutions of yesteryear are playing a dangerous cat-and-mouse game, so our approach goes beyond the typical network defenses, and reactive anti-virus scanning solutions that most security software offers. Instead, the SecureAge Security Suite protects your data at the file-level, and SecureAPlus takes a zero-trust, block-first approach to malware protection. That means wherever your data goes, it’s encrypted and malware threats that fall outside the typical 99% detection rate are blocked. Click here to read more about why an anti-virus is not enough.

The best part however is we place security and usability on equal footing. This saves you time, money, (and your sanity) from trying to train others to become cybersecurity experts. Our solutions provide natural and inherent security processes that are easy to use. That way, you can focus on scaling your business with the assurance that your Data is protected and compliant.

We use cookies to improve our website experience and assume that by continuing to browse, you’re OK with it. To find our more about how we use cookies, please see our Cookie Policy.