Ransomware Statistics: How Bad Are Ransomware Attacks in 2022?

Have you ever had a virus on your computer?

There are lots of different types of viruses you can get but ransomware is one of the worst types.

Here’s why:

Ransomware is malicious software that gains access to your computer or network and blocks your ability to open specific files or systems.

The ransomware hacker then restricts these files and systems until you pay a ransom to have them unblocked.

Crazy right?

But the truth is that ransomware attacks are at an all-time high – up over 148% since the beginning of 2021 alone!

And it doesn’t look like it will slow down anytime soon.

These latest ransomware statistics show how much damage is caused by attacks and the emerging trends you need to be aware of.

Ransomware Statistics Overview

There is no doubt that ransomware has become an enormous problem.

Here are the most important ransomware statistics you need to know about the attacks, demands, payments and consequences that can occur.

Attacks

Ransomware is the most prominent malware threat online today.

How does it work?

The most common tactics used by ransomware hackers are:

  • Email phishing – Malicious emails that trick people into providing personal information or clicking a bad link
  • RDP vulnerabilities – Remote Desktop Protocols that allow hackers to gain access to your computer remotely because the RDP hasn’t secured properly
  • Software vulnerabilities – A bug in a piece of software that hackers use to get access to your computer

Email phishing has been a common tactic used by hackers because it’s scalable. About 1 in every 6,000 emails contains suspicious URLs that can include ransomware.

What’s more?

There were 304 million reported ransomware attacks globally in 2020. That works out to be over 37,700 ransomware attacks every hour – about 578 every single minute.7

Ransomware Attack Statistics

The United States is one of the biggest targets for ransomware attacks.

Over 4,000 ransomware attacks have happened daily in the US since 2016.

Demands & Payments

Why do hackers perform ransomware attacks?

It’s simple – to get money.

Their goal is to hold you to ransom by blocking access to your computer until you pay. And the sad reality is it works…

Ransomware victims were estimated to pay more than $590 million in the first half of 2021. As an industry, ransomware is worth an estimated $14 billion as of 2022.

Ransomware industry estimation

But 2020 is when ransomware attacks increased significantly due to the COVID-19 pandemic.

Ransomware was involved in 21% of reported breaches in the three quarters of 2020. The total ransom amount paid increased by 311% in 2020, reaching nearly $350 million.

The number of organisations that paid ransoms has also increased significantly.

Ransom-paying organisations increased from 26% in 2020 to 32% in 2021.

Here’s the really bad news…

Only 8% of all ransom-paying organisations got their data back after paying the ransom. There is NO GUARANTEE that you will get your data back even after paying a hacker.

How much are the ransoms worth?

A lot. The average ransom fee requested in 2020 was $200,000.

Average ransomware request

Back in 2018, it was just $5,000. That means that ransom fee requests increased by 3,900% in only 2 years!

But 2021 was a whole new year for ransomware.

The largest ransomware payout was made by an insurance company in 2021 at $40 million. This set a new world record for all the wrong reasons.

Largest ransomware payout

The previous highest ransomware payout was $11 million.

These ransomware statistics show that even large companies are not immune to attacks. And hackers are getting bold by asking for bigger ransoms.

Consequences

Other than the lost money…

What are the consequences of ransomware attacks?

A recent survey conducted with 1,263 companies showed that 80% of victims who made a ransom payment to a hacker were attacked again soon after.

Ransomware victims

The tricky thing with digital data is that it’s hard to fully protect yourself after being attacked.

The same survey showed that only 46% of the victims who paid the attackers got their data back and that most data was corrupted anyway.

In other words…

Less than 50% of companies got their data back even after paying, and for the most part, the files were damaged.

60% of survey respondents said they experienced revenue loss and 53% said that their brands were damaged significantly as a direct consequence of the attack.

The truth for companies is that the ransom is just the tip of the iceberg.

The effects on their business and brands can be far worse.

Indeed, because of the ransomware attack, 29% of the companies in the survey said they were forced to:

  • Down-size
  • Remove jobs

Consequences of ransomware attacks

Aren’t there insurance policies for cyber attacks?

Yes, there are. But 42% of companies with a cyber insurance policy said that the insurance policy only covers a small part of the damages.

Ransomware attacks have enormous consequences for both individuals and companies. The only way to really protect yourself from a ransomware attack is to prevent the attack in the first place.

These ransomware statistics clearly show that the damages they cause can be irreparable.

Who Are The Victims Of Ransomware?

Now you have seen the ransomware statistics on how much damage ransomware attacks cause.

The following ransomware statistics detail which industries get attacked the most and which countries are most likely to be targeted.

Let’s dive in!

Worldwide Ransomware Attacks

The annual number of ransomware attacks spiked in 2016. Since then, it had dropped and (for the most part) kept down.

This is due to:

  1. More awareness around ransomware
  2. Government action to stop ransomware attacks

This is the annual number of ransomware attacks per year worldwide from 2016 to 2020:

Year Number Of Ransomware Attacks
2016 638 Million
2017 184 Million
2018 204.24 Million
2019 187.9 Million
2020 304 Million

From 2017 to 2019, ransomware attacks dropped off averaging 192 million attacks per year. In 2020 the numbers picked up again, spiking to 304 million.

From the latest data in 2021, it looks like it’s definitely on the rise again.

ransomware attacks per year

COVID-19 pandemic has been blamed as the most significant factor for an increase in ransomware attacks in 2020.

With staff working remotely, companies struggled to maintain high levels of security, leading to more successful ransomware attacks.

Most Targeted Sectors By Malware and Ransomware

While every industry is affected by ransomware attacks, the truth is that some industries are more susceptible than others.

This is because of many factors – the biggest being that some sectors rely more on technology.

The Professional sector has the highest amount of malware and ransomware incidents occurring worldwide.

This is the full breakdown of the top 15 sectors most targeted by malware:

Sector Number Of Incidents
Professional 934
Manufacturing 292
Public Administration 260
Healthcare 221
Information 203
Mining & Utilities 195
Retail 177
Transportation 147
Education 128
Finance 123
Real Estate 60
Entertainment 49
Accommodation 38
Construction 26
Administrative 20

A total of 934 confirmed malware and ransomware incidents occurred within the Professional sector in 2020 alone.

This is 3.2x higher than the number of incidents occurring in the next sector, Manufacturing, with 292 total incidents.

The Public Administration sector had the third highest at 260. This was followed by Healthcare at 221 and Information at 203 incidents.

Businesses Victimised By Ransomware Attacks Worldwide

68.5% of businesses worldwide were victimised by ransomware In 2021.

This was a significant increase from the previous 3 years and the highest percentage recorded so far. Here is what the global victim rate of ransomware attacks is for businesses between 2018 and 2021:

Year Percentage
2018 55.1%
2019 56.1%
2020 62.4%
2021 68.5%

More than half (over 50%) of all respondents to the survey said that they had been a victim of a ransomware attack.

But that’s not the scariest ransomware statistic here…

From the beginning of 2018 to the end of 2021, the percentage of businesses that have been successfully attacked has risen by 13.4%. You can also see a big jump of over 6% in 2020 and 2021.

urvey said that they had been a victim of a ransomware attack

These ransomware statistics show that at least 2 out of every 3 businesses will be attacked by ransomware this year. That’s a lot.

Countries Most Affected By Ransomware Attacks

Which countries are affected by ransomware attacks?

On average, 37% of organisations globally were victims of a ransomware attack between January and February 2021.

The top 15 countries that were affected the most were:

Country Percentage Of Organisations Affected
India 68%
Austria 57%
United States 51%
Israel 49%
Turkey 48%
Sweden 47%
Belgium 47%
Switzerland 46%
Germany 46%
Australia 45%
Spain 44%
Philippines 42%
Canada 39%
UAE 38%
Brazil 38%

68% of all Indian organisations were affected by ransomware attacks which makes it the country with the most attacks, followed by Austria at 57% and the United States at 51%.

organisations experienced ransomware attacks 2021 by country

That means that over half of the organisations in those three countries have been affected by ransomware attacks.

One of the countries that were least affected by ransomware attacks was Poland. Just 13% of responding organisations from Poland had been victims of a ransomware attack.

Is Paying The Ransom A Good Idea?

The main goal of any ransomware attacker is to hold people to ransom by not releasing their data until they get paid.

But is it actually a good idea to pay the ransom?

Here’s what the ransomware statistics tell us about organisations that paid up.

Outcomes For Organisations That Paid Ransoms

60% of organisations regained access to their data and systems after making the first payment to hackers.

That means 4 out of 10 organisations paid and never got their information back. Even after paying, there is no guarantee that you will get your data, systems or files.

 4 out of 10 organisations paid and never got their information back

What’s more?

6% of organisations that made the first payment were asked to make a second ransom payment. Most of them walked away and chose not to pay.

The statistics are clear…

If your organisation is hacked, you have no way to ensure you will receive your data even after making a payment. The truth is you have very little (if any) control over the situation.

Outcomes For Organisations That Didn’t Pay Ransoms

A survey conducted in 2019 with global IT decision-makers found that 84.5% of organisations that were victims of a ransomware attack but did not pay the ransom got their data back within 12 months.

Ransomware statistics

That’s a very positive statistic.

Although still not guaranteed, there seems to be a strong chance you can recover your data without paying.

The same survey showed that 33.1% of ransomware victims chose to make the payment and were unsuccessful in recovering their data.

That means about ⅓ of companies decided to make the payment and still ended up losing their data.

In short – Not paying the hackers and having professional work on recovering your files could yield a better result.

Paying the hackers (statistically speaking) is slightly better than a coin flip!

What Can Cause A Ransomware Infection?

The easiest way to protect yourself is to know the main reasons for ransomware infections and implement the right practices to protect yourself better.

The truth is that ransomware hackers go after the most vulnerable. They are looking for people and organisations that are least prepared.

Here are the leading causes of ransomware attacks today:

Cause Of Ransomware Attack Percentage
Spam/Phishing Emails 54%
Poor User Practices 27%
Lack Of Cyber Security Training 26%
Weak Passwords 21%
Report Clickbait 17%
Accessing Malicious Websites 14%
Open RDP Access 20%
Lost/Stolen User Login Credentials 10%
Lack Of Funding For IT Security Solutions 8%
Lack Of Adopting IT Security Solutions 8%

54% of respondents to the survey said that phishing email scams were the most common cause of ransomware infection.

Most common cause of ransomware infection.

Training employees to identify phishing emails would stop the majority of ransomware and cybersecurity issues.

Poor user practices came in second place at 27%, closely followed by lack of training at 26%. These two causes work hand in hand.

Cause of ransomware infection

Better security training would likely improve user practices around cybersecurity.

Which Strains Of Ransomware Are Most Common?

Think of ransomware strains like virus strains…

Different types of ransomware are more common than others and more likely to affect your cybersecurity.

The top 5 most common types of ransomware strains are:

Ransomware Strain Percentage
CryptoLocker 52%
WannaCry 26%
CryptoWall 16%
Locky 13%
Emotet 10%

CryptoLocker has been around since 2013. 52% of respondents said they or a client had been infected with Cryptolocker.

All ransomware strains work similarly. After infecting your computer, they simply lock or shut down part of your computer.

You will then be redirected to a payment page to pay the ransom.

How do you protect yourself against these ransomware strains?

There are four things that you should do today:

  1. Install a trusted anti-virus
  2. Use unique and strong passwords
  3. Don’t open emails you don’t trust
  4. Keep software up to date

As a business owner, you should have robust cybersecurity software installed on your network and servers.

How do you protect yourself against these ransomware strains?

These practices will generally protect you from the majority of ransomware attacks.

Wrapping It Up

These ransomware statistics show that ransomware attacks aren’t going to disappear anytime soon.

As an organisation or business, you need to stay ahead of cyber criminals using ransomware.

The best thing you can do is teach your employees about ransomware, train them on good cybersecurity practices and provide high-quality anti-virus software.

The consequences that ransomware can cause to your business and reputation aren’t worth the risk. Take the necessary steps to protect yourself and your employees.

Want more statistics posts? Take a look at these blogs:

What are your thoughts?

* Name, Email, Comment are Required