Case Studies

145 billion dollars were spent on cybersecurity in 2020

October 1, 2021

Since the outbreak of the pandemic, our lives have moved mostly online, while the usage of video-calling apps in order to hold business or personal meetings skyrocketed. In this context, cybercrime also recorded a huge increase, and is now more profitable than ever. In 2020, global losses from cybercrime reached record-highs, costing the world almost $1 trillion.

On October 5-6, Modex will take part at UiPath’s Forward IV event in Las Vegas. We are looking forward to meeting you at our stand, where we’ll also host a roundtable titled “Audit and Compliance Solution Designed for Automation Projects”. More details about this roundtable can be found here.

From the government sector to the healthcare industry and the financial sector, cybercrime cost the world almost $1 trillion in 2020 (around 1% of global GDP), according to McAfee’s “Hidden Cost of Cybercrime” report. The report compiled data from publicly available sources on national losses and interviews with cybersecurity professionals from 1,500 companies in Japan, Australia, Germany, France, the United Kingdom, Canada, and the United States.

While $945 billion were lost due to cyber incidents last year, $145 billion were spent on cybersecurity. Losses due to cyber incidents surged by 81% compared to two years ago when damages were $522.5 billion. In the past seven years, losses increased from $300 billion in 2013 to $945 billion in 2020.

Malware, spyware and data breaches

The damage from malware and spyware represented the highest cost to organizations, closely followed by data breaches. The government sector suffered the most from insider threats, while the healthcare industry from ransomware attacks. The most expensive cybercrime types were intellectual property theft and financial crime, which make up two-thirds of all monetary losses. 92% of respondents also said they incurred other non-monetary damages, such as loss in productivity and wasted work hours. The longest average interruption to operations was 18 hours, averaging more than half a million dollars.

One in five organizations doesn’t have a cyber attack prevention plan

Although cyberscurity attacks are rising every year, many organizations still fail to recognize them. One-fifth (20%) of organizations worldwide have no plans on how to protect against cybercrime events. Overall, 19% of organizations have arranged cybersecurity incident response program, but don’t have a prevention plan. The same report states that 1% of companies do not have any cyber incident strategies whatsoever. Japan has the biggest share of organizations that are not ready to handle cyberattacks — 4% of businesses in Japan have no plans on how to prevent or respond to cybersecurity incidents. Meanwhile, in the United States, all organizations have at least one of the security plans in place.

Organizations in Canada are the leaders when it comes to cybersecurity practices. More than half (55%) of the surveyed organizations there have planned out how to protect against cybersecurity incidents and how to manage them if they happen. While 44% of organizations worldwide are well-prepared to prevent and react to cyber incidents, 33% of businesses globally – although they have created prevention strategies – they haven’t thought out how to respond to cybercrime events.

Which were the most costly types of cybercrime?

Malware and spyware

Based on survey data, spyware and malware (including viruses, worms, spyware, keyloggers, and Trojan horses) cost organizations the most last year. Malware facilitates a range of criminal activities, from ransomware and data exfiltration to the active disruption of networks. Illicit Cybercrime-as-a-Service dealings have allowed malware to simultaneously become more advanced and also more accessible to those without deep technical expertise. As cybercrime markets have become more and more sophisticated, they have seen the emergence of specialized vendors who are experts at designing malware and setting up the necessary infrastructure for an attack. They offer to lease malware to cybercriminals for a fee, creating an environment where a small group of technically minded criminals can focus their full attention on the development of new attack capabilities, and where a large group of less sophisticated actors can easily take advantage of them.

Data breaches

One particularly concerning subset of data breaches are those affecting personal health data. This data can often be one of the most valuable forms of data for criminals because of the way it allows for the precise targeting of fraudulent schemes to vulnerable individuals based on their medical histories. Data breaches are mostly the result of external actors, but there’s an increasing number of instances where they come from insider attacks.


According to the Anti-Phishing Working Group, in the first quarter of 2020 more than 165,000 unique phishing sites were recorded. Phishing has become easier in recent years, as Phishing-as-a-Service offerings have emerged on cybercrime markets. Thanks to these offerings, cybercriminals no longer need to have expertise in designing a phishing infrastructure before sending out their campaigns. Instead, criminals can simply buy from vendors who offer their own kits and hosting, and focus on victims (whose contact details are also easily available from the same markets).


Ransomware remains the fastest growing part of cybercrime. During the COVID-19 pandemic, ransomware attacks in general have increased 148% from the baseline levels reported in February 2020. One of the most concerning trends in ransomware is the shift towards targets in the manufacturing industry. Security researchers are beginning to see the emergence of ransomware strains targeting industrial control systems, and millions in ransom has already been paid by industry victims.

Financial cybercrime

Today, there are five billion unique user credentials – such as username and password combinations – available on the darknet to cybercriminals. These credentials can grant access to corporate networks or bank accounts and, if used by the wrong people, can cause significant financial damage to individuals and companies. Currently, there are more than 15 billion pilfered credentials for sale on the darknet, five billion of which are unique first-time identifiers.

Business email compromise

Although banks continue to remain a favorite target of cybercriminals, there has also been an increase in the use of business email compromise (BEC), a special category of identity theft. Typically, these schemes target a company’s human resources department or payroll department by posing as an employee asking to change their direct deposit information. Next, the employee’s pay check is wired to a fraudulent prepaid card account. Other forms of BEC scams include spoofed vendor and lawyer email accounts, W-2 form requests, and fraudulent requests for gift cards. This allows for cybercriminals to send emails impersonating any employee, from new hires to the CEO and Executive Board.

Cryptocurrency theft

The theft of cryptocurrencies continues to be a major trend in cybercrime, with over $4 billion in cryptocurrency stolen over the course of 2019 and almost $1.4 billion stolen in the first five months of 2020. These thefts often occur from exchanges and wallets where users keep their coins, using a combination of tactics including phishing, malware, and insider theft. Another emerging trend is crypto-jacking, where malware is installed on victims’ computers to remotely mine for cryptocurrencies. Users may not notice when crypto-jacking is taking place, but it can slow affected devices and draw electricity costs while the mining takes place.

Using technical and synthetic media for cybercrime

AI-enabled cybercrime schemes using synthetically generated media are becoming more prevalent. Synthetic media encompasses not only “deep fake” photo and video content, but also false voice and written media. While AI is also being developed as a defensive tool for cybercrime, like automating threat intelligence using machine learning, industry experts are still worried about the offensive uses of AI in cybercrime.

Some experts postulate that deepfakes could become a malicious source for exploitation, disinformation and non-consensual pornography. As facial swapping technology gains more mainstream popularity, some experts are raising concerns that this technology could also potentially be used by criminals for malicious purposes like extortion, blackmail, romance fraud, and others. You can read more here about the use of blockchain technology to combat deepfake videos.

Modex, fully committed to data protection and security

Existing cyber security measures seem to act as band-aid solutions that only alleviate or partially prevent an attack from taking place. Maybe instead of focusing on repairing existing security loopholes in current systems, we should consider migrating to a new type of infrastructure that so far has proven to be resilient against cyber security pressures: blockchain.

To circumvent some of the challenges associated with implementing blockchain and to make the benefits of this technology accessible to SMEs and governmental institutions, Modex has created its trademark Blockchain Database (BCDB) solution, a technological layer that fuses the advantages of blockchain with a database system, a technology that is already deeply ingrained in every business and industry sector, to create a hybrid software product that makes blockchain easy to use in existing systems, to streamline operations and data security, or to build an entirely new infrastructure from the ground up that has a blockchain engine running in the background.

Get in touch to discover
what we can do for you

Modex aims at changing the way Web3 can benefit existing businesses. Reach out to us if you would like to understand how it can be done.
Get in touch
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.