GITNUXREPORT 2026

Cyber Security Attacks Statistics

Ransomware and phishing attacks surged in 2023, causing costly global breaches and downtime.

Rajesh Patel

Rajesh Patel

Team Lead & Senior Researcher with over 15 years of experience in market research and data analytics.

First published: Feb 13, 2026

Our Commitment to Accuracy

Rigorous fact-checking · Reputable sources · Regular updatesLearn more

Key Statistics

Statistic 1

DDoS attacks worldwide reached 9.5 million in Q1 2023 alone

Statistic 2

Average DDoS attack duration was 10 hours in 2023, peaking at 5 days

Statistic 3

Volumetric DDoS attacks averaged 1.5 Tbps in 2023

Statistic 4

Gaming industry faced 40% of DDoS attacks in 2023

Statistic 5

DDoS attacks up 200% during Russia-Ukraine conflict in 2023

Statistic 6

17.4 million DDoS attacks mitigated by Cloudflare in 2023

Statistic 7

Application layer (L7) DDoS attacks rose 20% in 2023

Statistic 8

Financial services blocked 1 million DDoS attacks in 2023

Statistic 9

IoT botnets powered 70% of DDoS attacks in 2023

Statistic 10

Peak DDoS attack hit 3.8 Tbps against AWS in 2023

Statistic 11

Multi-vector DDoS attacks comprised 60% of incidents in 2023

Statistic 12

Telecom sector endured longest DDoS attacks averaging 30 hours 2023

Statistic 13

5G networks saw 300% DDoS surge in 2023 deployments

Statistic 14

DNS amplification attacks grew 50% to 100 Gbps average 2023

Statistic 15

E-commerce DDoS peaks during Black Friday up 500% in 2023

Statistic 16

Ransomware groups used DDoS as extortion tactic in 25% cases 2023

Statistic 17

Global data breaches exposed 8.36 billion records in 2023

Statistic 18

Average cost of a data breach reached $4.45 million in 2023, up 15% YoY

Statistic 19

83% of breaches involved compromised credentials in 2023 DBIR

Statistic 20

Healthcare data breaches cost $10.93 million average in 2023, highest sector

Statistic 21

MOVEit breach exposed 62 million records in 2023 supply chain attack

Statistic 22

54% of breaches due to stolen credentials in 2023 Verizon report

Statistic 23

Time to identify breach averaged 204 days in 2023

Statistic 24

Financial services breaches cost $5.9 million average in 2023

Statistic 25

23,000 US healthcare breaches reported 2009-2023, peaking in 2023

Statistic 26

MGM Resorts breach in 2023 disrupted operations for 10 days

Statistic 27

3,205 data breaches confirmed in US alone in 2023

Statistic 28

Breach notification time averaged 49 days post-identification 2023

Statistic 29

Retail sector saw 1,800 breaches exposing 100M records in 2023

Statistic 30

Cloud misconfigurations caused 20% of breaches in 2023

Statistic 31

Change Healthcare breach affected 1/3 of Americans in 2023

Statistic 32

Average records per breach hit 25,000 in 2023 US stats

Statistic 33

99% of breaches exploitable for over a year pre-discovery 2023

Statistic 34

Phishing emails delivering ransomware payloads increased 50% in 2023

Statistic 35

36% of data breaches in 2023 involved phishing as initial access vector

Statistic 36

Average phishing success rate stood at 3.2% across simulated campaigns in 2023

Statistic 37

Spear-phishing attacks rose 20% year-over-year, targeting executives in 2023

Statistic 38

90% of successful breaches started with phishing emails in 2023 Verizon DBIR

Statistic 39

Phishing cost organizations $4.91 million on average per incident in 2023

Statistic 40

Mobile phishing (smishing/vishing) incidents up 61% in 2023

Statistic 41

82% of organizations faced phishing attempts weekly in 2023 survey

Statistic 42

Business email compromise (BEC) via phishing stole $2.9 billion in 2023

Statistic 43

Phishing sites mimicking brands increased 58% to 1.2 million in 2023

Statistic 44

74% of phishing emails used COVID-19 lures in early 2023 variants

Statistic 45

Finance sector received 30% of all phishing attacks in 2023

Statistic 46

Click rates on phishing links averaged 11% for untrained users in 2023

Statistic 47

Vishing calls impersonating IT support up 40% in 2023

Statistic 48

65% of breaches involved credential phishing in 2023 Ponemon study

Statistic 49

Phishing training reduced success rates by 70% in trained orgs 2023

Statistic 50

Smishing texts delivering malware rose 300% in 2023

Statistic 51

1.2 billion phishing emails blocked daily by Google in 2023

Statistic 52

BEC phishing losses hit $12.5 billion since 2016, with $2.9B in 2023

Statistic 53

In 2023, ransomware attacks surged by 73% globally compared to 2022, affecting over 2,000 organizations surveyed

Statistic 54

The average ransomware recovery cost reached $1.54 million in 2023, excluding ransom payments, up 10% from the previous year

Statistic 55

59% of ransomware victims paid the ransom in 2023, with payments averaging $1.42 million per incident

Statistic 56

Healthcare sector faced 67% of ransomware attacks in 2023, highest among industries

Statistic 57

LockBit ransomware group claimed responsibility for 25% of all ransomware incidents in 2023

Statistic 58

Average time to detect ransomware dropped to 16 days in 2023 from 24 days in 2022

Statistic 59

75% of organizations hit by ransomware in 2023 experienced downtime exceeding 24 hours

Statistic 60

Ransom demands increased by 20% in 2023, averaging $2.7 million per attack

Statistic 61

Double extortion tactics used in 63% of ransomware attacks in 2023, involving data theft alongside encryption

Statistic 62

US organizations paid $400 million in ransoms in 2023, leading global payments

Statistic 63

41% of ransomware attacks targeted manufacturing sector in 2023

Statistic 64

Recovery without paying ransom succeeded in only 31% of cases in 2023

Statistic 65

Ransomware-as-a-Service (RaaS) kits proliferated, with over 50 active groups in 2023

Statistic 66

Average downtime from ransomware hit 21 days in 2023 for affected firms

Statistic 67

Education sector saw 55% ransomware attack rate in 2023, disrupting classes

Statistic 68

BlackCat/ALPHV ransomware earned $300 million in 2023 before takedown

Statistic 69

80% of ransomware victims in 2023 used backups for recovery, but 23% still paid

Statistic 70

Ransomware incidents reported to FBI rose 20% to 1,200 in 2023

Statistic 71

Conti successors like Akira conducted 15% of attacks post-2022 disbandment

Statistic 72

Global ransomware payments hit $1.1 billion in 2023, per blockchain analysis

Statistic 73

Supply chain attacks like SolarWinds impacted 18,000 orgs in 2020-2023

Statistic 74

45% of breaches involved supply chain compromise in 2023 DBIR

Statistic 75

Log4Shell vulnerability exploited in 20,000 attacks daily peak 2023

Statistic 76

Third-party breaches caused $4.8 million average cost in 2023

Statistic 77

61% orgs hit by vendor breaches unknowingly in 2023 survey

Statistic 78

Kaseya VSA attack 2021 affected 1,500 downstream customers 2023 echoes

Statistic 79

MOVEit Transfer exploited in 600 orgs exposing 60M records 2023

Statistic 80

80% of orgs use 50+ vendors vulnerable to supply chain risks 2023

Statistic 81

APT groups targeted 30 supply chains in 2023 Mandiant report

Statistic 82

Colonial Pipeline supply chain hack caused fuel shortages 2021-2023

Statistic 83

Vendor credential stuffing led to 15% supply chain breaches 2023

Statistic 84

3CX supply chain compromise hit 10,000 orgs in 2023

Statistic 85

Average supply chain attack detection time 277 days in 2023

Statistic 86

25% increase in software supply chain attacks in 2023

Statistic 87

Okta breach via third-party support system 2022 impacted 2023

Statistic 88

Poly Network hack via supply chain stole $600M recovered 2021-2023

Sources
Trusted by 500+ publications
Harvard Business ReviewThe GuardianFortune+497
Imagine your business files suddenly locking up as a digital ransom note flashes on screen—this nightmare scenario became 73% more common last year, as ransomware attacks surged globally and recovery costs soared to an average of $1.54 million per incident.

Key Takeaways

  • In 2023, ransomware attacks surged by 73% globally compared to 2022, affecting over 2,000 organizations surveyed
  • The average ransomware recovery cost reached $1.54 million in 2023, excluding ransom payments, up 10% from the previous year
  • 59% of ransomware victims paid the ransom in 2023, with payments averaging $1.42 million per incident
  • Phishing emails delivering ransomware payloads increased 50% in 2023
  • 36% of data breaches in 2023 involved phishing as initial access vector
  • Average phishing success rate stood at 3.2% across simulated campaigns in 2023
  • Global data breaches exposed 8.36 billion records in 2023
  • Average cost of a data breach reached $4.45 million in 2023, up 15% YoY
  • 83% of breaches involved compromised credentials in 2023 DBIR
  • DDoS attacks worldwide reached 9.5 million in Q1 2023 alone
  • Average DDoS attack duration was 10 hours in 2023, peaking at 5 days
  • Volumetric DDoS attacks averaged 1.5 Tbps in 2023
  • Supply chain attacks like SolarWinds impacted 18,000 orgs in 2020-2023
  • 45% of breaches involved supply chain compromise in 2023 DBIR
  • Log4Shell vulnerability exploited in 20,000 attacks daily peak 2023

Ransomware and phishing attacks surged in 2023, causing costly global breaches and downtime.

DDoS Statistics

  • DDoS attacks worldwide reached 9.5 million in Q1 2023 alone
  • Average DDoS attack duration was 10 hours in 2023, peaking at 5 days
  • Volumetric DDoS attacks averaged 1.5 Tbps in 2023
  • Gaming industry faced 40% of DDoS attacks in 2023
  • DDoS attacks up 200% during Russia-Ukraine conflict in 2023
  • 17.4 million DDoS attacks mitigated by Cloudflare in 2023
  • Application layer (L7) DDoS attacks rose 20% in 2023
  • Financial services blocked 1 million DDoS attacks in 2023
  • IoT botnets powered 70% of DDoS attacks in 2023
  • Peak DDoS attack hit 3.8 Tbps against AWS in 2023
  • Multi-vector DDoS attacks comprised 60% of incidents in 2023
  • Telecom sector endured longest DDoS attacks averaging 30 hours 2023
  • 5G networks saw 300% DDoS surge in 2023 deployments
  • DNS amplification attacks grew 50% to 100 Gbps average 2023
  • E-commerce DDoS peaks during Black Friday up 500% in 2023
  • Ransomware groups used DDoS as extortion tactic in 25% cases 2023

DDoS Statistics Interpretation

In the digital trenches of 2023, the DDoS landscape became a relentless, multi-vector siege, where attacks grew not just in staggering volume and bone-wearying duration but also in cunning, with nearly every critical industry—from gaming to finance to the very backbone of our telecoms—finding itself squarely in the crosshairs of this increasingly weaponized chaos.

Data Breach Statistics

  • Global data breaches exposed 8.36 billion records in 2023
  • Average cost of a data breach reached $4.45 million in 2023, up 15% YoY
  • 83% of breaches involved compromised credentials in 2023 DBIR
  • Healthcare data breaches cost $10.93 million average in 2023, highest sector
  • MOVEit breach exposed 62 million records in 2023 supply chain attack
  • 54% of breaches due to stolen credentials in 2023 Verizon report
  • Time to identify breach averaged 204 days in 2023
  • Financial services breaches cost $5.9 million average in 2023
  • 23,000 US healthcare breaches reported 2009-2023, peaking in 2023
  • MGM Resorts breach in 2023 disrupted operations for 10 days
  • 3,205 data breaches confirmed in US alone in 2023
  • Breach notification time averaged 49 days post-identification 2023
  • Retail sector saw 1,800 breaches exposing 100M records in 2023
  • Cloud misconfigurations caused 20% of breaches in 2023
  • Change Healthcare breach affected 1/3 of Americans in 2023
  • Average records per breach hit 25,000 in 2023 US stats
  • 99% of breaches exploitable for over a year pre-discovery 2023

Data Breach Statistics Interpretation

It seems we’ve collectively decided that passwords are mere suggestions, given that our digital doors are being kicked open at a staggering pace—with billions of records exposed, millions of dollars burned, and the unsettling realization that most hackers simply rang the doorbell and we handed them the keys.

Phishing Statistics

  • Phishing emails delivering ransomware payloads increased 50% in 2023
  • 36% of data breaches in 2023 involved phishing as initial access vector
  • Average phishing success rate stood at 3.2% across simulated campaigns in 2023
  • Spear-phishing attacks rose 20% year-over-year, targeting executives in 2023
  • 90% of successful breaches started with phishing emails in 2023 Verizon DBIR
  • Phishing cost organizations $4.91 million on average per incident in 2023
  • Mobile phishing (smishing/vishing) incidents up 61% in 2023
  • 82% of organizations faced phishing attempts weekly in 2023 survey
  • Business email compromise (BEC) via phishing stole $2.9 billion in 2023
  • Phishing sites mimicking brands increased 58% to 1.2 million in 2023
  • 74% of phishing emails used COVID-19 lures in early 2023 variants
  • Finance sector received 30% of all phishing attacks in 2023
  • Click rates on phishing links averaged 11% for untrained users in 2023
  • Vishing calls impersonating IT support up 40% in 2023
  • 65% of breaches involved credential phishing in 2023 Ponemon study
  • Phishing training reduced success rates by 70% in trained orgs 2023
  • Smishing texts delivering malware rose 300% in 2023
  • 1.2 billion phishing emails blocked daily by Google in 2023
  • BEC phishing losses hit $12.5 billion since 2016, with $2.9B in 2023

Phishing Statistics Interpretation

Despite an ever-expanding digital fortress, the human firewall remains the most frequently compromised gate, as evidenced by phishing's staggering financial toll and relentless evolution, proving that the most sophisticated security stack can still be undone by a single well-crafted click.

Ransomware Statistics

  • In 2023, ransomware attacks surged by 73% globally compared to 2022, affecting over 2,000 organizations surveyed
  • The average ransomware recovery cost reached $1.54 million in 2023, excluding ransom payments, up 10% from the previous year
  • 59% of ransomware victims paid the ransom in 2023, with payments averaging $1.42 million per incident
  • Healthcare sector faced 67% of ransomware attacks in 2023, highest among industries
  • LockBit ransomware group claimed responsibility for 25% of all ransomware incidents in 2023
  • Average time to detect ransomware dropped to 16 days in 2023 from 24 days in 2022
  • 75% of organizations hit by ransomware in 2023 experienced downtime exceeding 24 hours
  • Ransom demands increased by 20% in 2023, averaging $2.7 million per attack
  • Double extortion tactics used in 63% of ransomware attacks in 2023, involving data theft alongside encryption
  • US organizations paid $400 million in ransoms in 2023, leading global payments
  • 41% of ransomware attacks targeted manufacturing sector in 2023
  • Recovery without paying ransom succeeded in only 31% of cases in 2023
  • Ransomware-as-a-Service (RaaS) kits proliferated, with over 50 active groups in 2023
  • Average downtime from ransomware hit 21 days in 2023 for affected firms
  • Education sector saw 55% ransomware attack rate in 2023, disrupting classes
  • BlackCat/ALPHV ransomware earned $300 million in 2023 before takedown
  • 80% of ransomware victims in 2023 used backups for recovery, but 23% still paid
  • Ransomware incidents reported to FBI rose 20% to 1,200 in 2023
  • Conti successors like Akira conducted 15% of attacks post-2022 disbandment
  • Global ransomware payments hit $1.1 billion in 2023, per blockchain analysis

Ransomware Statistics Interpretation

The grim reality of 2023's ransomware epidemic is that while we're getting slightly faster at noticing the digital hostage crisis, the criminals have become ruthlessly efficient at ensuring that paying the million-dollar ransom often feels like the only way out, even for the majority who tried to do the right thing with backups.

Supply Chain Attacks

  • Supply chain attacks like SolarWinds impacted 18,000 orgs in 2020-2023
  • 45% of breaches involved supply chain compromise in 2023 DBIR
  • Log4Shell vulnerability exploited in 20,000 attacks daily peak 2023
  • Third-party breaches caused $4.8 million average cost in 2023
  • 61% orgs hit by vendor breaches unknowingly in 2023 survey
  • Kaseya VSA attack 2021 affected 1,500 downstream customers 2023 echoes
  • MOVEit Transfer exploited in 600 orgs exposing 60M records 2023
  • 80% of orgs use 50+ vendors vulnerable to supply chain risks 2023
  • APT groups targeted 30 supply chains in 2023 Mandiant report
  • Colonial Pipeline supply chain hack caused fuel shortages 2021-2023
  • Vendor credential stuffing led to 15% supply chain breaches 2023
  • 3CX supply chain compromise hit 10,000 orgs in 2023
  • Average supply chain attack detection time 277 days in 2023
  • 25% increase in software supply chain attacks in 2023
  • Okta breach via third-party support system 2022 impacted 2023
  • Poly Network hack via supply chain stole $600M recovered 2021-2023

Supply Chain Attacks Interpretation

The grim reality of modern cybersecurity is that you're only as strong as your weakest link's weakest link, as a deluge of attacks proves we are all downstream from someone else's mistake.