A recent analysis by cybersecurity expert Kiteworks has revealed alarming trends in the cyber threat landscape in the United States. Business Email Compromise (BEC) has been identified as the cyberattack type with the highest financial impact, while non-payment/non-delivery attacks have emerged as the most common threat.
Since 2020, BEC attacks have resulted in staggering losses exceeding $1.7 billion ($1,747,924,931), with an average loss of $88,350 per incident. These attacks typically involve fraudsters impersonating business executives or employees to deceive victims into transferring funds or revealing sensitive information. Credit card and check fraud rank second, causing $516,046,155 in total losses and an average loss of $27,039 per incident. Malware attacks, in third place, have resulted in losses of $237,469,021, with an average loss of $83,235 per incident.
Patrick Spencer, spokesperson at Kiteworks, commented on the findings: “Our study reveals a concerning trend: cyberattacks are on the rise, both in frequency and financial impact. As cyber threats continue to evolve, proactive investment in advanced security technologies and employee training can significantly enhance a company’s resilience against cybercrime, as well as a greater focus on data security. Businesses should adopt a content-defined zero trust approach to secure their sensitive communications. By consolidating email, file sharing, SFTP, managed file transfer, and web forms into a private content network protected by a hardened virtual appliance, organizations can ensure that sensitive content is only accessed by authorized users. This approach provides advanced security, comprehensive governance, and regulatory compliance, ensuring the protection of sensitive content.”
In addition to the high financial impact of BEC attacks, non-payment/non-delivery attacks have been identified as the most common cyber threat in the United States since 2020, with 60,113 reported incidents. These attacks involve fraudsters tricking victims into paying for undelivered goods or services. The second most prevalent type of cyberattack is personal data breaches, with 40,523 reported incidents. These breaches often involve unauthorized access to sensitive information, leading to identity theft and fraud.
The analysis comes amidst alarming projections for global cybercrime costs, which are expected to soar from $9.22 trillion in 2024 to $13.82 trillion by 2028. In the United States alone, these costs are forecasted to exceed $452 billion in 2024. Alarmingly, in 2023, three in four companies in the United States were at risk of a material cyberattack, according to chief information security officers (CISO).
For comprehensive details and expert recommendations, visit Kiteworks.