Global cybercrime is accelerating toward a projected cost of 15.63 trillion dollars by 2029, up from an estimated 10.5 trillion dollars today, as criminals exploit new technologies faster than businesses can defend against them.
Yet 59% of organisations say they suffered at least one successful cyber attack in the past 12 months, and one in five small and medium-sized businesses report having no cybersecurity technology in place at all.
Against this backdrop, fresh data reveals a stark concentration of attacks on the United States and on public institutions worldwide.
Analysis of incidents logged in the Cyber Events Database between 2024 and 2025 shows the US accounts for 44% of all reported cyber attacks, with 646 incidents.
The UK follows with 72 attacks, closely trailed by Russia on 70, Canada on 40, and France on 38.
While countries across Africa, Asia, and Latin America record fewer cases, experts warn this likely reflects underreporting, smaller digital footprints, and limited monitoring rather than an absence of risk.
The motives behind these attacks are increasingly apparent and overwhelmingly financial. Of 1,468 reported incidents over the past year, 1,013 were driven primarily by financial gain, often via phishing, business email compromise and ransomware.
Protest-related attacks accounted for 145 cases, while 111 incidents were linked to political espionage and state-backed intelligence gathering.
US Dominates Cyber Attacks
“If an attacker can profit, they will try to,” said Dominic Taylor, CTO at hosting.com. “Whether it is ransomware, sophisticated phishing or even deepfakes, financial gain drives the majority of cybercrime.”
Public administration has emerged as the single most targeted sector, recording 308 attacks in the last year, ahead of healthcare and social assistance (200 incidents) and finance and insurance (178).
Government agencies, hospitals, and financial institutions hold high-value, sensitive data and deliver essential services, making them prime targets for disruption and extortion.
By contrast, sectors such as construction, manufacturing and wholesale trade report far fewer cases, although supply chain attacks mean even low-tech industries can become collateral damage when their providers are compromised.
The threat is compounded by human and skills gaps. An estimated 95% of data breaches are tied to human error, from falling for phishing emails to misconfiguring cloud services.
At the same time, the world faces a shortage of more than four million cybersecurity professionals, putting pressure on already stretched teams.
The World Economic Forum’s Global Cybersecurity Outlook 2025 reports that 72% of organisations have seen an increase in cyber threats over the past year, with ransomware incidents surging 46%, driven in large part by generative AI tools that make attacks cheaper, faster and more convincing.
The UK illustrates how this global trend is playing out at national level. The National Cyber Security Centre handled 204 nationally significant cyber incidents in the past year, more than double the previous period, and responded to 429 incidents overall.
A government survey found 43% of UK businesses experienced at least one breach or attack in the last 12 months, while research by the Institution of Engineering and Technology suggests one in seven adults fell victim to cybercrime in 2025.
Implications of Cyber Attacks
Despite this, only a quarter of people feel their personal data is secure, and nearly three-quarters believe hackers are becoming more inventive.
In response, organisations are being urged to adopt zero trust security models, strengthen supply chain due diligence, invest in AI-powered threat detection and, critically, prioritise cybersecurity awareness training.
Emerging techniques are reshaping the threat landscape. Deepfake-enabled fraud is now occurring at a pace measured in minutes, as criminals use synthetic audio and video to bypass biometric checks and authorise fraudulent transactions.
Ransomware-as-a-Service platforms allow even low-skilled actors to rent turnkey malware, while “shadow AI” tools adopted by employees without security oversight increase the risk of data leakage.
Attackers are also stepping up supply chain compromises and exploiting weaknesses across cloud, IoT and edge environments.
Experts warn that if cybercrime were a country, by 2026 it would rank as the world’s third-largest economy.
As Taylor notes, AI has “lowered the barrier of entry” for attackers, meaning threats that once took months to develop can now launch in minutes.
In a landscape where the US absorbs nearly half of all recorded attacks and public institutions are favoured targets, resilience will depend as much on human vigilance and governance as on any technology.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.