Last year saw more than two million major cyberattacks strike businesses across the world.
The latest figures by the Internet Society’s Online Trust Alliance claim that these assaults cost organisations more than $45 billion in losses globally.
As usual, the most popular type of attack was email credential theft, followed by cryptojacking (malware which mines cryptocurrency on the victim machine, without the victim knowing).
The report argues that hackers are getting more sophisticated and harder to counter, but also adds that many attacks could have been prevented with proper cybersecurity solutions set up.
Jeff Wilbur, technical director of the alliance, said the report's estimates are conservative because many attacks are not reported.
"The financial impact of cybercrime is up significantly and cyber criminals are becoming more skilled at profiting from their attacks," Wilbur said.
Ransomware had cost $8 billion, a 60 per cent increase in cost, despite this type of attack dropping 20 per cent in the number of attacks.
Phishing, or business email compromise (BEC) resulted in $1.3 billion in losses.
Wilbur said that in some instances, the attackers are very skilful. However, in the majority, hackers are counting on someone on the receiving end not being careful enough, clicking on a link or downloading a malicious attachment.
"The way they get in continues to be relatively constant," he said.
"You hear about super-sophisticated attacks and for the most part they are not that sophisticated. For the most part they could have been prevented."