What are the most common types of cyber attacks in 2021?

Varonis data security and threat detection company has put together statistics on the most common types of cyber attacks to be aware of in 2021.

With cyber attacks on the rise, it’s crucial to have a grasp of the most common types of attacks and where they come from. With the help of Varonis, a pioneer in data security and analytics, here’s what you need to look out for this year.


Malware, the catch-all term for any type of malicious software designed to harm or exploit any programmable device, service or network. Cybercriminals typically use it to extract data that they can leverage over victims for financial gain.

One in 13 web requests lead to malware and  94% of malware is delivered by email. (CSO Online)


Ransomware, the type of malware that employs encryption to hold a victim's information at ransom, often designed to spread across a network and target database and file servers, that can quickly paralyse an entire organisation.

Ransomware detections have been more dominant in countries with higher numbers of internet-connected populations. The US ranks highest with 18.2% of all ransomware attacks. (Symantec)


Phishing, the type of social engineering attack often used to steal user data, including login credentials and credit card numbers. Occurring when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.

After declining in 2019, phishing increased in 2020 to account for one in every 4,200 emails. (Symantec)

Internet of Things (IoT)

The Internet of Things describes the network of physical objects, so known as, "things" that are embedded with sensors, software, and other technologies that is used for the purpose of connecting and exchanging data with other devices and systems over the Internet. 

IoT devices experience an average of 5,200 attacks per month. (Symantec)

Distributed Denial of Service (DDoS)

Distributed denial-of-service, the type of attacks that target websites and online services. The aim is to overwhelm them with more traffic than the server or network can accommodate. The goal is to render the website or service inoperable. The traffic can consist of incoming messages, requests for connections, or fake packets.

By 2023, the total number of DDoS attacks worldwide will be 15.4 million. (Cisco)


Featured Articles

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Nearly 31% of hospitality organisations have reported a data breach in their company’s history, according to a Trustwave cybersecurity report

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security

Supply chain cyberattacks seen as catastrophic for business

Cyber Security