Trace Id is missing
Skip to main content
Microsoft Security

Cyberthreat Minute: The scale and scope of worldwide cybercrime in 60 seconds

Download
Share
Graphic design element with a blue and red circle on a white background

During a cyberattack, every second counts. To illustrate the scale and scope of worldwide cybercrime, we've condensed a year's worth of cybersecurity research into one 60-second window.

In any given 60-second window, the following malicious activity is happening.

  • 34,740 per minute1
  • 1,902 per minute2
  • 19 per minute3
  • 7 per minute4
  • 1 per minute5
  • 1 every 35 minutes6
  • 1 every 44 minutes7
  • 1 every 195 minutes8

The new threat infrastructure detections insight comes from internal RiskIQ data. Microsoft acquired RiskIQ in 2021 to help organizations assess the security of their entire digital enterprise.

Microsoft operates global services at a massive scale, allowing us to see, aggregate, and correlate threat signals across the globe and from a variety of industries. Our diverse spectrum of threat data from endpoints, identities, applications, and the cloud are reasoned over by our security researchers, who help to generate a high-fidelity picture of the current state of the threat landscape.

  • blocked by Microsoft Defender for Endpoint) per minute 48,706 9
  • blocked by Azure Active Directory) per minute10
  • blocked by Microsoft per minute11
  • blocked by Microsoft per minute12
  • blocked by Microsoft per minute13
  • detected by Microsoft per minute14

Cybercrime is a disruptive and economically corrosive force that causes trillions of dollars in damages every year. The cost of cybercrime comes from damage done to data and property, stolen assets—including intellectual property—and the disruption of business systems and productivity.

  • Worldwide economic impact of cybercrime per minute15
  • Global cybersecurity spend per minute16
  • E-commerce payment fraud losses per minute17
  • Global ransomware damages per minute18
  • Amount lost to cryptocurrency scams per minute19
  • Total cost of a business email compromise per minute20
  • Average cost of a breach per minute21
  • Average cost of malware attack per minute22

As the internet continues to expand, opportunities for cybercrime expand too. And the same applies to organizations. The cloud migration, new digital initiatives, and shadow IT increase the size of the attack surface, and at the enterprise level, that can mean a vast estate spanning multiple clouds and massively complex ecosystems. Meanwhile, flourishing cheap infrastructure and flourishing cybercrime economies grow the threat landscape that organizations must track.

  • 79,861 per minute23
  • 7,620 per minute24
  • 150 per minute25
  • 53 per minute26
  • 23 per minute27

The threat landscape is dynamic, and Microsoft has an unparalleled view. We track more than 24 trillion signals every day to develop dynamic, hyper-relevant threat intelligence that evolves with the attack surface and helps us to detect and respond to threats rapidly.

We also offer this intelligence directly to customers, giving them a deep and unique view of the threat landscape, a 360-degree understanding of their exposure to it, and tools to mitigate and respond.

  1. [1]
  2. [2]
  3. [3]
  4. [4]
  5. [5]
  6. [6]

    RiskIQ internal data

  7. [7]
  8. [8]
  9. [9]
  10. [10]
  11. [11]
  12. [12]
  13. [13]
  14. [14]

    RiskIQ internal data

  15. [15]
  16. [16]
  17. [17]
  18. [18]
  19. [19]
  20. [20]
  21. [21]
  22. [22]
  23. [23]

    RiskIQ internal data

  24. [24]
  25. [25]

    RiskIQ internal data

  26. [26]
  27. [27]
Devices and Infrastructure External Attack Surface Vulnerabilities

Related articles

Anatomy of an external attack surface

The cybersecurity world continues to become more complex as organizations move to the cloud and shift to decentralized work. Today, the external attack surface spans multiple clouds, complex digital supply chains, and massive third-party ecosystems.
Learn more

Expert Profile: Steve Ginty

Steve Ginty, director of cyber intelligence at Microsoft, talks about the importance of knowing your external attack surface, provides tips on effective security readiness, and identifies the most important step you can take to protect yourself against threat actors online.
Learn more

Expert Profile: Matt Lundy

Matt Lundy of the Microsoft Digital Crimes Unit (DCU) describes how the experts of the Identity and Platform Enforcement team help keep customers safe from threats like ransomware, business email compromise, and homoglyph domains.
Learn more