10 cyber security facts and statistics for 2018
Authored by a Symantec employee
Cyber security threats evolve. So do cyber security facts.
You hear a lot about cyber security dangers — data breaches, ransomware attacks, cryptojacking, threats to your connected devices. And they all contribute to new rounds of cyber security facts, figures, and statistics.
Do you find it hard to keep up? Let’s cherry-pick 10 cyber security facts for 2018 to help give you the big picture.
1. Cybercriminals land on FBI’s most wanted list
Let’s start with the bad guys. Since the FBI first expanded its familiar “Most Wanted” list to include a Cyber Most Wanted in 2014, the list has grown to 42 people and groups in 2018.
Park Jin Hyok tops the list. He’s a computer programmer who’s part of a state-sponsored hacking organization. Here are a few of his career highlights, according to the FBI:
“Responsible for some of the costliest computer intrusions in history, including the cyberattack on Sony Pictures Entertainment, a series of attacks targeting banks across the world that collectively attempted to steal more than $1 billion, and the WannaCry ransomware attack that affected tens of thousands of computer systems across the globe.”
We can probably skip the other 41 on the list. You get the idea.
2. Mobile malware on the rise
Malicious software, also known as malware, is taking aim at your mobile devices. Things like spyware, ransomware, and viruses used to focus on your laptop or desktop computer. Well, look out, mobile devices.
The number of new malware variants for mobile increased 54 percent in 2017. That’s according to Symantec’s Internet Security Threat Report 2018.
Overall, in 2017, 27 percent of malicious apps were found in the Lifestyle category. Next in line: Music & Audio, with 20 percent, followed by Books & Reference, with 10 percent.
3. Third-party app stores host most mobile malware
So where’s all that mobile malware coming from? We’ve got a stat for that.
The same Symantec report found third-party app stores hosted 99.9 percent of discovered mobile malware.
A third-party app is a software application made by someone other than the manufacturer of a mobile device or its operating system. For instance, app developers create a lot of applications for Apple’s or Google’s operating systems. Some of those apps may only be available on third-party app stores.
Third-party app stores might offer a normally pricey app for free. But the real cost might be malware installed on your device. That’s why it’s a good idea to stick to reputable purveyors like Google Play and Apple App Store.
4. U.S. to account for half of breached data by 2023
OK, brace yourself for some big numbers.
Cybercriminals will steal an estimated 33 billion records in 2023. That’s according to a 2018 study from Juniper Research. The compares with 12 billion records Juniper expects to be swiped in 2018.
Records include personal information you share with various entities. It might include your name, address, credit card information, or Social Security number.
Here’s another statistic: Jupiter expects more than half of all data breaches globally to occur in the United States by 2023.
Why? It’s due to the amount of consumer and corporate data stored across the country.
5. Identity theft impacts 60 million Americans
Nearly 60 million Americans have been affected by identity theft,1 according to a 2018 online survey by The Harris Poll.
The same survey indicates nearly 15 million consumers experienced identity theft in 2017.1
Publicly available numbers from Javelin Strategy & Research since 2012 tell a similar story.
Source: Publicly available numbers from Javelin Strategy & Research
While data breaches can expose your personal information and leave you vulnerable, low-tech and offline methods also contribute to the spread of identity theft. Every time someone has access to your personal data, there’s potentially more of it “out there” for criminals to try to profit from.
6. U.S. government to spend $15 billion on cyber security — and then some
The President’s Budget for fiscal year 2019 earmarks $15 billion for cyber security-related activities. That’s a 4 percent pop over the previous year. But, wait, there’s more.
From the budget document: “Due to the sensitive nature of some activities, this amount does not represent the entire cyber budget.”
The Department of Defense gets the most funding with nearly $8.5 billion in the budget. Runner-up? Homeland Security with roughly $1.7 billion.
7. Coin mining a big growth area in cybercrime
Types of cyberattacks vary from year to year. Lately, cryptocurrency coin mining is in vogue.
Here’s what Symantec’s Internet Security Threat Report 2018 had to say:
“Coin mining represented the biggest growth area in cybercrime in 2017, with antivirus detections up 8,500 percent.” Not only that, “The growth in coin mining in the final months of 2017 was immense. Overall coin-mining activity increased by 34,000 percent over the course of the year.”
Consider this: Symantec blocked 8 million coin-mining events in December 2017 alone.
Coin mining requires a lot of computing power. Coin miners might even try to add your computer to their arsenal through cryptojacking.
8. The United States is No. 1 target for targeted attacks
Targeted attacks are often state-sponsored, though some have been by private groups. A nation might try to spy, disrupt, sabotage, or rob from another entity. The U.S. is the No. 1 target.
It’s not a statistic you’d want to own, but the U.S. is not alone. Here’s a breakdown of the top 10 countries affected by targeted attacks between 2015 and 2017.
9. Internet of Things devices can increase security vulnerabilities
Just how vulnerable are internet connected devices?
Symantec research in 2015 found multiple vulnerabilities in 50 commercially available devices. They included a “smart” door lock that could be opened remotely online without a password.
That’s one reason why cyber security requires comprehensive coverage — to help protect your devices, privacy, personal information, and home.
The number of connected things is expected to grow. Cybercriminals see that as an opportunity.
10. Average cost of a data breach rises
No business wants to be the victim of data breach. One reason? The cost is rising.
Here are three telling stats from the Ponemon Institute’s 2018 Cost of a Data Breach 2018 study for IBM.
- Cost of the average data breach to companies worldwide: $3.86 million (U.S. dollars)
- Cost of the average data breach to a U.S. company: $7.91 million (U.S. dollars)
- Average time it takes to identify a data breach: 196 days
Here’s a parting thought. There’s really not much you can do to help prevent data breaches. If an organization has your personal information, a cybercriminal may be able to access it.
But there are things you can do to help protect yourself in other ways. It’s a good idea to consider investing in a comprehensive cyber safety product to help protect your devices, personal information and home. For instance, it can help protect against viruses, malware and other threats.
After all, the last thing you want is to become a statistic.
Disclaimers and references:
1 Based on an online survey of 5,389 U.S. adults conducted for Symantec by The Harris Poll, January 2018.
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.
Copyright © 2018 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the LockMan Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome and Android are trademarks of Google, LLC. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced and/or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other company names and product names are registered trademarks or trademarks of each company.