The precise forecasts vary by methodology but they all agree that cybercrime is not stabilizing. Instead it\u2019s growing faster than preparedness. It has become a structural economic burden longer rather than just the cost of \u201cbad IT hygiene\u201d. <\/p>\n\n\n\n
For boards, executives and operational leaders, this changes the conversation. The question is no longer whether cybersecurity matters and how much you should spend fighting it. Instead, ask yourself whether your current operating model actually reflects the real risks.<\/p>\n\n\n\n
Fighting that is why we have focused a large portion of our business on services such as\u00a0Managed Detection and Response<\/a>,\u00a0Managed SOC<\/a>, and\u00a0Managed Cyber Incident Response<\/a>.<\/p>\n\n\n\n Ransomware, data theft and extortion attempts have become an industry where participants can buy access from initial access brokers<\/strong>, rent ransomware-as-a-service<\/strong>, automate phishing and credential harvesting, and use double-extortion models that combine data theft with service disruption and blackmail.<\/p>\n\n\n\n Modern cyber defence has to be continuous, monitored, and operationally ready. Anything less struggles to keep pace with a threat environment that is effectively active every minute of every day; as we\u2019ll show, a lot can happen in a minute.<\/p>\n\n\n\n Back in 2012, Intel published an\u00a0infographic<\/a>\u00a0called \u201cWhat Happens in an Internet Minute?\u201d At the time, the numbers felt astonishing: around\u00a0639,800 GB of IP data transferred<\/strong>,\u00a0204 million emails sent<\/strong>,\u00a02 million Google searches<\/strong>, and\u00a030 hours of video uploaded to YouTube<\/strong>\u00a0every minute. Even then, cyber risk was already present in the background, with\u00a0135 botnet infections<\/strong>\u00a0and\u00a020 new identity theft victims<\/strong>\u00a0estimated every 60 seconds.<\/p>\n\n\n\n Thirteen years later, that internet minute is no longer recognizable and has become something much more important than a curiosity. It is now a useful way to understand how digital dependency has grown, and why cybercrime has expanded so aggressively alongside it.<\/p>\n\n\n\n This matters to every organisation, not just large ones. The more business processes, customer journeys, communications, payments, and identities move online, the larger the opportunity for attackers. If 2012 was the era of \u201clook how much happens online\u201d, 2025 and 2026 are the era of \u201clook how much can go wrong online, every single minute\u201d.<\/p>\n\n\n\n The best current benchmark for internet activity is Domo\u2019s annual\u00a0Data Never Sleeps\u00a0research<\/a>. The comparison with 2012 is stark.<\/p>\n\n\n\n In the current internet minute:<\/p>\n\n\n\n Recent aggregated traffic estimates also suggest the world is now consuming\u00a0on the order of 10 petabytes (that\u2019s\u00a010,000,000 gigabytes)\u00a0of data per minute<\/strong>,\u00a0based on modern network and usage analyses<\/a>. That is not a small step up from Intel\u2019s 2012 benchmark of\u00a0639,800 GB<\/strong>. It is a different scale entirely.<\/p>\n\n\n\n In 2012, much of the internet was still relatively straightforward: websites, email, early cloud, and fast-growing social media. Today\u2019s minute is made up of cloud services, APIs, SaaS platforms, mobile apps, AI tools, streaming, payments, identity systems, and supply-chain integrations. A modern business no longer \u201cuses the internet\u201d at the edges. It runs on it and is why cyber risk is accelerating so sharply.<\/p>\n\n\n\n The relationship between internet growth and cybercrime is not accidental. As more value moves online, criminal attention follows it.<\/p>\n\n\n\n One of the clearest modern indicators comes from\u00a0Help Net Security<\/a>, which reported from Domo\u2019s 2024 digital activity analysis that\u00a04,080 records are compromised in data breaches every minute<\/strong>. That works out to around\u00a0244,800 records per hour<\/strong>\u00a0and nearly\u00a05.9 million records per day<\/strong>.<\/p>\n\n\n\n That single figure does a better job than most headlines of explaining the extent of the cybercrime epidemic. These are no longer occasional incidents affecting unlucky victims but a continuous flow of compromised customer data, credentials, financial records, and operational information.<\/p>\n\n\n\n The Identity Theft Resource Center\u2019s latest report\u00a0shows that<\/a>\u00a0publicly reported data compromises in the US reached record levels again in 2025, with around\u00a03,322 incidents<\/strong>. Other 2025 breach round-ups, including coverage of major incidents by cyber and tech commentators, point to a cluster of breaches linked to large technology providers and data aggregators that together exposed\u00a0more than 16 billion records<\/strong><\/a>.<\/p>\n\n\n\n The cost of these failures is rising as well. Data breach statistics and cost-of-breach analyses collated by firms such as\u00a0IBM<\/a> indicate that the\u00a0average cost of a US data breach has reached roughly $10.22 million<\/strong>, with the\u00a0global average around $4.44 million<\/strong>.<\/p>\n\n\n\n It is no longer realistic to think of cybercrime as an edge case, or an IT problem that can\u2019t be handled with a firewall refresh and an annual penetration test.<\/p>\n\n\n\n The 2012 internet minute already included botnets and identity theft. But the mechanics of risk were very different.<\/p>\n\n\n\n Back then, a typical organisation had a smaller digital footprint. There were fewer cloud platforms, SaaS tools, mobile workflows, and internet-facing integrations. Today, businesses are spread across multiple platforms – Microsoft 365, Google Workspace, CRMs, booking systems, finance tools, HR platforms, cloud storage, e-signature platforms, AI copilots, and multiple APIs \u2013 and every one of these create identities, privileges, data flows, and attack paths.<\/p>\n\n\n\n Cybersecurity Ventures\u2019\u00a0long\u2011running estimates<\/a>\u00a0put ransomware at roughly\u00a0one attack every 11 seconds in 2021<\/strong>, and they now project that by\u00a02031 a ransomware attack will strike a business, consumer or device every 2 seconds<\/strong>, with annual damages around\u00a0$265\u2013275 billion<\/strong>.\u00a0\u00a0<\/p>\n\n\n\n No credible analyst has a neat, precise forecast for 2039. Any article that pretends otherwise is guessing. But the currently published data gives enough signal to draw careful, evidence-based scenarios.<\/p>\n\n\n\n If cybercrime cost grows at around 10% annually<\/strong> from a base near $10.5 trillion<\/strong>, as implied by projections from Cybersecurity Ventures and others, simple compounding approximately doubles the total every seven to eight years. On that kind of trajectory, the late 2030s could see annual cybercrime costs well above $20 trillion<\/strong>, even allowing for some slowdown.<\/p>\n\n\n\n A more optimistic path would involve stronger regulation, better identity architecture, tighter cyber-insurance requirements, broader adoption of managed security operations, and more mature board oversight. Even then, cybercrime would almost certainly remain a major and growing cost centre rather than fading into the background.<\/p>\n\n\n\n Meanwhile, internet usage is not standing still. Even if some individual metrics plateau or shift shape, the number of valuable digital interactions per minute will keep rising: more automated decisions, more API calls, more cloud workloads, more connected devices, more data exchanges, and more reliance on external providers.<\/p>\n\n\n\n The important takeaway is not the exact number in 2039. It is the direction of travel. If more value continues to move online, and if businesses continue to rely on layered, interconnected digital systems, the cost of weak cyber resilience will continue to rise.<\/p>\n\n\n\n The right response is not panic. It is operational realism.<\/p>\n\n\n\n Cardonet already advises organisations on these issues through practical services such as\u00a0Managed SIEM<\/a>,\u00a0Managed DNS Security<\/a>, and\u00a024\/7 Network Monitoring<\/a>. Cardonet\u2019s\u00a02023 Cyber Threat Report<\/a>,\u00a0Why cyber security is a product of operational excellence<\/a>, and sector pieces like\u00a0Nursery School Cyber Security<\/a>\u00a0all make the same point: effective cyber defence comes from governance, culture and operating model \u2013 not from a single product or tick\u2011box exercise.<\/p>\n\n\n\n If your business depends on cloud systems, email, online transactions, shared data, suppliers, or remote access (i.e. it\u2019s a normal modern business) your own \u201cinternet minute\u201d already carries material cyber risk.<\/p>\n\n\n\n The sensible next step is not to wait for a breach headline. It is to get a clear view of where your real exposures sit today, which systems create the biggest cascading risk, and how fast your team could detect and contain a serious incident.<\/p>\n\n\n\n 1. Why describe cybercrime as an \u201ceconomy\u201d?<\/strong> 2. How has internet growth actually changed the risk picture since 2012?<\/strong> 3. What does \u201c4,080 records compromised every minute\u201d really mean?<\/strong> 4. Are breaches actually becoming more frequent, or just more visible?<\/strong>The Industrialisation of Cybercrime<\/strong><\/h2>\n\n\n\n
From the 2012 internet minute to today<\/strong><\/h2>\n\n\n\n
\n
![\"\"](\"https:\/\/www.cardonet.com\/news\/wp-content\/uploads\/2026\/05\/internet-growth-supercharged-cyber-crime-cardonet-1024x683.png\")
<\/figure>\n\n\n\nMore traffic, more dependency, more cybercrime<\/strong><\/h2>\n\n\n\n
![\"\"](\"https:\/\/www.cardonet.com\/news\/wp-content\/uploads\/2026\/05\/internet-growth-charged-cyber-crime-cardonet-1024x683.png\")
<\/figure>\n\n\n\nWhy the current threat is structurally worse than 2012<\/strong><\/h2>\n\n\n\n
What the next 13 years could look like<\/strong><\/h2>\n\n\n\n
What you should do now<\/strong><\/h2>\n\n\n\n
\n
FAQs<\/strong><\/h2>\n\n\n\n
Because the projected annual cost of cybercrime now runs into the tens of trillions of dollars, with Aftra and Statista both forecasting around 15\u201316 trillion USD in yearly losses by 2029<\/strong> \u2013 a figure that would make cybercrime the world\u2019s third\u2011largest \u201ceconomy\u201d behind only the United States and China if it were a country.<\/a><\/p>\n\n\n\n
Usage data from Intel\u2019s original Internet Minute<\/em> graphic and Domo\u2019s latest Data Never Sleeps<\/em> report shows that searches, emails, video uploads, social engagement and ecommerce have all grown by multiples since 2012, with global traffic now estimated at roughly 10 petabytes per minute<\/strong>, which massively expands the digital surface attackers can exploit.<\/a><\/p>\n\n\n\n
Domo\u2019s 2024 internet\u2011activity stats, reported by Help Net Security and others, indicate that 4,080 personal records are compromised in data breaches every 60 seconds<\/strong>, which translates into roughly 244,800 records per hour<\/strong> and millions per day \u2013 a continuous background flow of compromised data rather than occasional, isolated incidents.<\/a><\/p>\n\n\n\n
The Identity Theft Resource Center\u2019s 2025 Annual Data Breach Report<\/strong> logged 3,322 publicly reported data compromises in the US in 2025<\/strong>, the highest number on record and a 79% increase over five years, which strongly suggests that both the frequency and the transparency of significant breaches have increased.<\/a><\/p>\n\n\n\n