---
title: "Cybercrime Statistics 2026: Rising AI Threats & Global Impact"
date: 2025-06-30
author: "Sofia Ramirez"
featured_image: "https://sqmagazine.co.uk/wp-content/uploads/2025/06/Featured-Cybercrime-Statistics.jpg"
categories:
  - name: "Cybersecurity"
    url: "/cybersecurity.md"
tags:
  - name: "Statistics"
    url: "/tag/statistics.md"
---

# Cybercrime Statistics 2026: Rising AI Threats & Global Impact

In early 2025, a small biotech firm in California found itself locked out of its systems overnight. The attackers demanded a ransom in cryptocurrency, exploiting a vulnerability in a forgotten server. The breach didn’t just compromise proprietary research, it crippled investor confidence and cost millions in lost opportunities. This story isn’t unique anymore. Cybercrime has evolved beyond lone hackers in basements; today, it’s a billion-dollar industry run like any other enterprise, with HR departments, marketing, and service guarantees.

As we step into 2025, understanding the **scale** and **diversity** of cybercrime has never been more critical. This article unpacks the most recent statistics to help you grasp where threats are coming from, what’s driving them, and how different regions and industries are responding.

## Editor’s Choice

- **$13.7 billion** in global ransomware damage is projected for **2025**, reflecting a sharp increase from under $2 billion just five years ago.
- The **FBI’s IC3** (Internet Crime Complaint Center) received **1.25 million**.
- **Phishing attacks** now account for **39%** of all initial intrusion vectors in **2025**, surpassing malware and brute-force entry.
- The global **average cost of a data breach** hit **$4.9 million** in **2025**, a record high driven by cloud-based attack vectors.
- **45%** of all [cyber attacks](https://sqmagazine.co.uk/cybersecurity-attacks-statistics/) in **2025** targeted small to midsize businesses (SMBs), marking them as the most frequent victims by volume.
- **Cryptojacking** incidents rose by **63%** in **2025**, making it the fastest-growing cybercrime tactic.
- **AI-powered threats** like deepfake phishing have increased **by 138%** year-over-year in **2025**, complicating detection and mitigation efforts.

## Rising Global Cost of Cybercrime

- The **global cost of cybercrime** is projected to reach a staggering **$10.29 trillion** in **2025**, underscoring the increasing threat landscape.
- By **2026**, this figure is expected to climb to **$11.36 trillion**, reflecting both the growing number and sophistication of cyberattacks.
- In **2027**, the cost is forecasted to hit **$12.43 trillion**, driven by expanding digital footprints and evolving ransomware tactics.
- By **2028**, the estimated annual damage caused by cybercrime worldwide could soar to **$13.82 trillion**, highlighting the urgent need for stronger cybersecurity measures.

![Rising Global Cost of Cybercrime](https://sqmagazine.co.uk/wp-content/uploads/2025/06/1.-Statista-Rising-Global-Cost-of-Cybercrime.jpg "Rising Global Cost of Cybercrime")*(Reference: Statista)*

## Global Cybercrime Incidence Rates

- The global volume of reported cybercrimes is projected to surpass **7.8 million cases** by the end of **2025**.
- **India**, **Brazil**, and the **United States** remain the top three countries in terms of reported cybercrimes in **2025**, with the US accounting for **31%** of global cases.
- **Financial services**, **healthcare**, and **education** top the list of the most frequently targeted sectors in **2025**.
- **84%** of global organizations experienced at least one cyber attack attempt in the past 12 months, as of Q2 **2025**.
- In **2025**, **IoT-related breaches** saw a **77%** increase from the previous year, mainly through smart home and industrial devices.
- **Cyber extortion** cases, including non-ransom demands, rose to over **220,000 cases globally** in **2025**.
- The average time to detect and contain a breach in **2025** is now **196 days**.

## Most Common Types of Cybercrime

- **Phishing** remains the most prevalent type of cybercrime in **2025**, involved in **39%** of all attacks.
- **Business Email Compromise (BEC)** scams caused **$3.2 billion** in damages in **2025**, targeting primarily C-level executives.
- **Ransomware** accounted for **27%** of global cyber attacks in **2025**, with the majority targeting critical infrastructure.
- **Credential stuffing attacks** rose by **85%** in **2025**, driven by widespread reuse of passwords across platforms.
- **Online scams,** including fake investment opportunities, led to **$2.4 billion** in user losses in the US alone in **2025**.
- **Denial-of-Service (DoS)** attacks reached an all-time high in Q1 **2025**, with over **850,000 incidents** reported globally.
- **Malware attacks** specifically targeting mobile devices increased by **59%** year-over-year in **2025**, as app stores struggled to vet malicious apps.
- **Fake job offer scams** surged by **108%** in **2025**, exploiting economic anxieties and targeting LinkedIn and job board users.
- **Impersonation fraud**, including fake customer service agents and company reps, grew by **92%** globally in **2025**.
- **Child exploitation-related cybercrimes** sadly rose by **27%** in **2025**, highlighting ongoing gaps in global online safety policies.

## Average Cost of a Data Breach by Industry

- The **Healthcare industry** suffers the **highest average cost per data breach** at **$9.77 million**, making it the most targeted and costly sector.
- **Financial Services** ranks second with an average data breach cost of **$6.08 million**, reflecting the sensitivity of financial data.
- In the **Manufacturing sector**, the average breach costs around **$5.56 million**, highlighting increasing risks in industrial systems.
- **Higher Education institutions** face an average breach cost of **$3.65 million**, showing vulnerabilities in academic networks.
- The **Retail industry** sees an average data breach cost of **$3.48 million**, impacted by customer data exposure and transaction system hacks.

![Average Cost of a Data Breach by Industry](https://sqmagazine.co.uk/wp-content/uploads/2025/06/2.-VikingCloud-Average-Cost-of-a-Data-Breach-by-Industry-1024x672.png "Average Cost of a Data Breach by Industry")*(Reference: VikingCloud)*

## Financial Impact of Cyber Attacks

- Global damages from cybercrimes are projected to exceed **$13.8 trillion** in **2025**.
- The **average ransom paid** during ransomware incidents in **2025** has climbed to **$1.9 million**, nearly doubling from two years ago.
- **Financial institutions** have reported losses of over **$2.1 billion** from spear phishing and wire fraud attacks in **2025**.
- **Cyber insurance claims** rose by **48%** in **2025**, with policy premiums increasing by **33%** due to heightened risks.
- **Healthcare sector breaches** alone are expected to cost the industry **$12.4 billion** globally in **2025**, the highest among all sectors.
- **SMBs** collectively lost **$4.3 billion** to cyber incidents in **2025**.
- **Intellectual property theft** and corporate espionage cases have caused an estimated **$760 billion** in global losses in **2025**.
- The **cost of business downtime** due to cyber attacks reached an average of **$560,000 per incident** in **2025**.
- **Cloud infrastructure breaches** resulted in estimated losses of **$2.6 billion** in the first half of **2025**.
- **Crypto scams**, including rug pulls and phishing, caused losses of over **$1.2 billion** globally by mid-**2025**.

## Geographic Distribution of Cybercrime

- The **United States** remains the most targeted country in **2025**, accounting for **31%** of global cybercrime losses.
- **Europe** experienced a **26%** increase in reported cybercrimes in the first half of **2025**, driven largely by ransomware and phishing.
- **Latin America** has seen a **60%** year-over-year increase in cyber attack volume as digital infrastructure expands without matching security.
- **Africa’s** cybercrime reports rose by **82%** in **2025**, with Nigeria and South Africa leading in regional attack volumes.
- **Asia-Pacific** recorded over **1.9 million cyber incidents** in the first half of **2025**, particularly affecting the financial and manufacturing sectors.
- **Middle Eastern nations** faced a **42%** rise in cyber threats in **2025**, much of it driven by geopolitical tension and hacktivist groups.
- **Canada** experienced a **19%** increase in BEC scams, particularly targeting educational institutions and government agencies in **2025**.
- **Russia** and **China** remain focal points for cyber espionage activity in **2025**, according to several intelligence sources.
- In **Scandinavia**, phishing and identity theft are now the most common forms of cybercrime, with Sweden seeing a **31%** jump in digital fraud in **2025**.
- **Australia** saw a **36%** increase in cyber threats, largely through telecom and logistics service providers, in **2025**.

## Devices Most Vulnerable to Cybercrimes

- **Desktops and laptops** are the most at risk, with **70%** vulnerability, making them prime targets for cybercriminals.
- **Smartphones** follow closely behind, with a **61%** vulnerability rate, highlighting the risks of mobile access and apps.
- **Tablets** show a **53%** vulnerability, often overlooked but equally susceptible to threats.
- Both **wireless access points** and **servers/server rooms** have a **50%** vulnerability, signaling critical infrastructure weaknesses.
- **Routers and switches** are also vulnerable, with a **47%** exposure rate, emphasizing the need for secure networking equipment.

![Devices Most Vulnerable to Cybercrimes](https://sqmagazine.co.uk/wp-content/uploads/2025/06/3.-TrueList-Devices-Most-Vulnerable-to-Cybercrimes.jpg "Devices Most Vulnerable to Cybercrimes")*(Reference: TrueList)*

## Cybercrime Trends by Device and Platform

- **Mobile devices** are now the primary entry point for **29%** of cyber attacks in **2025**.
- **Smart TVs and connected home devices** are involved in **11%** of intrusion attempts in **2025**, highlighting risks in [IoT](https://sqmagazine.co.uk/internet-of-things-statistics/) ecosystems.
- **Windows-based systems** remain the most exploited OS, accounting for **58%** of targeted attacks in **2025**.
- **macOS** vulnerabilities are growing, with a **28%** increase in exploits year-over-year in **2025**.
- **Linux servers** are frequently targeted in DDoS attacks, making up **42%** of server-side compromise cases in **2025**.
- **Cloud platforms** like AWS, Azure, and Google Cloud saw **17%** more breaches than the previous year, driven by misconfigurations and identity theft in **2025**.
- **Gaming platforms** experienced a **39%** rise in credential stuffing attacks in **2025**, with players targeted for digital assets and payment data.
- **Wearables**, such as smartwatches and health trackers, faced **12%** more security breaches in **2025**, mostly due to data leakage.
- **VPN services** saw an unusual **14%** increase in user-targeted phishing attacks, exploiting trust in encrypted networks in **2025**.
- **Social media accounts**, especially those on Instagram and TikTok, were victims in **25%** of identity theft cases reported in **2025**.

## Ransomware and Phishing Attacks

- **Ransomware attacks** are expected to impact over **72%** of organizations globally at least once in **2025**.
- [Phishing emails](https://sqmagazine.co.uk/phishing-email-statistics/) remain the top vector for initial compromise, responsible for **39%** of all cyber incidents in **2025**.
- The average downtime from a ransomware attack in **2025** is now **23 days**.
- **Double extortion tactics**, where data is both encrypted and threatened for release, were used in **58%** of ransomware attacks in **2025**.
- **Email-based phishing campaigns** increased by **41%** in **2025**, targeting sectors from logistics to healthcare.
- **QR code phishing** or “quishing” emerged as a significant threat in **2025**, with a **117%** increase in incidents over the previous year.
- **Phishing simulation training** reduced employee click-through rates to **6%** on average in **2025**.
- **Malicious browser extensions** used for phishing grew by **33%** in **2025**, often disguised as productivity tools.
- **Whaling attacks** targeting executives now make up **9%** of phishing campaigns in **2025**, a steady increase.
- **Smishing** (SMS phishing) increased by **48%** in **2025**, especially targeting users in mobile-dominated markets.

## Most Attacked Industries by Cybercriminals

- **Manufacturing** tops the list, accounting for **nearly 25%** of all cyberattacks, making it the **most targeted industry** overall.
- **Finance &amp; Insurance** follows closely, experiencing around **20%** of cyberattacks due to the sensitivity of financial data.
- **Consumer Businesses** are hit with about **15%** of attacks, driven by data-rich environments and e-commerce exposure.
- The **Education sector** sees roughly **10%** of attacks, often due to weaker infrastructure and open-access systems.
- **Healthcare** is targeted in approximately **7%** of cyberattacks, putting critical patient and medical data at risk.

![Most Attacked Industries by Cybercriminals](https://sqmagazine.co.uk/wp-content/uploads/2025/06/4.-Astra-Security-Most-Attacked-Industries-by-Cybercriminals-1024x768.webp "Most Attacked Industries by Cybercriminals")*(Reference: Astra Security)*

## Data Breach Volumes and Records Compromised

- **Over 6.9 billion records** were compromised globally in the first half of **2025.**
- The **largest single breach** of **2025** exposed more than **410 million** user records from a global social media platform.
- **Healthcare data** continues to be the most compromised, with **28%** of breaches affecting this sector in **2025**.
- **Government agencies** globally faced **300+ significant breaches** in the first five months of **2025**.
- The average time to detect a data breach in **2025** is **172 days**, slightly faster than the previous year’s 196 days.
- **Misconfigured cloud databases** accounted for **34%** of data breaches in **2025**.
- **Stolen credentials** were the initial attack vector in **42%** of breaches reported in **2025**.
- **Insider threats**, both malicious and negligent, led to **21%** of reported breaches globally in **2025**.
- [Dark web](https://sqmagazine.co.uk/dark-web-statistics/) **listings** for stolen data rose by **26%** in **2025**, driven by growth in cybercrime marketplaces.
- **Automated attack bots** contributed to **19%** of compromised record incidents in **2025**, often bypassing basic security protocols.

## Rise in Cybercrime-as-a-Service (CaaS)

- **CaaS marketplaces** saw a **37%** rise in vendor listings in **2025**, offering turnkey hacking kits.
- **Ransomware-as-a-Service (RaaS)** accounted for **58%** of ransomware deployments in **2025**, with some “affiliates” earning **six-figure monthly revenues**.
- **Phishing kits** are now available for as little as **$20** on dark web forums as of **2025**.
- **Stolen credentials** are being sold for an average of **$15 per user account** in **2025**, depending on industry sensitivity.
- **DDoS-as-a-Service** packages offering attacks for under **$50/hour** have proliferated in **2025**.
- **Zero-day exploits** are increasingly offered through subscription models, with listings rising **by 44%** in **2025**.
- **Cybercrime groups** now offer “customer support” and SLAs (service-level agreements), a trend noticed in **2025**.
- **AI-generated phishing tools** are becoming a standard feature in kits sold via CaaS channels in **2025**.
- **Remote Access Trojans (RATs)** are the top-selling item among CaaS toolkits in **2025**, accounting for **34%** of sales.
- **Dark web advertisements** for “cybercrime internships” or training bootcamps have surfaced across forums in **2025**.

## Top Cybersecurity Concerns Among Business Owners

- **46%** of business owners are most worried about **GenAI model prompt hacking**, as generative AI becomes more integrated into operations.
- **38%** cite **Large Language Model (LLM) data poisoning** as a major threat, reflecting concerns over compromised AI training data.
- **37%** are alarmed by the rise of **Ransomware as a Service**, which lowers the barrier for cybercriminals to launch attacks.
- **26%** fear **GenAI processing chip attacks**, signaling vulnerabilities in the hardware that powers AI technologies.
- **24%** are concerned about **API breaches**, which can expose sensitive data and disrupt interconnected systems.

![Top Cybersecurity Concerns Among Business Owners](https://sqmagazine.co.uk/wp-content/uploads/2025/06/5.-VikingCloud-Top-Cybersecurity-Concerns-Among-Business-Owners.jpg "Top Cybersecurity Concerns Among Business Owners")*(Reference: VikingCloud)*

## Law Enforcement and Cybercrime Arrest Rates

- **Interpol and Europol** coordinated over **160 international cybercrime arrests** in the first half of **2025**.
- The **FBI cyber division** launched **280+ new investigations** into ransomware groups during the first quarter of **2025**.
- **Conviction rates** for cybercrime in the US improved to **21%** in **2025**.
- **Crypto tracing technologies** assisted in recovering over **$900 million** in ransom payments in **2025**.
- **Global task forces** have led to the dismantling of **seven major CaaS operations** by June **2025**.
- **Cybercrime fugitives** arrested in **2025** included operators from **six different ransomware gangs**, some on international watch lists.
- **Local law enforcement units** in **42 US states** now maintain cyber response teams as of **2025**.
- **Public-private partnerships** between law enforcement and tech companies expanded by **26%** in **2025**.
- **Interpol’s Operation Synergia** seized assets worth over **$76 million** from cybercrime rings in early **2025**.
- **Prosecution challenges** continue due to jurisdictional issues, especially for crimes originating from **non-extradition countries**.

## Cyber Security Spending and Protection Measures

- **Global** [cybersecurity](https://sqmagazine.co.uk/cybersecurity-statistics/) **spending** is projected to reach **$223 billion** in **2025**.
- **Endpoint security investments** make up **18%** of total security budgets in **2025**, driven by mobile and IoT threats.
- **US federal agencies** are expected to spend over **$12.6 billion** on cyber defense initiatives in **2025**.
- **Zero Trust architecture** adoption has reached **60%** of enterprise networks globally by **2025**.
- **AI-powered threat detection** tools are being used by **54%** of organizations in **2025**.
- **Employee cybersecurity training** budgets rose by **29%** in **2025**, with phishing simulation tools being the most funded.
- **Multi-Factor Authentication (MFA)** is now used by **88%** of mid to large enterprises as of **2025**.
- **Supply chain cyber risk audits** are standard practice in **64%** of enterprises in **2025**.
- **Cyber insurance** coverage is now carried by **46%** of companies with over 500 employees in **2025**.
- **Bug bounty programs** distributed more than **$87 million** in rewards globally in **2025**.

## Most Challenging Areas to Defend in Cybersecurity

- **57%** of cybersecurity professionals identify **mobile devices** as the **most difficult to protect**, due to widespread usage and BYOD policies.
- **56%** find **data stored in the public cloud** particularly challenging to secure, given its shared infrastructure and dynamic nature.
- **56%** also struggle with monitoring and managing **user behavior**, which can introduce unpredictable risks and insider threats.

![Most Challenging Areas to Defend in Cybersecurity](https://sqmagazine.co.uk/wp-content/uploads/2025/06/6.-TrueList-Most-Challenging-Areas-to-Defend-in-Cybersecurity.jpg "Most Challenging Areas to Defend in Cybersecurity")*(Reference: TrueList)*

## Recent Developments

- The **first AI-generated ransomware** variant emerged in Q1 **2025**, using machine learning to evade standard detection tools.
- **Google** and **Microsoft** rolled out **AI-driven threat intel platforms** across their cloud offerings in **2025**.
- **Meta** reported disrupting over **4,300 fake accounts** linked to phishing rings in **2025**.
- **Open-source vulnerabilities**, like Log4Shell variants, are still being exploited in **2025**, accounting for **11%** of attacks.
- **US SEC’s 2025 compliance regulations** now mandate near-immediate breach disclosures for public companies.
- **TikTok and Instagram** launched real-time cyber awareness tools in-app as of **2025**.
- **Quantum cryptography pilots** began in the banking and defense sectors in **2025**.
- **WhatsApp phishing filters** improved dramatically with AI enhancements, cutting abuse reports by **46%** in H1 **2025**.
- **AI voice spoofing tech** caused **$70 million** in confirmed fraud cases by mid-**2025**.
- **Cybersecurity talent gap** still exceeds **3.5 million roles globally** as of **2025**, hampering defense capability in critical sectors.

## Conclusion

Cybercrime in **2025** is no longer a niche threat; it’s a systemic global issue touching every aspect of digital life. Whether you’re an individual with a smartphone or a multinational CEO, the statistics tell a clear story: attackers are more aggressive, better funded, and increasingly using AI to scale operations. Staying informed is your first defense. But proactive security investments, education, and international cooperation will ultimately shape how successfully we push back against this digital epidemic.