Cyber Attacks-By the Numbers

  • Published: Wednesday, May 15, 2019

Cyber attacks are damaging. In this article we’ll take a look at a few attacks and the costly effects of each.

Damage caused by Ransomware

  • 97% of phishing emails deliver ransomware
  • 70% of infected businesses have paid the ransom
  • 42% of ransomware victims recovered the data
  • $200-$10,000 is the price of the ransom for consumers
  • More than 50% of these companies paid between $10-40,000
  • 1 in 4 paying users never recovered their data

Source: Heimdal Security

Denial of Service Attacks (DDoS/DoS)

  • 1 in 5 chance of being hit with an attack
  • 31% lead to data loss
  • 20% of businesses with 50 or more employees have suffered at least one attack
  • 24% of enterprises are most affected
  • 4th most expensive type of security breach
  • Average of $50,000 in recovery costs
  • 32% coincided with a network intrusion
  • 9% experience network outages from two days to a week
  • DDoS-as-a-service leverages about 16,000 infected IoT devices

Based on impact of small/medium businesses (SMB)
Source: Kaspersky

Data Breaches– Names, addresses, birth dates, social security numbers, passwords and other personal data are compromised through data mishandling or hacks.

  • A stolen credit card is worth $1 on the black market
  • Each added associated piece of information multiplies this amount 5x
    • So a credit card with an address would = $5. Add an email address=$25
  • 147 million people were affected by the Equifax hack
  • One’s entire online identity is worth $1200 on the black market
  • Health and medical records can sell for as much as $1000
  • Social Security numbers sell for $2
  • Facebook logins can be sold for $5.20, Grubhub=$9, Airbnb=$8, Costco=$5, Gmail=$1
  • PayPal credentials sell for $247 on average
  • 3 billion records released due to accidents
  • 6 billion records were released due to a hack

Sources: Fox Business, CNBC, Market Watch

Credential stuffing attacks

  • 30 billion attempts in 2018
  • 43% of all login requests were malicious
  • 83% difficulty in detecting legitimate logins from stolen credentials
  • 82% difiiculty fixing or remediating attacks
  • 81% difficulty in detecting attacks
  • On average companies experience 12.7 attacks per month
  • 1% success rate of 1 billion attempts=10 million breaches
  • Compromised accounts are 17x more valuable than a stolen credit card number

Sources: We Live Security, Akamai


DDoS Explained: How Distributed Denial of Service Attacks are Evolving

The 21 Scariest Data Breaches of 2018

Credential Stuffing 101: The Risk of Bots to your Business