Hacking Statistics (How Many Sites Get Hacked?)
Are you trying to find the best hacking statistics and learn how many sites get hacked?
Cybercrime, attacks and threats – sadly, it’s all part of the online world, which we cannot escape.
Every year, thousands of websites, businesses, and individuals (more like millions!) get hacked and scammed, causing data and financial loss.
Luckily, cybersecurity is improving, protecting individuals, businesses and organizations from cybercriminals.
In this statistical roundup, I’ll share the current state and trend of hacking statistics, giving you a better idea of the issue’s importance.
From websites to industries, hacking types and other terrifying stats, I’ll provide an overview and share insights into cybersecurity.
Get a better understanding of the hacking problem, so you can take the proper steps to protect yourself and your business online.
This post covers:
- How Many Sites Get Hacked?
- Cost Of Hacking Statistics
- Hacking Statistics By Attack Type
- Industry-Specific Hacking Statistics
- Global Hacking Statistics
- Other Terrifying Hacking Stats
Hacking Statistics (Our Top Picks)
- 10.8 million websites get hacked yearly
- WordPress is the most vulnerable content management system
- Approximately 20 ransomware attacks happen every second
- Cyberattack damage cost is predicted to reach $10.5 trillion by 2025
- Data breach costs the US nearly 2x the global average – $9.4+ million
- The most common cause of data breach is stolen/compromised credentials
- Malware experienced a 39% decline in 2020
- The total average cost of a breach in healthcare is $10.1 million
- There are around 1.27+ million phishing sites worldwide
Before we continue, you need to know that the accurate measurements of cybercrime are challenging to measure because not all crime is reported. Plus, not everyone is aware they have been targeted.
The sad part is that all the statistical estimates below are, in reality, much higher.
It is now time for some shocking news!
How Many Sites Get Hacked?
How many websites do you think get hacked daily?
If you said 30,000, BINGO!
That’s 210,000 weekly, 900,000 monthly and 10.8 million yearly. Have you ever wondered how many total websites there are? Our website statistics reveal it all.
Unfortunately, small business websites get affected by cyber criminals, malicious code and other harmful attacks the most.
Too many think cybercriminals only target Google, Facebook, and other online behemoths, but that’s not true. Hackers are interested in nearly any size website and online platform.
In short – everyone can be a target.
A more general approach to protect your site would be:
Your website must be built on a solid foundation, use reliable hosting and don’t install suspicious and outdated plugins (in the case of WordPress (also check our WordPress statistics), plugins (see below) are one of the biggest reasons for site hacks), apps and software.
Source: Forbes
1. Which CMS gets hacked the most?
The largest content management system in the world, WordPress, gets hacked the most (95.6%). All the other popular CMSs are far behind, with Joomla (2.03%) in second, Drupal (0.83%) in third and Magento (0.71%) in fourth position.
If you’re interested in more exciting facts about content marketing system stats, peeks at our CMS market share article.
Additionally, Sucuri reported that approximately 1 in every 25 WordPress websites gets hacked. One of the biggest WP vulnerabilities are plugins (92.81%), then themes (6.61%) and finally, core (0.58%).
Fun fact: The three most exposed WP components are Contact Form 7, TimThumb and WooCommerce.
But you may also be interested in our WordPress hacking statistics roundup to find out how many WP sites get hacked.
Source: Sucuri
2. How Many Cyber Attacks Happen Per Day?
According to SonicWall, in the first half of 2021, they recorded a whopping 304.7 million ransomware attacks globally. That’s roughly 610 million per year. But since cybercrime keeps increasing, the number could be even greater.
We’re talking about approximately 20 attacks every second!
Source: SonicWall
3. Countries with the best cybercrime protection
The ten countries with the strongest cybersecurity are Belgium, Finland, Spain, Denmark, Germany, Lithuania, France, Sweden, the UK, and Portugal.
Source: Seon
4. Countries with the weakest cybercrime protection
The countries where cybersecurity is the weakest are Afghanistan, Myanmar, Namibia, Libya, Honduras, Cambodia, Mongolia, Ethiopia, Venezuela and Nicaragua.
Not only is protection against cybercrime weak, but these countries also have the weakest legislation against it. Sometimes there’s no legislation, so users, website owners and businesses must be especially cautious when transferring and processing sensitive data and transactions.
Source: Seon
Cost Of Hacking Statistics
5. Cyberattack damage cost is predicted to reach $10.5 trillion by 2025
In 2015, the cost of cybercrime was “just” $3 trillion, but it’s expected to reach a whopping $10.5 trillion by 2025.
What about 2023? $8 trillion.
With the rise of the digital economy comes the rise of digital crime. And just like everything on the internet is getting more and more sophisticated, so are the attackers getting better and better at it.
Meaning, it’ll only get more expensive to keep the data protected from unwanted intruders.
Source: eSentire
6. Data breach costs the US nearly 2x the global average
Year after year, the United States is the leader in the highest data breach cost, with an average cost of $9.4+ million.
As a reference, the global average total cost of a data breach is $4.3+ million—approximately $5.1 million less than in the US.
Source: IBM
Data breach costs around the world
These are the top five countries and regions with the highest data breach costs:
Country/region | Data breach cost in millions |
United States | $9.44 |
Middle East | $7.46 |
Canada | $5.64 |
United Kingdom | $5.05 |
Germany | $4.85 |
Fun fact: The country with the fastest growth rate of a data breach is Brazil, at $1.38 million.
Source: IBM
7. More ransomware attacks and costlier destructive attacks
The average ransomware attack cost is $4.5+ million (a 41% growth in a single year) and it takes 49 days longer to identify than a year before.
Moreover, the cost of destructive attacks increased by an additional $430K, to $5.1+ million.
Source: IBM
8. Private and public clouds are hit more than hybrid cloud models
IBM reports that nearly 50% of breaches happen in the cloud, with organizations that have private and public clouds experiencing the highest data breach costs.
Cloud type | Data breach cost in millions |
Public cloud | $5.02 |
Private cloud | $4.24 |
Hybrid cloud | $3.80 |
Source: IBM
9. The most common cause of data breach is stolen/compromised credentials
Besides being the most common cause of a data breach, it also takes the longest to detect – 327 days. However, phishing is still the cause that costs the most.
Cause of a data breach | Cost in millions |
Phishing | $4.91 |
Business email compromise | $4.89 |
Vulnerability in third-party software | $4.55 |
Stolen or compromised credentials | $4.50 |
Malicious insider | $4.18 |
Source: IBM
10. A single cyber attack costs US companies on average $18,000
On average, companies in the United States need to pay $18,000 for an attack, whether a breach, DDoS attack, malware or ransomware. That’s $8,000 more than in 2021. Also, nearly half of the US businesses experience some type of cyber attack.
Source: Hiscox
11. Global security spending by segment
Security segment | Spending in millions |
Security services | $64,270 |
Infrastructure protection | $17,483 |
Network security equipment | $11, 684 |
Identity access management | $10,409 |
Consumer security software | $6,235 |
Source: Embroker
Hacking Statistics By Attack Type
12. Targeted ransomware is on a continuous rise
Ransomware attacks are constantly growing across all industries, jumping from 0.016% (of all malware) in 2021 to 0.026% in 2022.
Cybercriminals keep improving their ransomware techniques, making them more challenging for the attacked businesses and people to identify and counteract, thus the growth.
Source: Kaspersky
13. Malware experienced a 39% decline in 2020
Malware saw a nice decline in 2020, but that doesn’t mean it’s going away. SonicWall reported a global decline of 39% (the most significant drops in India and Germany), dropping to 4.4 billion malware attacks.
Country | Malware decline |
India | -68% |
Germany | -64% |
United Kingdom | -44% |
United States | -33% |
Source: SonicWall
14. 22% of consumers reported malicious software on their devices
Consumers most commonly detect malicious software on their desktop device, smartphones, tablet, Wi-Fi networks and even connected devices.
The second and third most common cybercrimes are unauthorized access to email accounts (14%) and social media profiles (13%).
Source: Norton
15. 86% of adults are unaware/unfamiliar with stalkerware
There are actually only 14% of consumers who are aware of what stalkerware is and how it can affect them.
Fun fact: Almost 1 in 10 persons in a romantic relationship used an app to track the partner’s device activities. (Now that’s creepy, no wonder why it’s called creepware.)
Why the rise of online stalking? One of the biggest reasons why people stalk their partners online is LOW trust.
Source: NortonLifeLock
Industry-Specific Hacking Statistics
16. The total average cost of a breach in healthcare is $10.1 million
The healthcare industry gets hit the hardest, resulting in the highest average breach cost. It increased by 9.4% from $9.2 million in 2021.
The second highest cost has the financial organizations (averaging $5.9+ million), in the third place is pharmaceuticals at $5+ million, fourth is technology ($4.9+ million) and fifth is energy ($4.72 million).
Industry | Data breach cost in millions |
Healthcare | $10.10 |
Financial organizations | $5.97 |
Pharmaceuticals | $5.01 |
Technology | $4.97 |
Energy | $4.72 |
Services ($4.7 million), industrial ($4.47 million), and research ($3.88 million) are in the sixth, seventh, and eighth positions, respectively. The public sector is one of the least affected, costing $2.07 million.
Source: IBM
17. 61% growth of phishing attacks in 2022
Phishing attacks are also on the rise, hitting 61% in 2022. The most targeted industries are financial, SaaS and webmail, social media, logistics and shipping, payment, and eCommerce.
Source: SlashNext
18. There was a $41+ billion eCommerce fraud loss
The eCommerce industry lost $41.1 million due to online payment fraud in 2022. Although this number is staggering, only 34% invested in fraud prevention.
Moreover, Juniper predicts a 131%+ fraud growth between 2022 and 2027.
Source: Juniper
19. Half of the small businesses have a cybersecurity plan
In a survey, 50% of respondents said they have a cybersecurity plan for their small businesses. Of 50% who said they don’t have a plan, 30% plan on getting one, and 20% have no plans of setting up cybersecurity.
Source: UpCity
20. 60% of small businesses believe they won’t get attacked
As mentioned earlier, many small business owners believe they aren’t a target of cybercriminals. As it turns out, nearly 20% are.
It’s vital for every business owner to know that protecting data is way easier than recovering it after being hacked. (Or maybe even never recovering it.)
Invest in cybersecurity early so you don’t feel sorry later.
Source: BullGuard
Global Hacking Statistics
21. There are around 1.27+ million phishing sites worldwide
Since the beginning of 2020, the number of phishing sites has increased, jumping to 1,270,000+ in the third quarter of 2022.
Surprisingly, that’s a nearly 10x increase since the COVID-19 pandemic (which is likely because more people turned to the internet for online shopping, online banking, online food ordering, etc.).
Year | Number of phishing sites |
2022 | 1,270,000+ |
2021 | 730,000+ |
2020 | 571,000+ |
2019 | 266,000+ |
2018 | 151,000+ |
Source: Statista
22. AI helps 69% of organizations respond to cyberattacks around the world
83% of the organizations in the United States said that they couldn’t respond to cyberattacks without using artificial intelligence. The other four countries that rely heavily on AI are Australia (73%), the United Kingdom (72%), Spain (71%), and France (70%).
But only 54% reported dependency on artificial intelligence in Sweden (because cyberattacks are lower in the country than in others).
Source: Statista
23. The three most common cybercrime complaints are phishing, non-payment and extortion
According to the FBI, the most common crime report is for phishing, vishing, smishing or pharming.
Cybercrime type | Number of victims |
Phishing/vishing/smishing/pharming | 240,000+ |
Non-payment/non-delivery | 108,000+ |
Extortion | 76,000+ |
Personal data breach | 45,000+ |
Identity theft | 43,000+ |
Spoofing | 28,000+ |
Misrepresentation | 24,000+ |
Confidence fraud/romance | 23,000+ |
Harassment/threats of violence | 20,000+ |
BEC/EAC | 19,000+ |
Source: FBI
24. On average, those affected by cybercrime spend seven hours resolving issues
2.7 billion hours were lost resolving issues due to cybercrime, which averages to 6.7 hours per victim.
Indian victims take the longest to sort things out (10.8 hours), followed by Germany (9.1 hours), Italy (8.7 hours), Australia (8.2 hours), the US (6.7 hours), and Japan (5.9 hours).
In addition, the countries that lost the most money due to attacks are India, Australia, the UK, the US, Germany and France. The average across ten countries is 47% of victims who lost money.
Source: Norton
25. 1 in 5 consumers are victims due to scam
Some more common reasons for scams are clicking fraudulent package notification links, purchasing false items, donations, sending money to strangers on dating sites, etc. There were also many scams related to COVID-19 during the pandemic.
Source: Norton
26. Expected $100 billion in losses due to ad fraud
The advertising fraud is spreading like wildfire, going from $35 billion in 2018 to $100 billion in 2023. Just in the United States alone, ad fraud reached approximately $81 billion in 2022.
Although advertising platforms are getting better at detecting scammy advertisers and bots, their platforms aren’t yet sophisticated enough to spot fraud soon enough. (Instead of ads served to potential customers, they are served to bots.)
Source: Statista
Other Terrifying Hacking Stats
27. The human element is the highest reason for attacks
According to the Data Breach Investigations Report, the human element accounts for the most common cause of data breaches, at 82%.
From phishing attacks to stolen credentials, cyber criminals usually go after the human element via emails, using tricky links (which are also getting more popular on social).
Source: Verizon
28. Death of a woman caused by a ransomware attack at a German hospital
A ransomware attack caused IT failure at a Düsseldorf, Germany hospital, causing the death of a 78-year-old woman. This is the first reported death by ransomware.
Source: Fortune
29. A hacker tried to poison a city’s water supply in 2021
In February 2021, a hacker tried to poison the water supply in Oldsmar, Florida, by upping sodium levels to health-threatening levels.
Source: Wired
30. A slight increase in meat prices due to a ransomware attack on JBS
The world’s largest meat processing company got attacked by Russian ransomware in 2021, affecting thousands of workers and causing a tiny spike in the price of meat.
Source: Newsweek
31. Windows gets hit by malware the most of all operating systems
78% of malware codes targeted Windows systems in 2019, which increased to 83% in early 2020. On the other side, the trend of malware attacks on MacOS is declining.
Source: AV-TEST
32. 6 million records are lost or stolen daily
Every second, hackers steal a whopping 75 records (or make them appear “lost”). 1,000s records will be lost when you finish reading these hacking statistics.
Source: Database Trends And Applications
33. Americans fear hackers more than getting mugged
Almost 70% of Americans fear hackers stealing their credit card information. And 62% fear getting their computers and smartphones hacked and data stolen.
That’s a lot more than worrying about being burglarized (45%), which is in third place at the top list of crime fears. And only 18% have a fear of getting murdered.
Source: Statista
Conclusion
Sheesh!
That was a massive portion of the nightmare we all need to pay close attention to to prevent website, social, email or any other attacks as much as possible.
Websites that lack up-to-date software, themes, and plugins, weak passwords, or an SSL certificate are at much greater risk of being hacked.
Usually, these are small businesses and individuals without the necessary experience to implement strong cybersecurity practices.
I’m sure these hacking statistics will shake you (a little bit) to take security seriously.
You’ll thank yourself later.
What cybersecurity strategies work best for you? Let us know in the comments below.
Comments (0)