Man using a laptop at a conference. — Image © Tim Sandle
Cyberattacks are commonplace, yet some cost businesses and consumers far more than others. But what are the types of incidences leading to the most expensive cybersecurity breaches?The company Kiteworks has identified the biggest cybersecurity events since 2020.
This assessment reveals:
| Cyberattack Type | Total Losses in the US Since 2020 | Average Losses per Attack Since 2020 |
| BEC | $1,747,924,931 | $88,350 |
| Credit Card/Check Fraud | $516,046,155 | $27,039 |
| Malware | $237,469,021 | $83,235 |
| Personal Data Breach | $217,220,497 | $5,360 |
| Lottery/Sweepstakes | $211,419,044 | $13,869 |
| Real Estate | $180,693,427 | $12,721 |
| Data Breach | $121,162,688 | $12,575 |
| Crimes Against Children | $114,283,292 | $56,688 |
| Investment | $103,069,899 | $6,423 |
| Phishing/Spoofing | $81,561,072 | $2,769 |
Business Email Compromise(BEC) is at the top of the table. This is the cyberattack with the highest financial impact, with losses exceeding $1 billion ($1,747,924,931) since 2020 and an average loss of $88,350 per incident.
BEC attacks involve fraudsters impersonating business executives or employees to deceive victims into transferring funds or revealing sensitive information.
Credit card and check fraudrank second, causing $516,046,155 in total losses and an average loss of $27,039 per incident. This fraud typically involves unauthorized use of payment information.Malware attacks, in third place, have resulted in losses of $237,469,021 with an average loss of $83,235 per incident.
The analysis also extends to the most common cyberattacks, and this translates to:
| Cyberattack Type | Total attacks US Since 2020 |
| Non-payment/Non-Delivery | 60,113 |
| Personal Data Breach | 40,523 |
| Phishing/Spoofing | 29,459 |
| No Lead Value | 25,523 |
| Overpayment | 24,945 |
| Extortion | 20,963 |
| BEC | 19,784 |
| Credit Card/Check Fraud | 19,085 |
| IPR/Copyright and Counterfeit | 18,849 |
| Harassment/Stalking | 18,112 |
At number one are non-payment/non-delivery cyberattacks,with 60,113 incidents, which involves fraudsters tricking victims into paying for undelivered goods or services. The second most prevalent is personal data breaches,with 40,523 incidents, which can involve unauthorized access to sensitive information often leading to identity theft and fraud.
Patrick Spencer, spokesperson at Kiteworks, explains to Digital Journal about the trends: “Our study reveals a concerning trend: cyberattacks are on the rise, both in frequency and financial impact. As cyber threats continue to evolve, proactive investment in advanced security technologies and employee training can significantly enhance a company’s resilience against cybercrime, as well as a greater focus on data security.”
For mitigation measures, Spencer advises: “Businesses should adopt a content-defined zero trust approach to secure their sensitive communications. By consolidating email, file sharing, SFTP, managed file transfer, and web forms into a private content network protected by a hardened virtual appliance, organizations can ensure that sensitive content is only accessed by authorized users. This approach provides advanced security, comprehensive governance, and regulatory compliance, ensuring the protection of sensitive content.”
Dr. Tim Sandle is Digital Journal’s Editor-at-Large for science news.
Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.
