Cybercrime Statistics By Market Size, Industry Analysis And Facts (2025)
Updated · Dec 08, 2025
WHAT WE HAVE ON THIS PAGE
Introduction
Cybercrime Statistics: I’d like to ask you one question? Is the digital economy creating more wealth for criminals than for businessmen? How much is the data truly costing the world?
The overall space of global commerce and personal life has changed irreversibly to the internet. However, this vital digital ground is now a highly contested battlefield. Cybercrime has escalated to the single greatest economic threat of the decade. It is evolving faster than organizations can fortify their protection measures.
I’d like to discuss more about cybercrime statistics in this article. These data reveal a global financial drain so immense that it ranks as the third-largest economy in the world. It trails only the US and China.
This is a comprehensive look at the financial, operational, and human costs of modern cybercrime. I break down the most recent statistics for C-level executives and security professionals. This provides a benchmark for understanding the digital risks of 2025 and the forecast for the future. Let’s get started.
Editor’s Choice
- By the end of 2025, global damages from cybercrime are projected to reach US$10.5 trillion annually, representing a growth rate of 15% per year since 2021.
- The United States holds the record for the most expensive data breaches globally, with an average cost surging to an all-time high of US$10.22 million per incident in 2025.
- For the 14th consecutive year, the Healthcare sector is the most financially vulnerable, facing the highest average breach cost of US$7.42 million in 2025.
- Organizations experiencing a high-level security skills shortage incurred an average breach cost of US$5.22 million, which is 43% higher than organizations with a well-staffed security team.
- Nearly half, 49% of human-caused breaches are due to simple errors like Misdelivery, sending sensitive data to the wrong recipient.
- Extensive use of Security AI and automation saved organizations an average of US$1.9 million per data breach.
- The FBI’s latest report for 2024 logged losses exceeding US$16 billion from internet crimes, marking a significant 33% increase in financial losses reported from the previous year.
- An attempt at a cyberattack or security incident occurs against businesses or individuals, on average, every 39 seconds
Global Cost and Economic Transfer
(Source: statista.com)
- The predicted annual cost of cybercrime is set to hit US$10.5 trillion by 2025, a figure five times the US$3 trillion recorded just a decade prior in 2015.
- This US$10.5 trillion annual figure translates to roughly US$26 billion in damages every single day, or an astonishing US$1.08 billion per hour.
- The economic toll breaks down even further to approximately US$302,000 being lost every second due to the aggregate effects of cyberattacks globally.
- In 2024, the FBI’s Internet Crime Complaint Center IC3 recorded over 859,000 complaints of suspected internet crimes, with total financial losses surpassing US$16 billion.
- In the United States alone, consumers lost a collective US$27.2 billion to identity fraud in 2024, which is a significant 19% jump from the previous year’s losses.
- Investment scams saw the largest percentage increase in financial loss, jumping 38% from US$3.31 billion in 2022 to over US$4.57 billion in 2023.
- Cyber insurance premiums are projected to nearly double from the US$14 billion recorded in 2023 to reach US$29 billion by 2027.
- The financial sector saw the average cost of a breach surge to US$6.08 million in 2024, a 22% increase over the global average and second only to healthcare.
- The likelihood that a cybercrime entity is successfully detected and prosecuted in the United States remains incredibly low, estimated at approximately 0.05% by the World Economic Forum.
| Metric | Financial Statistics 2025 Projections |
| Annual Global Damage | $10.5 Trillion |
| Average Global Breach Cost | $4.44 Million |
| Highest Country Breach Cost | $10.22 Million USA |
| FBI Reported Losses 2024 | $16 Billion |
| Ransomware Damages 2031 P. | $265 Billion |
| Cryptocurrency Crime 2025 P. | $30 Billion |
| Average Cost per Record | $160 Customer PII |
| Cost Saving with AI/Automation | $1.9 Million |
Phishing and Social Engineering
(Reference: mdpi.com)
- Phishing/Smishing/Business Email Compromise BEC was the root cause for 19% of all data breaches in 2025.
- Phishing is consistently cited as the single most expensive initial attack vector, costing an average of US$4.91 million per incident in 2025.
- Business Email Compromise BEC attacks resulted in massive losses exceeding US$2.9 billion in 2023 alone, based on over 21,489 complaints reported to the FBI.
- The financial/payment sector was the target of the largest share of phishing attacks, accounting for 30.9% of all attacks recorded in the first quarter of 2025.
- An alarming 88% of healthcare workers admitted to opening phishing emails they received.
- Phishing attacks saw a massive surge of 1,265% in 2023, a significant portion of which is attributed to the rise of generative AI, enabling highly convincing and personalized spear-phishing messages.
- The use of smishing SMS/text message phishing is rapidly increasing, with mobile malware and adware attacks blocked reaching over 5.5 million incidents in a single reporting period.
- A majority, 75%, of all insider-related security incidents involve non-malicious insiders.
- Nearly half 49% of accidental, human-caused breaches resulted from a simple misdelivery, such as emailing sensitive documents to the wrong recipient.
| Metric | Financial Statistics 2023 to 2025 Data |
| Phishing as an Attack Vector | 19% of all breaches |
| Average Phishing Cost | $4.91 Million |
| BEC Annual Losses | $2.9 Billion 2023 |
| Phishing Attack Surge | 1,265% 2023 |
| Financial Sector Phishing Share | 30.9% Q1 2025 |
| Credential Abuse in Breaches | 32% of human-involved breaches |
| Misdelivery Rate | 49% of human errors |
| Non-Malicious Insider Incidents | 75% of insider incidents |
Ransomware and Malware
(Source: statista.com)
- Over the course of 2023, nearly one-third 31% of all organizations globally reported falling victim to a ransomware attack.
- A 236.1 million ransomware attacks were reported globally just in the first six months of 2022, showcasing the immense operational volume of this threat.
- The average total cost of a ransomware attack on a business is reported at US$5.13 million, a 13% increase from the previous year, excluding the ransom payment itself.
- The average ransom payment paid by victims in the fourth quarter of 2023 surged to an alarming US$568,705.
- The ransom payment only accounts for about 32% of the total financial impact of an attack; the remaining 68% comes from downtime, recovery, and reputational damage.
- Small and Medium Businesses SMBs are disproportionately targeted, with 70% of all ransomware attacks aimed at this segment due to their perceived weaker defenses and fewer resources.
- The Healthcare sector accounted for the largest share of ransomware incidents, making up over 74% of all reported attacks against healthcare organizations in a single year.
- Victims who involved law enforcement or third-party negotiators saved an average of US$4.7 million on breach costs compared to those who negotiated or paid alone.
- An overwhelming 94% of all new malware strains are delivered through email, cementing malicious attachments and links as the preferred distribution method for digital threats.
- The largest DeFi hack to date, the Wormhole exploit, resulted in a loss of US$320 million in wrapped ETH.
| Metric | Financial Statistics 2022 to 2024 Data |
| Organizations Hit | 31% of organizations in 2023 |
| Total Attack Volume H1 2022 | 236.1 Million attacks |
| Average Cost Per Attack | $5.13 Million |
| Average Ransom Payment | $568,705 Q4 2023 |
| Ransomware Focus on SMBs | 70% of attacks |
| Healthcare Ransomware Share | 74% of healthcare attacks |
| Malware Delivery | 94% via email |
| Savings by Engaging Law Enforcement | $4.7 Million |
Global Cybersecurity Market – Investment and the Talent Gap
(Source: market.us)
According to Market.us, the threat of cybercrime is mitigated by massive investment in defensive technologies. However, the industry is battling an immense skills gap that limits the effectiveness of this spending.
- The global cybersecurity market is projected to reach US$1.202 trillion by 2034, growing at a CAGR of 15.5% from 2024 to 2033.
- The hardware segment of the security market holds the largest share, capturing more than 58.7% of the global market in 2024 due to the crucial need for securing physical infrastructure.
- The Endpoint Security segment holds a substantial 33.7% of the total market, reflecting the high priority placed on protecting individual devices like laptops and smartphones.
- North America accounts for over 38.0% of the global cybersecurity market share, driven by stringent regulatory frameworks and a concentration of major tech and finance firms.
- The Cyber Threat Intelligence CTI market is expected to skyrocket from US$15.2 billion in 2025 to US$91.1 billion by 2034, showing a CAGR of 22.1% as organizations prioritize proactive threat knowledge.
- There is a critical global shortage of approximately 4 million skilled cybersecurity professionals needed to adequately fill current positions and meet defense demand.
- The number of unfilled cybersecurity jobs is projected to reach 3.4 million by 2024, a major increase from just 1 million a decade ago in 2014.
- Organizations with a severe skills shortage spent 43% more on average to handle a data breach, US$5.22 million, compared to those with sufficient staff, US$3.65 million.
- Approximately 63% of organizations are planning to implement emerging technologies, such as Artificial Intelligence AI.
| Metric | Financial/Workforce Statistic 2024 to 2034 Projections |
| Total Cybersecurity Market 2034 P. | $1.202 Trillion |
| Global Workforce Shortage | 4 million professionals |
| Unfilled Job Total 2024 | 3.4 Million jobs |
| Hardware Market Share | 58.7% |
| CTI Market CAGR | 22.1% 2025-2034 |
| AI Implementation for Staffing | 63% of organizations |
| US Market Value 2024 | $91.93 Billion |
| Mid-to-Senior Level Shortage | 46% of organizations |
Healthcare and Supply Chain
(Source: cybelangel.com)
- Healthcare has consistently held the title for the highest average breach cost for 14 consecutive years, with the average cost reaching an all-time high of US$10.93 million in 2024.
- Breaches in the healthcare sector take the longest to identify and contain, averaging 279 days.
- The Finance and Insurance industry faces the second-highest average breach cost at US$6.08 million per incident in 2024.
- A significant 72% of all data breaches in 2025 involved data stored in the cloud, with breaches spanning multiple cloud environments costing the highest average at US$5.05 million.
- By 2025, an estimated 45% of organizations worldwide will have experienced an attack on their software supply chain, a massive jump in a high-risk vector.
- Compromise of a third-party vendor or supply chain was the second costliest attack vector overall in 2025, averaging US$4.91 million per incident.
- The Manufacturing industry recorded the highest number of cyber incidents in 2023, accounting for 32.43% of the total reported incidents globally.
- Nearly half 43% of Small and Medium Businesses SMBs reported experiencing at least one cyberattack in the last 12 months.
- The average total cost of a cyberattack for SMBs is reported at US$254,445, with high-end recovery costs reaching up to US$3.93 million for investigation and recovery alone.
| Metric | Financial/Sector Statistic 2024 to 2025 Data |
| Healthcare Average Cost 2024 | $10.93 Million |
| Financial Sector Average Cost 2024 | $6.08 Million |
| Third-Party Breach Cost | $4.91 Million |
| Projected Supply Chain Attacks 2025 | 45% of organizations |
| Manufacturing Incident Share | 32.43% 2023 |
| Cloud Involvement in Breaches | 72% of all breaches in 2025 |
| SMB Attack Frequency | 43% in the last 12 months |
| SMB High-End Recovery Cost | $3.93 Million |
The AI and Automation Factor
(Reference: enterpriseappstoday.com)
- In 2025, a significant 1 in 6 data breaches involved the use of AI-driven attacks, the technology’s rapid adoption by malicious actors.
- A concerning 61% of surveyed hackers reported they plan to use Generative AI GenAI capabilities specifically to identify and exploit new vulnerabilities faster.
- Organizations that extensively use security AI and automation identified and contained a data breach 80 days faster than those with no such tools deployed.
- The use of AI and automation in security workflows resulted in an annual average cost savings of US$2.22 million per breach compared to organizations without it.
- Detection and escalation costs, which include forensic and investigative activities, dropped by nearly 10% in 2025.
- Organizations that have implemented a comprehensive Zero Trust security model saw their average breach costs drop by an impressive $1.76 million compared to organizations without the model.
- The Cloud-Based segment now holds a dominant 69% of the Cyber Threat Intelligence CTI market, with security automation being a critical driver for this to external, cloud-based defense services.
- Over 40% of C-level executives plan to leverage AI capabilities to help mitigate the immediate shortage of critical cybersecurity skills within their organizations.
- Projections suggest that by 2028, AI tools will potentially reduce the requirements for certain entry-level cybersecurity roles by up to 50%.
| Metric | Financial/Efficiency Statistic 2024 to 2028 Projections |
| Breaches Involving AI Attack |
1 in 6 2025 |
|
Time Saved by AI/Automation |
80 Days Faster |
| Cost Savings from AI |
$2.22 Million per breach |
|
Zero Trust Cost Reduction |
$1.76 Million less |
| Detection Cost Reduction |
Nearly 10% drop 2025 |
|
Hacker Intent with GenAI |
61% of hackers surveyed |
| Future Entry-Level Reduction |
50% by 2028 |
|
Cloud CTI Market Share |
69% in 2024 |
Conclusion
Overall, the challenge of Cybercrime is financially devastating. We have seen that the annual cost is rising towards $10.5 trillion. This places it on par with the world’s most powerful economies.
The data clearly isolates the critical pressure points: the human element, exploited via phishing; the crippling financial model of ransomware; and the cost burden carried by sectors like Healthcare, which now averages over $10 million per incident.
However, the analysis also provides a blueprint for a path forward. The evidence shows a substantial $2.22 million cost saving when organizations embrace security AI and automation.
It highlights that the most resilient companies are those that prioritize their security teams, reducing breach costs by over 43% compared to those crippled by the 4 million-job skills gap. I hope you like this piece of analysis. Thanks for reading and helping us grow. If you have any questions, kindly let us know. Thanks.
FAQ.
The estimated global cost of cybercrime is in the trillions of US dollars annually and is projected to continue rising significantly. For example, some sources estimated annual damages to reach $8 trillion in 2023 and are projected to hit $10.5 trillion by 2025.
Yes, the volume and sophistication of cyberattacks continue to increase worldwide. Trends show consistent YOY growth in both reported incidents and financial losses.
It’s difficult to give an exact real-time number, but statistics often emphasize the speed and volume. Some reports suggest that on average, a cyberattack occurs approximately every 39 seconds, and new vulnerabilities are discovered constantly.
While all sectors are vulnerable, the Healthcare and Financial Services industries often experience the highest costs per breach due to the value and sensitivity of the data they hold. Other highly targeted sectors include Manufacturing, Public Administration, and Education.
Phishing fraudulent messages designed to steal sensitive information remains the most common threat vector. Reports often indicate that phishing scams are responsible for initiating 80 to 95% of all human-associated breaches.
Data Breaches generally incur the highest overall costs. Within data breaches, attacks involving Ransomware and those stemming from supply chain compromises are among the costliest and most disruptive.
The global average cost of a data breach has consistently been in the range of $4 million to over $4.5 million USD in recent years. This cost is significantly higher in countries like the United States, where it can exceed $10 million on average.
On average, it takes organizations around 277 days, or over nine months, to identify and contain a data breach. Breaches that are identified and contained quickly tend to be significantly less costly.
Both are significantly affected. While businesses bear the massive financial losses related to data recovery, regulatory fines, and reputation damage, millions of individuals are affected annually by identity theft, financial fraud like romance scams or investment fraud, and account breaches.
A high percentage of breaches, often reported as 82% or more, involve a human element, meaning the attack was caused by compromised credentials, human error, or a social engineering attack like phishing.
As businesses migrate to the cloud, it has become a major target. Many recent data breaches have involved data stored in cloud environments, and cloud-related breaches often incur some of the highest average costs.
Yes, definitely. Companies that have a well-tested and comprehensive incident response plan can save millions of dollars compared to those without one, mainly by significantly reducing the time it takes to contain the breach.
Barry is a technology enthusiast with a passion for in-depth research on various technological topics. He meticulously gathers comprehensive statistics and facts to assist users. Barry's primary interest lies in understanding the intricacies of software and creating content that highlights its value. When not evaluating applications or programs, Barry enjoys experimenting with new healthy recipes, practicing yoga, meditating, or taking nature walks with his child.
