The number of cyberattacks targeting US organizations has doubled over the past three years, leading to hefty losses, a study released Monday showed.

The study conducted by the Ponemon Institute and sponsored by Hewlett-Packard said most of the attacks involve malicious code, denial of service, stolen or hijacked devices, or "malevolent insiders."

"The occurrence of cyberattacks has more than doubled over a three-year period, while the financial impact has increased by nearly 40 percent," the report said.

The 2012 study showed organizations experiencing an average of 102 successful attacks per week, compared to 72 attacks per week in 2011 and 50 attacks per week in 2010.

Among the organizations surveyed which were hit by successful cyberattacks, the average losses was $8.9 million, up six percent from 2011 and 38 percent increase over 2010.

"Organizations are spending increasing amounts of time, money and energy responding to cyberattacks at levels that will soon become unsustainable," said HP's Michael Callahan.

Information theft accounts for 44 percent of losses, while lost productivity accounted for 30 percent.

The average time to resolve a cyberattack is 24 days, but it can take up to 50 days, according to the new study.