40 Shocking Cybercrime Facts & Statistics for 2021 H1

Edward G. | June 17, 2021

Cybercrime statistics

About the statistics:

The Atlas VPN research team compiled the most significant 2021 H1 cybercrime statistics to provide a clear view of the current cyber-threat landscape.

Based on the statistics, it is evident that both the volume and the sophistication of attacks grew substantially during the period under review.

The shift to remote work is largely to blame, as it provided a considerably larger attack surface for hackers to exploit. Also, unpatched personal devices, unprotected home networks, and reduced visibility for the in-house security team are some of the leading security issues.


The statistics are based on data from strictly reputable sources, such as the Federal Bureau of Investigation, Federal Trade Commission, Kaspersky, Malwarebytes, and many others. You can click on the source of each statistic to explore the full report that includes extended analysis, references, and additional data. 

Some of the main highlights include:

  • Blockchain hackers netted over $100 million in Q1 2021
  • Ransomware accounted for 81% of all financially driven intrusions in 2020. The average cost of a ransomware breach was $4.44 million.
  • Phishing assaults affected 83%t of UK firms in the last year. 
  • Google discovered a record-high number of phishing websites last year, with over 2.11 million, representing a 25% increase over 2019.
  • Over 5 billion records have already been leaked in 2021.
  • RDP attacks skyrocketed 241% in 2020. In 2019, the number of RDP attacks was 969 million, but in 2020, threat actors carried out an incredible 3.3 billion attacks.
  • macOS malware development surged by over 1,000% in 2020

Table of contents



Covid-19 scams

Identity theft



State-by-state statistics

Cyberattacks on enterprises

Data leaks 

Virtual Private Network 



Ransomware attacks are one of the most common cyber risks that businesses must deal with. Hackers encrypt important files and documents, presenting victims with the choice of paying a ransom or restoring data from backups.

Many enterprises are forced to pay thieves because the cost of disruption and reputational damage outweighs the ransom.

Ransomware accounted for 81% of all financially motivated cyberattacks in 2020 (Source)

Last year, 63% of cyberattacks were motivated by financial gain. Ransomware attacks accounted for 81% email compromise, and cryptocurrency mining make up the remaining 19%.

Since its inception in 1989, ransomware technology has advanced, and the threat level has increased as well. In 2020, ransomware attacks will have caused more financial harm per breach than other malicious attacks on average.

The average cost of a malicious attack on a victim is $4.27 million. Meanwhile, ransomware assaults cost 4% more each breach, or $4.44 million.

India, Austria and US organizations are top targets for ransomware (Source)

Ransomware assaults have been particularly prevalent in India, Austria, and the United States. In comparison, almost 50% of enterprises in the aforementioned countries faced similar attacks in the previous year, compared to 37% globally.

Because of their lower security levels or important data, firms in specific sectors are more vulnerable to hacker assaults. Cybercriminals are not afraid to assault even the most powerful corporations or government agencies. The most attacked sectors are retail, education, business & professional services, and central government & NDPB.

Nearly 50% of organizations hit by ransomware are US-based (Source)

Surprisingly, 151 (45%) of the 337 ransomware victims last year were based in the United States. In a similar vein, ransomware entrapped 39 (12%) of Canadian firms, forcing them to pay a ransom. Germany is third on the list, with 26 (8%) firms experiencing a ransomware assault.

The United Kingdom is fourth, and France is fifth, with 17 (5%) and 16 (5%) enterprises, respectively, having been hit by ransomware.

Government sector most hit by ransomware attacks in 2020, followed by banking (Source)

Last year, government entities were the target of the most ransomware assaults (31,906), while the banking industry was hit by 22,082 attacks.

Manufacturing was another industry that was heavily struck by ransomware last year. It was hit by 17,071 ransomware assaults last year, accounting for 16% of all ransomware threats aimed at major industries.

The healthcare industry is up next. It was the target of 15,701 ransomware attacks in 2020, accounting for roughly 15% of all ransomware attacks affecting organizations in high-risk industries.


Phishing attacks impersonate well-known brands, government branches, or other trustable sources in order to dupe users into entering their usernames and passwords or providing other personal information, like credit card detail.

A record 2 million phishing sites reported in 2020, the highest in a decade (Source)

Google discovered a record-high number of phishing websites last year, with over 2.11 million, representing a 25% increase over 2019.

Millennials and Gen Zers are most likely to fall for phishing emails (Source)

Millennials and Gen Zers in the United States are more prone than their older counterparts to fall for phishing emails. In sum, more than one-fifth (23%) of Generation Z and Millennials had been deceived by phishing emails.

83% of UK businesses face phishing attacks as threat penetration looms (Source)

Phishing assaults have risen dramatically in recent year as more individuals work from home. People are more exposed to getting fraudulent emails or being steered to deceptive websites due to a lack of cybersecurity in the home setting.

Phishing assaults affected 83% of UK firms in the last year. 

Microsoft and Zoom most impersonated brands at 80% in 2020 phishing attempts (Source)

Microsoft and Zoom were the most regularly impersonated firms in phishing attacks in 2020. Last year, 80% of all brand email phishing campaigns resembled Microsoft or Zoom in order to defraud consumers.

Microsoft, a multinational technology business, came out on top of the other brand impersonators. The brand was leveraged in 28,536 different phishing attempts last year, accounting for 70% of all brand phishing attacks.

FBI reports 12x surge in phishing complaints over the past 5 years (Source)

In 2016, the FBI's crime center received 19,465 phishing reports; by 2020, that number had increased by 1140% to 241,342. In 2020, monetary losses connected to phishing totaled $54 million.

According to the Federal Bureau of Investigations, they received a record amount of reports from US residents in 2020, totaling 791,790, up 69% from 2019.

Furthermore, from $3.5 billion in 2019 to $4.2 billion in 2020, losses due to internet crime grew by $700 million.

Covid-19 scams

Shortly after the pandemic started, fraudsters developed various ways to capitalize on people's natural curiosity and desire to learn more about pandemic-related issues. These scams range from phishing emails supposedly providing shocking news about the pandemic or documents and benefits fraud that steals the victims' stimulus check.

More than 16 million Covid-related cyber threats were detected in 2020 (Source)

Malicious spam accounted for approximately 89% of all Covid-19-related cyber threats discovered last year, or roughly 14.5 million attacks. Spam is one of the most simple and accessible cyber-attack strategies, which may explain why it is so popular among hackers.

Common spam email subject lines ranged from very vague, such as  “COVID-19 issue”, “Important message on COVID-19”, to more specific ones, such as “COVID-19/FluA+B Antigen Combo Rapid Test”, which is trying to get readers attention by offering a highly sought after test for Covid-19.

Identity theft

Identity theft and identity fraud refer to all kinds of criminal acts in which someone wrongfully obtains and uses the personal data of other people in a way that involves fraud or deception, usually for financial gain.

Kansas and Rhode Island suffered the most identity thefts in 2020 (Source)

Kansas and Rhode Island had the greatest number of identity thefts in 2020. The majority of the thefts were committed in order to apply for or obtain government assistance, such as stimulus cheques or unemployment compensation.

Kansas was the most targeted state in the US by scammers, with 1,485 identity theft reports per 100,000 people. The failure of the unemployment system, which made it easy for fraudsters to claim benefits instead of jobless individuals, was the main reason for such a high number. The state incurred a $400 million loss as a result of this failure.

Government documents and benefits fraud surged 45 times in 2020 (Source)

Government document or benefits fraud increased 45 times in 2020. Organized crime networks utilizing stolen identities have filed a substantial increase in false unemployment benefits claims in most states.

Kansas was the most targeted state in the US by scammers, with 1,485 identity theft reports per 100,000 people. The failure of the unemployment system, which made it easy for fraudsters to claim benefits instead of jobless individuals, was the main reason for such a high number. The state incurred a $400 million loss as a result of this failure.

55% of Americans more worried about getting hacked than being murdered (Source)

Citizens in the United States are more concerned about being hacked than about being murdered. The concerns appear to be warranted, with government security breaches, huge company data dumps, and other cybersecurity challenges dominating headlines throughout the world.

From September 30th to October 15th, 2020, a telephone poll was conducted to determine whether Americans are concerned about different crime kinds regularly, occasionally, seldom, or never. A total of 1,035 people aged 18 and up from the United States took part in the poll.

Surprisingly, citizens in the United States are most concerned about cybercrime.


Malware is malicious software that is intended to harm or destroy computers and computer systems. The term "malware" is an abbreviation for "malicious software." Viruses, worms, Trojan horses, spyware, adware, and ransomware are all examples of malware.

macOS malware development surged by over 1,000% in 2020 (Source)

macOS malware production increased by 1,092% in 2020. In fact, 674,273 new malware samples were discovered in 2020, compared to 56,556 ones in 2019.

Despite the fact that macOS malware development has reached new highs, hackers continue to target Windows users far more frequently.

In 2020, 91.05 million new Windows malware samples were identified, which is a new high. In other words, fraudsters created 249,452 threats every day on average.

Malware disguised as meeting apps spiked by 1,067% in 12 months (Source)

Cyberthreats disguised as videoconferencing programs increased by 1,067% in a year. The most popular applications used to disguise malware were Zoom, MS Teams, Slack, Webex, HighFive, Lifesize, Join.me, Flock, Gotomeeting.

Threat actors spread these malicious files through phishing emails or websites. Fraudsters create seemingly authentic emails and websites to lure victims into downloading the installer, which comes with a hidden bonus called malware.

IoT malware attacks worldwide surge by 66% to over 50 million in 2020 (Source)

Internet of Things (IoT) devices are slowly taking over our lives in both personal and professional contexts, from wearables and baby monitors to defibrillators and industrial robots. However, cyber dangers associated with these gadgets are also present.

The attacks peaked in October, with 10.8 million cases reported – more than the entire year of 2017. The education industry was the hardest hit of all the industries. Every month, it received an average of 71 IoT malware attempts.

Over 100 million malware infections detected on Windows in 2020 (Source)

In the year 2020, about 111 million malware infections were detected on Windows-based devices.

Last year, 83% of all Windows malware threats, or roughly 92.3 million, were discovered on consumer computers, while 15%, or 16.7 million, were discovered on business systems. The remaining 2% of malware infections remained unidentified.


Cryptocurrencies had a strong start this year, with crypto asset prices, such as Bitcoin (BTC), reaching record-heights. However, that caught the attention of cybercriminals.

Blockchain hackers netted over $100 million in Q1 2021 (Source)

Cybercriminals stole roughly $108.3 million from various blockchain projects in the first quarter of 2021, up 46% from the same period last year. The criminals' preferred targets were Ethereum DApps, blockchain wallets, and cryptocurrency exchanges.

In Q1 of 2021, Ethereum (ETH) DApps, or decentralized applications based on the Ethereum smart contract, were the most popular blockchain targets for hackers. A total of 11 breaches and 5 fraud events harmed them, resulting in roughly $86 million in losses.

Blockchain hackers stole $3.8 billion in 122 attacks throughout 2020 (Source)

In 122 attacks in 2020, the Atlas VPN team discovered that blockchain hackers stole roughly $3.78 billion. Last year alone, blockchain-related assaults accounted for over a third (33%) of all time cyberattacks aimed against blockchain projects.

Monetary losses to cybercrime

The majority of cyberattacks are aimed to provide financial gain for the fraudster in one way or another. Here, we will take a deeper look into how these attacks affected victims and companies in terms of monetary losses.

Americans lost $1.19 billion to imposter scams in 2020 (Source)

Americans lost $1.19 billion to imposter fraud in 2020, up $613.8 million from the previous year and a 106.56% rise.

Last year, Americans reported 498,278 impostor scam complaints, with 22% of those reporting financial losses. The average loss is $850. Phone calls were the most prevalent means of contact for scammers. In 2020, Americans lost an average of $297.45 million per quarter to impostor scams.

An analysis of the top 10 most cybercrime-ridden states (Source)

California, New York, Texas, Florida, Ohio, Illinois, Missouri, Pennsylvania, Virginia, and Colorado are among the top ten US states in terms of cybercrime losses.

Citizens in these states lost $2.39 billion last year as a result of various sorts of internet crime. Losses totaled $327.89 million in the first reporting quarter, 2013. 

Elderly people lost nearly $1 billion to Internet crime in 2020 (Source)

In 2020, Americans over the age of 60 lost $966 million to various forms of internet scams.

Because cybercriminals believe victims above the age of 60 have large financial resources, they target them. Elders also have a poor understanding of basic internet security procedures.

Cybercrime cost the world over $1 trillion in 2020 (Source)

In 2020, cybercrime will have cost the world more than $1 trillion, or around 1% of global GDP. While cyber attacks cost $945 billion, $145 billion was invested in cybersecurity.

Overall, cybersecurity expenses in 2020 are expected to increase by more than half of what they were in 2018 when more than $600 billion was spent to combat cybercrime. Meanwhile, compared to two years ago, when damages were $522.5 billion, losses due to cyber events increased by 81%.

Such losses have more than tripled in seven years, from $300 billion in 2013 to $945 billion in 2020.

Australians lost a record $176 million from 216 thousand scams in 2020 (Source)

In 2020, Australians will have lost approximately $176 million (AUD) to scams. In total, Australians reported almost 216 thousand fraud cases, with financial losses accounting for 10.7% of the total.

In terms of monetary losses and the number of scams in Australia, the year 2020 set a new high. In 2020, Australians lost $97.08 million more than they did in 2019, a 123% rise.

Cyberattacks on enterprises

85% of cyberattacks in the US originate internally (Source)

Internal attacks account for 85% of all cyberattacks in the United States. On May 9th, a total of 204,410,383 attacks were recorded in a single day. 174,528,081 of them came from inside the country.

Russia had the second-highest number of cyberattacks, with 10,579,930 threats. The third-place goes to the United Kingdom, which received 3,677,361 cyberattacks. With a total of 2,561,688 cyberattacks on the United States, Germany is ranked fourth. South Korea is in fifth place, with 2,532,161 cyberattacks.

Nearly one-fifth of CEOs see cybersecurity as the biggest threat to organizations' growth (Source)

Over the next three years, nearly one-fifth (18%) of CEOs regard cybersecurity threats as the most serious threat to their companies' growth.

Concern over cybersecurity threats has risen dramatically among CEOs since last year, when it was ranked sixth on the list, with 10% of CEOs saying it posed a threat to their companies' growth.

Virtual Private Network

59% of Canadian organizations deployed VPNs to combat cyberattacks in 2020 (Source)

Virtual Private Network (VPN) was the most preferred cybersecurity tool among Canadian enterprises in 2020 to resist rising cyber threats. Last year, 59% of Canadian businesses used virtual private networks (VPNs).

The majority of Canadian businesses were hit by hackers last year. In 2020, 80% of businesses will have dealt with at least one internet attack. In comparison, in 2019, 71% of Canadian businesses suffered at least one cyberattack.

Global VPN downloads surge to 277 million in 2020, Arab countries lead (Source)

According to data based on Atlas VPN's VPN Adoption Index, Virtual Private Network (VPN) reached 277 million downloads in 2020, from 85 selected countries.

A Virtual Private Network hides the user's real IP address and encrypts their browsing traffic. This in turn prevents nosy 3rd parties like hackers, ISP (Internet Service Provider), or even the government from tracking the user's online activities.

Also, individuals can change their IP address to access various streaming services that apply geographical restrictions.

Finally, people turn to VPNs when their country's government blocks useful applications. One of the most common examples is VoIP services - short for Voice over Internet Protocol, or simply put, phone services over the Internet, such as WhatsApp, Telegram, Skype, etc.

Data leaks 

Over 5 billion personal records were leaked in Q1 of 2021 (Source)

In this age of technology, everyone who uses the Internet has a lot of personal information online. However, malicious cybercriminals find vulnerabilities in large companies that store sensitive data about you, and in the blink of an eye, it could all be stolen.

Over 5 billion records have already been leaked in 2021. One of the reasons for such a high number is the compilation of many data breaches (COMB), where about 3.27 billion records alone were compromised.

37 billion data records leaked in 2020, a growth of 140% YOY (Source)

The number of leaked records worldwide reached a whopping 37 billion in 2020. That's a 140% increase from 15 billion records in 2019.

The majority - 82% or more than 30 billion records - were compromised in just five major security breaches. All of these were the result of misconfigured databases or services.

The most commonly exposed type of data was names, which were leaked in 46% of data breaches last year. Names were followed by email addresses, which were compromised in 32% of incidents.

Over 300 million individuals affected by the US data leaks in 2020 (Source)

Over 300 million individuals were affected in 1,108 US data breach and exposure incidents in 2020.

While the numbers for data breaches and disclosures last year are impressive, the number of such events actually dropped by nearly a fifth (19%) from 1,362 in 2019 to 1,108 in 2020.

The number of people affected also fell by 66%, from more than 887 million in 2019 to more than 300 million in 2020. In fact, the number last year was at its lowest level since 2015, when Data Identity Theft Resource Center first began tracking data breach and security risk statistics in the US.

Other significant cybercrime statistics 

Remote Desktop Protocol attacks surged by 241% in 2020 (Source)

Because of the remote work, employees began using client software from Microsoft called Remote Desktop Protocol (RDP), which is used to remotely access corporate resources. 

Cybercriminals immediately saw this as an opportunity to hack into the company's systems. As the shift away from home happened almost overnight, many improperly configured and thus insecure RDP servers were exposed.

RDP attacks skyrocketed 241% in 2020. In 2019, the number of RDP attacks was 969 million, but in 2020, threat actors carried out an incredible 3.3 billion attacks.

US and Russia account for 54% of global spam volume within the last 180 days (Source)

Anyone with a digital inbox has encountered annoying spam emails that pop up unsolicited. But have you ever wondered where they come from?

54% of spam emails in the last six months came from two global superpowers - the United States and Russia. 

While spammers in the US were responsible for a whopping 44% of the world's spam, Russia followed in second place with nearly 10%.

UK's cybersecurity firms hit over $12 billion in 2020 revenue (Source)

Cybersecurity has never been more important as the pandemic has forced many people to switch to remote work. Also, most entertainment options are closed, so people are using the internet to fill their free time. This situation is a great opportunity, and cybersecurity companies have not missed the chance to capitalize on it.

Online security companies in the UK took in nearly £8.88 billion (the equivalent of $ 12.51 billion) in fiscal 2020, a 7% increase from last year's £8.3 billion ($11.69 billion). 

The data shows that nearly three-quarters (74%) of online security revenue will go to large companies, accounting for nearly GBP6.6 billion or USD9.3 billion in 2020. Large companies are those with 250 or more employees.

Google reports a record number of requests to disclose user information in 2020 H1 (Source)

For civil, administrative, criminal, and national security purposes, a number of laws allow government agencies around the world to request user information from Google.

These requests have been steadily increasing over the past five years. In the first half of 2020, Google reported a record number of requests for disclosure of user information.

The number of requests increased by 17,847 when comparing the first half of 2020 to the second half of 2019, a 21% increase. In addition, the number of internet users affected by these requests increased from 175,712 in the second half of 2019 to 235,449 in the first half of 2020, a 34% increase.

ATM hacks surged 269% in Europe in 2020 H1, recent findings reveal (Source)

Criminals have been targeting automated teller machines (ATMs) since they became available to the public. Many are already aware of scams where fraudsters plug a small device into the ATM to steal credit card information, commonly referred to as card skimming.

However, recent findings show that cybercriminals have begun hacking into ATMs with malware and logical attacks. A logical or malware attack is a type of cyber attack where threat actors modify the ATM software to access the ATM.

If the hackers gain access to the ATM, they can collect the credit card details of ATM users to create fake credit and debit cards. In addition, the hackers can collect the cash available on ATM, depending on which part of the software the criminals were able to access.

The number of malware and logical attacks on ATMs increased from 35 to 129 in the first half of 2020, a 269% increase year-over-year.

Generation Z is one of the most concerned about sharing their location data with the government (Source)

It's no secret that tech companies have shared their user data with governments in the past. This makes many Americans uncomfortable with how their data is being handled.

50% of adults born in Generation Z are very uncomfortable sharing their location data, including where they have traveled, with the government. Along with Generation Baby Boomer, they are most concerned about protecting their personal data.

Over 150 US election-related mobile apps found to be dangerous or malicious (Source)

The COVID-19 pandemic has forced many people to use the Internet to learn about the election. In addition, a large portion of the population voted digitally. This shift created countless new attack vectors for cybercriminals.

Over 152 US election apps have vulnerability issues, and 16 mobile apps have malicious code in them.

In total, the research found 186 US election apps, 152 of which were deemed fraudulent or malicious. That means these apps claim to be authorized by the government or state, but really aren't.

What's more, 16 apps even have malicious code in them, making them a powerful tool for hackers.

App Development Security is the most wanted cybersecurity skill in 2021 (Source)

The year 2020 has shown that companies are still struggling when it comes to cybersecurity. Not only are companies struggling with a cybersecurity workforce shortage estimated at 3.12 million, but existing security professionals must constantly reinvent their skills to keep up with the ever-evolving cyber threat landscape.

The fastest-growing cybersecurity skill in 2021 is Application Development Security. Demand for this skill is expected to grow by164% in five years.

Last year, 29,635 job openings required knowledge of Application Development Security, which means we can expect 48,601 new jobs for specialists with this skill over the next five years. As the world becomes more mobile, the need for Application Development Security expertise also increases.

Over 60% of fraudsters request gift cards in business emails scams; eBay, Google Play cards most popular (Source)

Gift cards were the preferred payment method for 64% of fraudsters who used attacks to compromise business emails in the second half of 2020.

eBay gift cards were the most popular, with nearly a quarter (24%) of cybercriminals requesting eBay gift vouchers as a form of payment.

Business email compromise, or BEC, is a type of cybercrime where hackers attack businesses and organizations in order to defraud the company. As the name suggests, such attacks are carried out via email.

Edward G.

Edward G.

Cybersecurity Researcher and Publisher at Atlas VPN. My mission is to scan the ever-evolving cybercrime landscape to inform the public about the latest threats.



© 2021 Atlas VPN. All rights reserved.