UK Cybercrime Statistics 2024

Updated on 13 November 2024

Cyber Crime in a major problem for UK businesses of every size, whilst most of the major cyber security incidents we hear about are large businesses, this doesn't mean that they are the only businesses to be targeted.

 

In reality, over 560,000 new cyber threats are discovered daily and 81% of all UK Businesses who suffer from a Cyber Security Attack are Small to Medium Sized Businesses (SMBs/SMEs). But, in reality, 97% of businesses who suffer a cyber attack could have been protected if they had a modern and comprehensive cyber security solution in place. 

 

As your local cyber security experts we feel it is our role to help businesses understand the threats that they may be facing (see our news and educational articles), this is why we provide you with the most current and up-to-date data on UK cyber crime statistics 2024. 

 

> Take our Business Cyber Security Health Check <

 

If you would like to speak to us about these statistics, or cyber security solutions for your (or your clients) business, visit the link above, or email info@twenty-four.it.

 

What is the cost of Cyber Crime in the UK?

In 2022 Cyber Crime cost UK Businesses on average £4,200, the total cost of cybercrime to the UK economy is estimated to be £27 billion per year, with businesses accounting for a significant proportion of this cost. Based on recent reports, it is expected that the average cost to remedy an attack is £21,000. Despite this, only 22% of UK businesses have a formal cybersecurity incident management plan in place, and in 2024 only 31% of businesses and 26% of charities undertook a cyber security risk assessment/health check, suggesting that many businesses are not adequately prepared for the threat of cyber crime.

 

One of the most common forms of cybercrime in the UK is fraud, with a total of £1.3 billion lost to fraud in the UK in 2020. In Yorkshire and Humber alone in 2023 there were more than 2,030 reported instances of cyber crime and/or fraud, which totalled more than £19.3 Million in Financial Losses. This included a significant amount lost to online shopping fraud, with victims losing a total of £63.8 million in 2020. In addition to fraud, there were 2.3 million cases of computer misuse reported in the UK, over 1 million incidents of unauthorised access to personal information, and over 400,000 reported cases of fraud and computer misuse.

 

Cyber-attacks are a significant threat to businesses in the UK, with 50% of UK businesses reporting a cyber-attack in 2024. The average cost of a cyber-attack to a medium UK business was £10,830. In 2024 84% businesses who experienced cyber security breaches or attacks faced phishing attempts. Ransomware attacks in the UK increased by 70% in 2020, highlighting the growing threat of these types of attacks.

 

In 2024, the UK Government Cyber Security Breaches Survey revealed that 50% of UK businesses had suffered a cyber-attack or security breach in the previous 12 months. This is an increase from the previous year’s survey (39% in 2022). The UK’s Fraud and Cyber Crime Reporting Centre, Action Fraud, reported that in 2020, victims of online shopping fraud lost a total of £63.8 million ($88.3 million USD). This represents a 37% increase from the previous year, with the average loss per victim being £720 ($995 USD).

 

Here, we provide you with the most current and up-to-date data on cybercrime stats for the year 2024.

 

Our statistics are based on the most recent UK Gov Cyber security breaches survey 2024 and information available as of April 10th 2024. We believe that staying informed about cybercrime is crucial in today’s digital world. Our goal is to provide you with accurate and reliable data that you can use to protect yourself and your organisation.

Cyber Crime Stats UK

7.78M

In 2023 UK Businesses Face approximately 7.78 Million Cyber Attacks

50%

50% of UK businesses reported cyber-attacks or security breaches in the past year.

32%

32% of UK Charities Experienced a cyber-attacks or security breaches in the past year.

70%

70% of Medium Businesses reported cyber-attacks or security breaches in the past year.

74%

74% of Large Businesses reported cyber-attacks or security breaches in the past year.

31%

Only 31% of UK Businesses undertook a Cyber Security Risk Assessment in the last year.

74%

of breaches involve the human element according to the 2024 Verizon Breach Report

>6%

Businesses insured against Cyber Security Risks increased by 6% from 37% to 43% in 2023.

3%

Only 3% of UK Businesses and Charities Adhere to the Cyber Essentials Scheme

43%

43% of UK Businesses rely on an external Cyber Security provider.

1m

Action Fraud received over 1 million reports of fraud and cybercrime in the UK in 2020

£1.9bn

UK businesses lost £1.9 billion ($2.6 billion USD) to cybercrime in 2020.

75%

75% of large organisations and 45% of small businesses in the UK experienced phishing, the most common cybercrime

£479m

In 2020, UK consumers lost £479 million ($662 million USD) to financial fraud, according to UK Finance

£2.93m

A data breach costs UK businesses an average of £2.93 million ($4 million USD)

£4.6bn

Cybercrime costs the UK up to £4.6 billion ($6.3 billion USD) annually.

1,800

The NCSC prevented 1,800 attacks targeting the UK’s COVID-19 response in 2020.

£4,200

In 2022 Cyber Crime cost UK Businesses an average of £4,200

81%

81% of Cyber Attacks and Data Breaches happen to Small to Medium Sized Businesses

14.8/min

Based on the amount of cyber attacks over the past year, there are an estimated 14.8 Cyber Attacks against UK Businesses every Minute.

30%

Cyber Attacks increase by a massive 30% during holiday periods as Cyber Criminals take advantage of closed businesses or low staff levels.

97%

If businesses had Modern Comprehensive Cyber Services in place, approximately 97% of Cyber Attacks and Data Breaches could have been prevented.

What is Cyber Crime?

Cybercrime refers to any criminal activity carried out using computers and the internet. With the rise of technology and the increasing reliance on digital communication, cybercrime has become a significant concern for individuals, businesses, and governments worldwide. Cybercrime can take many forms, including hacking, identity theft, phishing scams, and cyberbullying. Hacking involves gaining unauthorised access to computer systems, networks, or data and can be done for various malicious purposes. Phishing scams are designed to trick individuals into providing personal information through fraudulent emails or websites.

 

To stay protected, individuals and organisations should take preventive measures such as using strong passwords, keeping software up to date, and being cautious of suspicious emails or websites. Cybercrime is a growing threat that requires awareness and proactive action to mitigate its impact.

Global Cyber Crime Statistics

In late February 2020, the NCSC was evaluating a number of new takedown initiatives for the new financial year. The final decision on which initiatives would be implemented was made in March, just as the UK was entering the first lockdown. The NCSC noted the link between commodity cyber crime and subsequent fraud that may follow a breach of credentials or personal information through phishing or similar attacks. To do more to prevent this, they decided to see whether the Takedown service could lower the value proposition for other types of high-volume internet-enabled fraud.

 

Let’s take a look at the targeted attacks by type between March and December 2020.

Attack Type

Number of Attacks

(Urls)

Number of Attack Groups

(Campaigns)

Median Availability

(Hours)

COVID-19 themed cybercrime

33,313

39,959

25

Fake shops

213,147

123,755

354

Fake celebrity endorsement scams

729,868

123,755

354

Remote Access Trojans (RATs)

2,954

1,733

39

Banking trojans

39,255

6,303

31

The term “median availability” typically refers to the amount of time that a particular service or system is available to users over a given period of time. The median availability is the middle value in a range of availability measurements taken over that period.

 From March 2020 to the end of the year, the NCSC dismantled 29,959 COVID-19 themed attack groups, which included 33,313 URLs. These attacks were classified by type and occurred between March and December 2020.

18,547

Advance fee fraud: 18,547 attacks

4,930

Malware attachment mail server: 4,930 attacks

2,220

Advance fee fraud mail server: 2,220 attacks

1,742

Phishing URL mail server: 1,742 attacks

2,943

Fake shop: 2,943 attacks

1,844

Malware infrastructure URL: 1,844 attacks

339

Phishing URL: 339 attacks

350

Malware distribution URL: 350 attacks

133

DKIM signed email domain: 133 attacks

127

Malware command and control centre: 127 attacks

What is a fake shop?

A fake shop is a type of online scam where fraudsters create a fake e-commerce website that appears to sell legitimate products. They often use high-quality images, descriptions, and prices to make the fake shop look real and attract unsuspecting shoppers. However, the products are either non-existent, counterfeit, or vastly different from what is advertised. The goal of the scam is to trick people into paying for products that they will never receive, allowing the scammers to profit from fraudulent transactions.

 

Fake online shop sites typically offer outlandish discounts on popular items to attract victims. They do not map to a real business and if a victim were to try to purchase an item, they would probably be charged for counterfeit goods or receive nothing at all. Between April 2020 and the end of the calendar year, the NCSC identified and took down 139,522 fake shops (222,353 URLs).

UK government-themed phishing

In 2020, the NCSC took down 11,286 UK government phishing campaigns, a total of 59,435 URLs. These attacks were hosted all over the world and the median availability of these attacks was 21 hours, with 52% taken down within 24 hours of discovery.

UK Cyber Crime Statistics

  • Online shopping fraud cost victims £63.8 million.
  • 7.78 million Cyber Attacks on UK Businesses in 2024.
  • Over 1 million unauthorised access incidents to personal information were report
  • More than 560,000 Global Cyber Threats Discovered Daily
  • More than 400,000 cases of fraud and computer misuse were recorded.
  • 50% of UK businesses experienced a cyber-attack.
  • Only 31% of UK Businesses undertook a cyber risk assessment in 2024
  • The average cost of a cyber-attack to a UK business was £3,230.
  • Phishing scams were the most common type of cyber-attack in the UK, experienced in 84% of all incidents.
  • Ransomware attacks in the UK increased by 70%.
  • The UK was the second-most targeted country in the world for cyber-attacks, after the US.
  • Cybercrime cost UK businesses an estimated £21 billion per year.
  • The average cost of a cyber-attack to a UK business was £10,830.
  • UK residents received over 208 million scam emails. Over 69,000 cases of identity theft were reported in the UK.
  • 50% of UK businesses have been a victim of cybercrime.
  • 25% of UK consumers believe they will fall victim to cybercrime in the future.
  • UK cybercrime costs the economy an estimated £27 billion per year.
  • Only 15% of UK businesses have a formal cybersecurity incident management plan.
  • Only 3% of Uk Businesses and Charities adhere to the Cyber Essentials scheme.
  • The COVID-19 pandemic led to a 31% increase in cyber-attacks targeting UK businesses.
  • UK businesses take an average of 38 days to identify a cyber-attack and 43 days to recover fully.

How much does Cyber Crime cost the UK & Economy?

According to a report by the UK government, cybercrime cost the country an estimated £14.8 billion in 2016-2017 alone. This cost includes the direct financial losses suffered by victims, as well as the indirect costs associated with the disruption of business operations, damage to reputation, and the expenses incurred in responding to cyber-attacks.

 

 In addition to the immediate financial costs, cybercrime can also have long-term impacts on the economy, such as reduced investor confidence, decreased competitiveness, and a loss of intellectual property. The costs of cybercrime are not limited to the UK, as it is a global issue that affects businesses and individuals worldwide.

Is Cyber Crime Increasing?

Yes, cybercrime is increasing. The UK’s National Cyber Security Centre (NCSC) reported a record number of cyber incidents in 2020, with almost 700 incidents reported per month on average. According to a UK government report, cybercrime cost the country an estimated £14.8 billion in 2016-2017. This cost includes victims’ direct financial losses as well as the indirect costs associated with business disruption, reputational damage, and expenses incurred in responding to cyber-attacks.

 

In addition to the immediate financial costs, cybercrime can have long-term economic consequences such as decreased investor confidence, decreased competitiveness, and intellectual property loss. Cybercrime is a global issue that affects businesses and individuals worldwide, so its costs are not limited to the United Kingdom.

 

One British business that suffered a significant cyber-attack was British Airways in 2018. The attack resulted in the theft of the personal and financial data of approximately 380,000 customers. The company detected the attack in September 2018, and after an investigation, it was revealed that the attackers gained access to the company’s payment page and inserted a malicious script, which diverted customers to a fraudulent website where their data was harvested.

 

The breach had severe consequences for British Airways, including a fine of £20 million from the UK’s Information Commissioner’s Office (ICO) for failing to protect the personal and financial data of its customers adequately. The fine was the largest ever handed out by the ICO, and it sent a clear message to businesses that the regulator would not tolerate negligence when it comes to cybersecurity.

How do you prevent Cyber Crime?

Preventing cybercrime involves taking proactive measures to protect yourself, your business, and your personal information from cyber threats. Here are some key steps individuals can take to prevent cybercrime:

Keep your software up to date.

Use strong passwords.

Be cautious of suspicious emails or websites.

Use antivirus software.

Practice safe browsing

Educate yourself and your employees.

Backup your data.

If you are a business owner who is concerned about cybersecurity, we offer decades of experience in IT to assist you.

 

Whether you are an individual looking to protect your personal information, or a business owner concerned about the security of your company’s data, our Latest 2023 Cyber Crime Statistics page has something for everyone. Don’t hesitate to reach out to us for guidance and support in protecting your business from cyber threats.

 

We gather the latest cybercrime statistics from various sources including the National Cyber Security Centre (NCSC), The Office of National Statistics (ONS), the FBI’s Internet Crime Complaint Centre (ICCC), Kaspersky and the National Crime Agency (NCA). These organisations provide valuable insights and analysis on the latest cybercrime trends, helping us stay informed and better equipped to protect your business against potential threats.

Claim your FREE cyber business assessment today

    Help Desk