Cyber Crime in 2026: A Data-Driven Look at the Expanding Global Threat

Cyber Crime in 2026: A Data-Driven Look at the Expanding Global Threat

Cyber crime is no longer a secondary risk for governments, companies or individuals. In 2024, the FBI’s Internet Crime Complaint Center received 859,532 complaints and reported more than $16.6 billion in losses, according to the FBI’s 2024 Internet Crime Report. That marked a 33% increase in reported losses from 2023, showing how online fraud, ransomware, data theft and business email compromise continue to scale across borders.

As of 2026, cyber crime is defined broadly by law enforcement and government agencies as illegal activity involving computers, networks, digital accounts or online systems. It includes financially motivated fraud, identity theft, ransomware, phishing, child sexual abuse material, cyberstalking, data breaches and attacks on critical infrastructure. The methods vary, but the core pattern is consistent: attackers exploit digital systems to steal money, information or access.

The impact is measurable. Government agencies in the United States, United Kingdom, European Union and other jurisdictions have continued to report elevated levels of cyber incidents since 2024. Publicly available data shows that cyber crime affects households, small businesses, hospitals, schools, financial institutions and national infrastructure. The scale makes cyber security a public safety, economic and national security issue.

Reported Losses Continue to Rise

The FBI’s 2024 Internet Crime Report remains one of the most detailed public records on cyber-enabled crime. It recorded $16.6 billion in reported losses in 2024, compared with $12.5 billion in 2023. The FBI said investment fraud remained the costliest category, with reported losses of $6.57 billion in 2024. Business email compromise, a crime in which attackers deceive employees into transferring money or sensitive information, caused more than $2.77 billion in reported losses.

The same FBI report said people aged 60 and older filed 147,127 complaints in 2024, with losses exceeding $4.8 billion. These numbers show that older adults remained a heavily affected group, particularly in investment scams, tech support scams and romance fraud. The data is based on complaints voluntarily submitted to the FBI, meaning it reflects reported cases rather than every incident that occurred.

In the United Kingdom, the National Cyber Security Centre, part of GCHQ, said in its Annual Review 2024 that it handled 430 cyber incidents between September 2023 and August 2024. Of those, 89 were nationally significant. The NCSC said ransomware remained one of the most acute cyber threats facing UK organisations, especially public services and essential industries.

These official figures point to a consistent trend: cyber crime is both financially damaging and operationally disruptive. A single attack can freeze business operations, expose customer data, delay hospital services or divert public resources into emergency response.

Ransomware Remains a Major Threat

Ransomware is one of the most visible forms of cyber crime. In a ransomware attack, criminals encrypt or steal data and then demand payment, often in cryptocurrency, in exchange for a decryption key or a promise not to leak information. Law enforcement agencies warn that payment does not guarantee recovery or prevent future extortion.

In February 2024, Reuters reported that law enforcement agencies from the United States, United Kingdom and European partners disrupted LockBit, one of the world’s most active ransomware groups. The operation, known as Operation Cronos, involved the seizure of websites used by the group and the release of decryption keys to victims. The U.S. Department of Justice said LockBit had attacked more than 2,000 victims globally and received more than $120 million in ransom payments before the disruption.

Despite major takedowns, ransomware activity has not disappeared. The U.S. Cybersecurity and Infrastructure Security Agency, the FBI and international partners continued to issue joint advisories in 2024 and 2025 warning organisations about ransomware operators exploiting unpatched systems, weak remote-access controls and stolen credentials.

Ransomware is especially damaging for hospitals, local authorities and education providers because service continuity is critical. In 2024, healthcare organisations in multiple countries reported disruptions linked to cyber incidents. Government cyber agencies have repeatedly advised organisations to maintain offline backups, apply security updates promptly and test incident response plans.

Data Breaches and Identity Theft

Data theft is closely connected to cyber crime because stolen personal information can be used for fraud, extortion and account takeover. Names, addresses, dates of birth, passwords, payment details and identity documents can be sold on criminal forums or used directly by fraudsters.

In 2024, Reuters reported on multiple large cyber incidents involving companies and public services, including attacks that exposed or disrupted access to sensitive information. Data breach notification rules vary by country, but regulators in the United States, United Kingdom and European Union require organisations to report certain incidents involving personal data.

As of 2026, identity theft remains one of the most common consequences of data exposure. The U.S. Federal Trade Commission said it received more than 5.7 million total fraud and identity theft reports in 2023, the most recent full-year figure published before 2025 reporting updates. While not every report involved a cyber intrusion, many identity theft cases rely on digital information, online accounts or electronic payment systems.

Cyber criminals do not always need sophisticated malware to commit identity crime. They often combine leaked data with phishing emails, fake websites and social engineering. For example, an attacker may use a real address, phone number or employer name to make a fraudulent message appear credible.

Common Types of Cyber Crime

Cyber crime covers a wide range of offences. Government agencies and law enforcement bodies commonly identify the following categories:

• Phishing: deceptive emails, texts or websites designed to steal passwords, bank details or personal data.
• Ransomware: malicious software that locks files or systems until a payment is demanded.
• Business email compromise: fraud using spoofed or compromised email accounts to redirect payments.
• Identity theft: misuse of personal information to open accounts, obtain credit or commit fraud.
• Online investment fraud: scams that use fake trading platforms, cryptocurrency schemes or false returns.
• Distributed denial-of-service attacks: attempts to overwhelm websites or networks with traffic.

These categories often overlap. A phishing email may lead to credential theft, which then leads to business email compromise or ransomware. A data breach may lead to identity theft months later. This layered nature makes cyber crime difficult to measure fully and difficult for victims to detect early.

Artificial Intelligence and Cyber Crime

As of 2026, artificial intelligence has become part of the cyber crime discussion because it can be used by both defenders and criminals. Government cyber agencies have warned that generative AI can help attackers produce more convincing phishing messages, automate reconnaissance and create synthetic audio or video for fraud.

The UK National Cyber Security Centre said in a 2024 assessment that AI would almost certainly increase the volume and impact of cyber attacks over the following two years. The agency said the technology lowers the barrier for less-skilled attackers by helping them write more convincing social engineering content and process stolen data more efficiently.

Law enforcement agencies have also reported concerns about deepfake-enabled fraud. In 2024, the Hong Kong police said a finance worker at a multinational company was deceived into transferring about HK$200 million, approximately $25 million, after fraudsters used deepfake video in a fake conference call. The case was widely reported by international media, including Reuters and the BBC, and demonstrated how identity deception can move beyond email into audio and video impersonation.

At the same time, cyber security teams use AI-based tools to detect unusual network traffic, identify malicious files and prioritise alerts. The security outcome depends on implementation, oversight and the quality of data used by these systems.

Critical Infrastructure Is a Priority Target

Cyber attacks on critical infrastructure are a major concern for governments. Critical infrastructure includes energy, water, transport, healthcare, telecommunications, finance and public administration systems. Disruption to these sectors can affect public safety and economic stability.

In 2024, the U.S. Cybersecurity and Infrastructure Security Agency continued to warn operators of critical infrastructure about state-linked and criminal cyber threats. U.S. officials publicly attributed some activity to foreign government-backed groups and separately warned about ransomware gangs targeting hospitals and municipal systems.

The European Union Agency for Cybersecurity, ENISA, has also reported persistent threats to public administration, health, transport and digital infrastructure in its threat landscape reporting. The EU’s NIS2 Directive, which member states were required to transpose into national law by October 2024, expanded cyber security obligations for essential and important entities across Europe.

These regulatory changes reflect a wider shift. Cyber security is increasingly treated as a governance requirement, not only an information technology function. Boards, public agencies and service providers are expected to document risks, report serious incidents and strengthen resilience.

Law Enforcement Response and International Cooperation

Cyber crime frequently crosses national borders. Attackers may operate in one country, use servers in another and target victims elsewhere. This has made international cooperation central to investigations.

In 2024, Reuters reported on several multinational operations targeting cyber crime groups, including ransomware networks and malware infrastructure. The LockBit disruption involved agencies including the FBI, Europol, the UK National Crime Agency and partners in several countries. Europol said such operations are designed not only to seize infrastructure but also to gather intelligence, identify suspects and support victims.

The U.S. Department of Justice has also used indictments, sanctions coordination and cryptocurrency seizures in cyber crime cases. These actions are publicly documented through DOJ releases and court filings. However, arrests can be difficult when suspects are located in jurisdictions that do not extradite them.

Governments have encouraged victims to report incidents because reports help investigators connect cases, identify infrastructure and warn others. Underreporting remains a known problem, especially among small businesses and individuals who may fear reputational damage or believe recovery is unlikely.

Small Businesses and Individuals Face High Exposure

Large organisations often receive public attention after major attacks, but small businesses and individual users are also frequent targets. Small organisations may have fewer security staff, limited backup systems and less capacity to recover from an incident.

The FBI’s 2024 data shows that investment fraud, business email compromise, tech support scams and personal data breaches continued to generate large losses. These crimes can be carried out at scale using stolen email lists, automated messages and fake websites. Criminals may target thousands of people at once, expecting only a small percentage to respond.

Basic security measures remain widely recommended by government agencies. These include using multi-factor authentication, installing software updates, backing up important files, using unique passwords and verifying payment requests through a second communication channel. The UK NCSC and CISA both publish public guidance for households and businesses on these practices.

Cyber Crime Outlook as of 2026

As of 2026, available public data shows that cyber crime remains financially significant, operationally disruptive and internationally organised. The FBI reported $16.6 billion in cyber-enabled crime losses in 2024. The UK NCSC handled 430 incidents in its 2024 reporting year. The U.S. Department of Justice said LockBit had affected more than 2,000 victims globally before its 2024 disruption. The NCSC assessed in 2024 that AI would increase the volume and impact of cyber attacks over the following two years.

These figures do not capture every incident, but they provide a documented picture of the threat. Cyber crime has expanded because more financial activity, identity verification, healthcare, public administration and business communication now depend on connected systems. Criminal groups exploit that dependency for profit.

The strongest public evidence from 2024 to 2026 points to several continuing priorities: reducing ransomware risk, protecting personal data, improving reporting, strengthening critical infrastructure and helping individuals recognise online fraud. Governments and law enforcement agencies continue to publish advisories, pursue criminal networks and update cyber security rules, while victims continue to report substantial losses.

Sources: Reuters, Government releases, publicly available data.