Have you ever had a virus on your computer?
There are lots of different types of viruses you can get but ransomware is one of the worst types.
Ransomware is malicious software that gains access to your computer or network and blocks your ability to open specific files or systems.
The ransomware hacker then restricts these files and systems until you pay a ransom to have them unblocked.
But the truth is that ransomware attacks are at an all-time high – up over 148% since the beginning of 2021 alone!
And it doesn’t look like it will slow down anytime soon.
These latest ransomware statistics show how much damage is caused by attacks and the emerging trends you need to be aware of.
What Will I Learn?
There is no doubt that ransomware has become an enormous problem.
Here are the most important ransomware statistics you need to know about the attacks, demands, payments and consequences that can occur.
Ransomware is the most prominent malware threat online today.
How does it work?
The most common tactics used by ransomware hackers are:
Email phishing has been a common tactic used by hackers because it’s scalable. About 1 in every 6,000 emails contains suspicious URLs that can include ransomware.
There were 304 million reported ransomware attacks globally in 2020. That works out to be over 37,700 ransomware attacks every hour – about 578 every single minute.7
The United States is one of the biggest targets for ransomware attacks.
Over 4,000 ransomware attacks have happened daily in the US since 2016.
Why do hackers perform ransomware attacks?
It’s simple – to get money.
Their goal is to hold you to ransom by blocking access to your computer until you pay. And the sad reality is it works…
Ransomware victims were estimated to pay more than $590 million in the first half of 2021. As an industry, ransomware is worth an estimated $14 billion as of 2022.
But 2020 is when ransomware attacks increased significantly due to the COVID-19 pandemic.
Ransomware was involved in 21% of reported breaches in the three quarters of 2020. The total ransom amount paid increased by 311% in 2020, reaching nearly $350 million.
The number of organisations that paid ransoms has also increased significantly.
Ransom-paying organisations increased from 26% in 2020 to 32% in 2021.
Here’s the really bad news…
Only 8% of all ransom-paying organisations got their data back after paying the ransom. There is NO GUARANTEE that you will get your data back even after paying a hacker.
How much are the ransoms worth?
A lot. The average ransom fee requested in 2020 was $200,000.
Back in 2018, it was just $5,000. That means that ransom fee requests increased by 3,900% in only 2 years!
But 2021 was a whole new year for ransomware.
The largest ransomware payout was made by an insurance company in 2021 at $40 million. This set a new world record for all the wrong reasons.
The previous highest ransomware payout was $11 million.
These ransomware statistics show that even large companies are not immune to attacks. And hackers are getting bold by asking for bigger ransoms.
Other than the lost money…
What are the consequences of ransomware attacks?
A recent survey conducted with 1,263 companies showed that 80% of victims who made a ransom payment to a hacker were attacked again soon after.
The tricky thing with digital data is that it’s hard to fully protect yourself after being attacked.
The same survey showed that only 46% of the victims who paid the attackers got their data back and that most data was corrupted anyway.
In other words…
Less than 50% of companies got their data back even after paying, and for the most part, the files were damaged.
60% of survey respondents said they experienced revenue loss and 53% said that their brands were damaged significantly as a direct consequence of the attack.
The truth for companies is that the ransom is just the tip of the iceberg.
The effects on their business and brands can be far worse.
Indeed, because of the ransomware attack, 29% of the companies in the survey said they were forced to:
Aren’t there insurance policies for cyber attacks?
Yes, there are. But 42% of companies with a cyber insurance policy said that the insurance policy only covers a small part of the damages.
Ransomware attacks have enormous consequences for both individuals and companies. The only way to really protect yourself from a ransomware attack is to prevent the attack in the first place.
These ransomware statistics clearly show that the damages they cause can be irreparable.
Now you have seen the ransomware statistics on how much damage ransomware attacks cause.
The following ransomware statistics detail which industries get attacked the most and which countries are most likely to be targeted.
Let’s dive in!
In the second quarter of 2023, ReliaQuest reported that there were a total of 1,378 organizations that fell victim to ransomware attacks. This is a 64% increase from the previous quarter. Just in the first half of 2022 there were 236.1 million ransomware attacks worldwide.
The annual number of ransomware attacks spiked in 2016. Since then, it had dropped and (for the most part) kept down.
This is due to:
This is the annual number of ransomware attacks per year worldwide from 2016 to 2022:
|Year||Number Of Ransomware Attacks|
From 2017 to 2019, ransomware attacks dropped off averaging 192 million attacks per year. In 2021 the numbers picked up again, spiking to 623.3 million.
COVID-19 pandemic has been blamed as the most significant factor for an increase in ransomware attacks in 2020.
With staff working remotely, companies struggled to maintain high levels of security, leading to more successful ransomware attacks.
While every industry is affected by ransomware attacks, the truth is that some industries are more susceptible than others.
This is because of many factors – the biggest being that some sectors rely more on technology.
The Professional sector has the highest amount of malware and ransomware incidents occurring worldwide.
This is the full breakdown of the top 15 sectors most targeted by malware:
|Sector||Number Of Incidents|
|Mining & Utilities||195|
A total of 934 confirmed malware and ransomware incidents occurred within the Professional sector in 2020 alone.
This is 3.2x higher than the number of incidents occurring in the next sector, Manufacturing, with 292 total incidents.
The Public Administration sector had the third highest at 260. This was followed by Healthcare at 221 and Information at 203 incidents.
68.5% of businesses worldwide were victimised by ransomware In 2021.
This was a significant increase from the previous 3 years and the highest percentage recorded so far. Here is what the global victim rate of ransomware attacks is for businesses between 2018 and 2021:
More than half (over 50%) of all respondents to the survey said that they had been a victim of a ransomware attack.
But that’s not the scariest ransomware statistic here…
From the beginning of 2018 to the end of 2021, the percentage of businesses that have been successfully attacked has risen by 13.4%. You can also see a big jump of over 6% in 2020 and 2021.
These ransomware statistics show that at least 2 out of every 3 businesses will be attacked by ransomware this year. That’s a lot.
Which countries are affected by ransomware attacks?
On average, 37% of organisations globally were victims of a ransomware attack between January and February 2021.
The top 15 countries that were affected the most were:
|Country||Percentage Of Organisations Affected|
68% of all Indian organisations were affected by ransomware attacks which makes it the country with the most attacks, followed by Austria at 57% and the United States at 51%.
That means that over half of the organisations in those three countries have been affected by ransomware attacks.
One of the countries that were least affected by ransomware attacks was Poland. Just 13% of responding organisations from Poland had been victims of a ransomware attack.
The main goal of any ransomware attacker is to hold people to ransom by not releasing their data until they get paid.
But is it actually a good idea to pay the ransom?
Here’s what the ransomware statistics tell us about organisations that paid up.
60% of organisations regained access to their data and systems after making the first payment to hackers.
That means 4 out of 10 organisations paid and never got their information back. Even after paying, there is no guarantee that you will get your data, systems or files.
6% of organisations that made the first payment were asked to make a second ransom payment. Most of them walked away and chose not to pay.
The statistics are clear…
If your organisation is hacked, you have no way to ensure you will receive your data even after making a payment. The truth is you have very little (if any) control over the situation.
A survey conducted in 2019 with global IT decision-makers found that 84.5% of organisations that were victims of a ransomware attack but did not pay the ransom got their data back within 12 months.
That’s a very positive statistic.
Although still not guaranteed, there seems to be a strong chance you can recover your data without paying.
The same survey showed that 33.1% of ransomware victims chose to make the payment and were unsuccessful in recovering their data.
That means about ⅓ of companies decided to make the payment and still ended up losing their data.
In short – Not paying the hackers and having professional work on recovering your files could yield a better result.
Paying the hackers (statistically speaking) is slightly better than a coin flip!
The easiest way to protect yourself is to know the main reasons for ransomware infections and implement the right practices to protect yourself better.
The truth is that ransomware hackers go after the most vulnerable. They are looking for people and organisations that are least prepared.
Here are the leading causes of ransomware attacks today:
|Cause Of Ransomware Attack||Percentage|
|Poor User Practices||27%|
|Lack Of Cyber Security Training||26%|
|Accessing Malicious Websites||14%|
|Open RDP Access||20%|
|Lost/Stolen User Login Credentials||10%|
|Lack Of Funding For IT Security Solutions||8%|
|Lack Of Adopting IT Security Solutions||8%|
54% of respondents to the survey said that phishing email scams were the most common cause of ransomware infection.
Training employees to identify phishing emails would stop the majority of ransomware and cybersecurity issues.
Poor user practices came in second place at 27%, closely followed by lack of training at 26%. These two causes work hand in hand.
Better security training would likely improve user practices around cybersecurity.
Think of ransomware strains like virus strains…
Different types of ransomware are more common than others and more likely to affect your cybersecurity.
The top 5 most common types of ransomware strains are:
CryptoLocker has been around since 2013. 52% of respondents said they or a client had been infected with Cryptolocker.
All ransomware strains work similarly. After infecting your computer, they simply lock or shut down part of your computer.
You will then be redirected to a payment page to pay the ransom.
How do you protect yourself against these ransomware strains?
There are four things that you should do today:
As a business owner, you should have robust cybersecurity software installed on your network and servers.
These practices will generally protect you from the majority of ransomware attacks.
These ransomware statistics show that ransomware attacks aren’t going to disappear anytime soon.
As an organisation or business, you need to stay ahead of cyber criminals using ransomware.
The best thing you can do is teach your employees about ransomware, train them on good cybersecurity practices and provide high-quality anti-virus software.
The consequences that ransomware can cause to your business and reputation aren’t worth the risk. Take the necessary steps to protect yourself and your employees.
Want more statistics posts? Take a look at these blogs: