29 Alarming Ransomware Statistics to Keep in Mind in 2022

Ever since the first ransomware AIDS trojan was launched in 1989, the use of this scam grew drastically. The latest ransomware statistics show that this attack is pretty common among businesses of all sizes and individuals alike.

Ransomware attackers often aren’t afraid of demanding millions of dollars, and the unfortunate fact is that many businesses pay to get their data back.

Additionally, many cybersecurity experts believe that there will be even more ransomware attacks in the future as cybercriminals become more capable of acting.

Top Ransomware Stats (Editor’s Choice)

  • The number of ransomware attacks doubled in the first half of 2021.
  • The US is still the most targeted country, with 54% of total ransomware victims.
  • A total of 60% of organizations claim they have trained IT security staff that’ll prevent ransomware attacks.
  • Overall, losses due to ransomware range from $70 to $1.2 million.
  • Ransom remediation costs also rose to $1.85 million.
  • Up to 1,500 businesses are affected by ransomware globally.
  • Manufacturing accounts for 30% of the total ransomware attacks.
  • In 2020, 33% of attacks on government bodies were related to ransomware.

Essential Ransomware Facts

Nobody is immune to ransomware, and these attacks can happen at any moment. Globally, there are thousands of victims who have to pay to get their data released. Additionally, other forms of extortion attacks are also present.

1. About 4,000 ransomware attacks happen each day.

Source: Justice

Ransomware is one of the fastest-growing malware threats, and it targets individuals and businesses around the world. Ever since 2016, the number of daily ransomware attacks averaged at about 4,000, ransomware trends show.

2. The number of ransomware attacks doubled in the first half of 2021.

Source: Cognate

The latest data also shows that the number of ransomware attacks doubled in the first half of 2021. A total of 1,097 organizations went through the attack in the first six months of 2021. For comparison, there were 1,112 attacks recorded for the whole year of 2020.

3. Remote desktop protocol, phishing, and software vulnerabilities are the top three ransomware attack vectors.

Source: Digital Defense

According to ransomware statistics, remote desktop protocol, phishing, and software vulnerabilities are the top three ransomware attack vectors that attackers love using due to their simplicity. Phishing is the primary one, and it rose to #1 in Q4 of 2020. RDPs are still easily compromised, and software vulnerabilities are perfect since they open doors to malware.

4. Conti, Avaddon, and Revil are responsible for 60% of ransomware attacks.

Source: Cognate

Conti, Avaddon, and Revil ransomware groups are responsible for 60% of ransomware attacks in 2021. Hive, Suncrypt, and Cuba are the least responsible for the latest ransomware attacks.

5. The US is still the most targeted country, with 54.9% of total ransomware victims.

Source: Cognate

The top 10 countries that suffer the most ransomware attacks remain unchanged. The US still leads with 54.9% of victims. These top 10 countries, together with the US, constitute 84% of total victims.

6. A total of 96% of ransomware victims got their data back.

Source: Sophos

The good news is that ransomware attackers will often keep their word. The numbers show that 96% of victims got their data back. Still, on average, only 65% of the encrypted data was restored after payment.

7. WannaCry remains one of the most known global ransomware attacks, with 230,000 computers attacked.

Source: Kaspersky; Statista

WannaCry ransomware statistics show WannaCry will remain the most commonly used family of encryption ransomware in 2020. This type of malware caused issues with 230,000 computers globally, affecting hospitals, mobile companies, and others.

8. Bitcoin was the preferred payment method for over 50% of ransomware attacks in 2018.

Source: Purplesec

Cryptocurrency is commonly used for ransom since it’s harder to track and impossible to dispute for chargebacks. In 2018, the preferred currency was Bitcoin, in 50% of ransomware attacks, according to phishing statistics.

9. A total of 96% of social engineering attacks come by email.

Source: Expert Insights

Recent data shows that 96% of social engineering attacks are done via email. The most commonly used type of attack is phishing, and phishing emails can often contain ransomware malware.

10. Extortion-style attacks that don’t use data encryption also increased to 7%.

Source: Sophos

Unfortunately, there are other attacks besides the standard ransomware. These extortion attacks also increased more than double since last year, from 3% to 7%.

Ransomware Costs

Some companies are willing to pay tens of millions only to get their data back. Unfortunately, the costs of ransomware attacks are growing, and remediation costs are also on the rise.

11. Overall, losses due to ransomware range from $70 to $1.2 million.

Source: Tech Target

In general, the losses caused by ransomware may range from $70 to $1.2 million, depending on who’s the victim. Still, the median cost of ransomware is $11,150. Still, not every ransomware victim paid the ransom costs.

12. Businesses lose over $75 billion each year because of ransomware.

Source: Purplesec

The average yearly loss related to ransomware attacks is $75 billion for businesses. For example, the NotPetya ransomware attack losses could surpass $1 billion alone. On average, businesses pay $133,000 per attack.

13. In the first half of 2021, the average ransomware demand was $5.3 million.

Source: Palo Alto Networks

At the moment, attackers are doubling the number of extortion methods, at the same time becoming more greedy. The data shows that in the first half of 2020, the average demand was $5.3 million. That’s up 518% from the 2020 average of $847,000.

14. The average ransom payment in companies with 100 to 1,000 employees is $107,694.

Source: Sophos

The average ransomware payment depends on the size of the organization. For example, companies with 100 to 1,000 employees usually pay $107,694. On the other hand, according to ransomware payment statistics, organizations with 1,000 to 5,000 employees usually pay $225,588.

15. In 2021, an insurance company made one of the largest ransomware payments ever—$40 million.

Source: Business Insider

In 2021, one of the biggest US insurance companies, CNA Financial, paid ransomware attackers a total of $40 million. This attack happened right after Colonial Pipeline paid $4.4 million to its attackers. This is also known as one of the biggest ransomware attacks in 2021.

16. Ransom remediation costs also rose to $1.85 million.

Source: Sophos 

When it comes to the costs of rectifying the issues after the ransomware attack, the numbers are also up. The latest data shows that remediation costs reached $1.85 million, which is more than double since last year’s $761,106. The costs increased mainly because of the complexity of new ransomware attacks on businesses.

Small and Medium-Sized Business Ransomware Statistics

During last year, numerous organizations were hit by ransomware globally. Often, getting the ransomware malware is not that hard, and sometimes a single email is enough to lock customer databases and other vital information.

17. Up to 1,500 businesses are affected by ransomware globally.

Source: VOA News

One of the most common victims of ransomware attackers are small businesses. These attacks are so common that ransomware statistics show 800 to 1,500 small businesses around the world have been affected.

18. Ransomware is still the most prominent malware threat for businesses, based on what 1,400 managed service providers claim.

Source: Datto

In 2019, a total of 85% of MSPs reported ransomware as the most common threat to small and medium-sized businesses. Additionally, MSPs rank emails as the learning cause of successful attacks, ransomware stats and numbers show.

19. Overall, 70% of businesses of all sizes paid the ransom to get their data back.

Source: Pindrop

Still, not only small businesses are in danger. About 70% of businesses, regardless of their size, paid ransom to get their data back after the attack occurred. Around 20% of compromised organizations paid over $40,000 and 25% paid from $20,000 to $40,000.

20. On average, one in five small businesses reports they’ve fallen victims to ransomware.

Source: Datto

According to statistics on ransomware, one in five SMBs report they’ve been victims of a ransomware attack. Those SMBs who outsource their IT services are also at a higher risk. Additionally, phishing emails are the leading cause of successful attacks.

21. Around 42% of larger businesses were victims of ransomware.

Source: Sophos

Not only SMBs are in danger. A total of 42% of larger business organizations with 1,001 to 5,000 employees were also victims of ransomware. For comparison, 33% of organizations with 100 to 1,000 employees were hit.

22. Organizations with 100 employees need to deal with about four malware-infected emails each day.

Source: Fortinet

Ransomware stats additionally show that organizations with about 100 employees have to deal with about four malware-infected emails daily. They also need to tackle three emails with unknown malware and about two emails with suspicious links, which can be challenging to manage.

Ransomware Attacks Across Industries

At the moment, manufacturing faces the most ransomware attacks. However, the healthcare sector is also in danger. Government bodies also have a low percentage of employees who can properly react to ransomware, which makes them the target as well.

23. A total of 60% of organizations claim they have trained IT security staff that’ll prevent ransomware attacks.

Source: Sophos

Overall, 60% of organizations aren’t afraid of many types of ransomware attacks. These organizations weren’t hit by ransomware and don’t expect to be in the future because they have trained IT staff capable of stopping the attack. Another 52% have anti-ransomware technology.

24. Manufacturing accounts for 30% of the total ransomware attacks.

Source: Cognate

Regarding the most targeted industries, manufacturing remains on top, accounting for 30% of total ransomware attacks. Additionally, financial services, transportation, tech, and HR constitute 60% of the targets.

25. In 2020, retail accounted for 44% of ransomware attacks.

Source: Computer Weekly

According to last year’s ransomware attack statistics, a total of 44% of retail organizations suffered ransomware attacks. Out of that 44%, 32% paid the ransom, and the average payment was $147,811.

26. Ransomware attacks were responsible for 50% of all healthcare data breaches in 2020.

Source: HHS

Ransomware and data breaches are two major issues for the healthcare industry. In 2020, ransomware attacks were responsible for 50% of data breaches. Unfortunately, this industry is the most targeted sector for data breaches, according to healthcare ransomware statistics.

27. Ransomware attacks on universities increased 100% between 2019 and 2020.

Source: Blue Voyant

Besides manufacturing and healthcare, education is also on the list of industries affected by ransomware. So much so that the number of attacks on universities grew 100% from 2019 to 2020. The data shows that the average ransomware attack is about $447,000.

Security Intelliegence

The government sector is also not immune to ransomware. The US government statistics on ransomware show that 33% of attacks on government entities involved ransomware. What’s more, only 38% of government employees are trained on ransomware prevention.

29. Banks experienced a 520% increase in ransomware between March and June 2020.

Source: American Banker

Another sector that saw an enormous increase in ransomware and phishing is banking. This sector saw a 520% growth between March and June 2020.

Conclusion

The number of ransomware attacks increased, and small businesses are the most common victims. Ransomware statistics show that ransomware was quite common before 2020, but the pandemic opened new doors for attackers.

At the moment, the manufacturing, financial, and healthcare sectors are also facing issues with ransomware, but the government bodies aren’t that secure either.

To conclude, the number of daily attacks reached 4,000, and the US is the most attacked region globally. Businesses of all shapes and sizes must improve their IT security measures to prevent ransomware and cut the costs of these attacks.

FAQ

At the moment, no one is immune to the attacks of cybercriminals. Ransomware is one of the most common forms of attack, where criminals block computers and lock important data. Then, they promise to give the access back once the ransom is paid.

Ransomware is on the rise globally. Unfortunately, no one is safe, as the attackers target individuals and businesses alike. The data shows that ever since 2016, the number of daily ransomware attacks averaged about 4,000. Additionally, the number of ransomware attacks doubled in the first half of 2021.

The ransomware industry is growing, and attackers constantly think of new methods of ransom. At the moment, ransomware also has enormous potential for damage, and it hurts businesses and individuals.

There were 127 new ransom families discovered globally in 2020, which is way more than last year. Overall, losses because of ransomware reach up to $1.2 million, while businesses lose over $75 billion annually due to this cyber attack. Based on these numbers, the ransomware industry is large.

The most common way people get ransomware malware on their computers is via phishing email. Another way is via drive-by downloading. Drive-by downloading happens when a user visits an infected website that automatically downloads and installs the malware without the user knowing.

Crypto ransomware is also spread with similar methods, but it can also be delivered via social media and web-based instant messaging apps. Additionally, hackers can sometimes use vulnerable webservers and use it as an entry point to install the malware.

Since ransomware became a common occurrence, but attackers use more sophisticated methods, remediation costs also increased. Last year, the remediation costs were around $$761,106, but today, they reached $1.85 million. 

Ransomware attacks are often combined with hands-on human hacking. This requires a more complex data recovery process and is likely the key reason prices of remediation increased in such a short time. This cost also includes downtime, people time, network costs, paid the ransom, etc.

The number of businesses hit by ransomware depends on several factors. Attackers often target specific industries, like manufacturing, yet 42% of larger businesses are more likely to become victims of ransomware.

Overall, one in five small businesses claim they’re victims of ransomware. Additionally, organizations with a lower number of employees also struggle with several kinds of malicious emails daily, which increases their chances of being attacked.

Ransomware gangs started targeting businesses, as they could provide higher payments. This allows attackers to ask for bigger ransom compared to what they can get from individuals. Their plan is successful since 70% of ransomware victims will pay to get their data back.

On the other hand, if these attackers were to target individual consumers, they’d likely receive no more than $1,000, depending on the ransom method, according to ransomware statistics.