19 Ransomware Statistics to Capture Your Attention in 2023

Updated · May 20, 2023

Ransomware cyberattack incidents continue to increase in 2022, posing a challenge to individuals and companies all over the world. Colonial Pipeline, Washington DC Metropolitan Police Department, even Apple—big names of ransomware victims appear in the news nearly every day. 

Understanding how ransomware operates, who it aims for, and when it happens is a great first step toward tackling it.

The following ransomware statistics, facts, and trends reveal exactly that—and more.

Read on to learn what’s happening in the world around you and how you can protect yourself.

Astonishing Ransomware Statistics to Keep in Mind in 2022

  • The recorded number of ransomware attacks worldwide in 2018 was about 204 million.
  • This number has increased by 350% since then.
  • 15% of cyber insurance attacks in 2018 were ransomware incidents.
  • There were 304 million malware incidents globally in 2020.
  • In 2020, 54% of US companies reported ransomware attacks.
  • The cost of recovering from such incidents can go up to $1 million.
  • The estimated expenses related to a ransomware attack on an enterprise are $133,000.
  • WannaCry still accounted for approximately half of all reported malware occurrences in the United States in 2020.
  • 54% of ransomware attacks in 2020 were caused by a user clicking on a malicious link in an email or downloading an infected attachment.
  • Ransomware costs are expected to hit a new high of $20 billion by 2021, up from $11.5 billion in 2019.

Ransomware Statistics 2022

Before going into more detail, we briefly explain what the definition of ransomware is, how much it costs, how it happens, and how the ransom is paid.

What Is Ransomware?

Ransomware is a form of malware used by cybercriminals to restrict your access to your data until you pay the required amount of money.

The hacker encrypts your system's files and adds modifications to the data. If the ransom demands are not fulfilled within the timeline specified by the digital crooks, the device or encrypted data will remain unreadable.

Alternatively, the data would be erased by the program and the decryption key would be obliterated.

Personal computers and smartphones are the top targets of cyber attackers.

But does that make ransomware a virus?


Despite both of them being malware, viruses infect your files or applications, can multiply and spread, and often destroy everything in their wake.

Ransomware scrambles your files, rendering them unusable. Access can be restored once the requested payment is made, although the hackers often demand additional ransom.

These scary ransomware statistics below show the devastating consequences of such attacks.

1. Ransomware costs are expected to reach $20 billion by the end of 2021.

(Source: Cybersecurity Ventures)

This is a huge increase from previous estimates of $11.5 billion in 2019 and $8 billion in 2018. These predictions are supported by industry and academia experts, cybersecurity firms, news outlets, and other parties.

2. 67% of ransomware is spread via spam and phishing emails.

(Source: Purplesec)

According to ransomware statistics, spam and phishing account for two-thirds of all incidents. Second comes the lack of cybersecurity training, causing 36% of attacks. Another 30% are the result of bad access control and weak passwords.

3. Every day, over 7,000 people become victims of ransomware.

(Source:  Purplesec)

Wondering how many ransomware attacks happen in 2022?

Every 11 seconds, an organization in the world is the target of a ransomware attack. This means that 7,690 companies or people are targeted every single day.

Take a moment to absorb that.

4. About half of the ransoms in 2018 were paid in Bitcoin.

(Source: Purplesec)

Looking at ransomware payment strategies, we can see that almost half of the ransom is paid in Bitcoin.

Other cryptocurrencies, such as Ethereum, Litecoin, and Dogecoin, are often used as well. Bitcoin is probably the safest method to get paid for attackers.

5.  Windows users are the target of 85% of ransomware attacks.

(Source: Purrplesec)

Wondering which type of device is the top target for ransomware?

The number of attacks that occur varies significantly depending on the operating system. The answer might not be surprising, but the unequal distribution sure is.

By far, the most targeted OS is Windows with 85%. Just 7% of attacks are toward MacOS users, while 5% of hackers choose Android.

With just 3% of the share, iOS is the least affected, making iPhone ransomware rare in comparison to others.

6. The estimated amount of downtime caused by ransomware is 19 days.

(Sources: Coveware)

According to ransomware statistics, not only has the overall ransom payment risen in the last year but so has the total downtime triggered by the attacks.

The total outage in the third quarter of 2020 was 19 days, up by 19% from 16 days in the second quarter.

7. 50%-70% of ransomware victims in the US are small businesses.

(Source: Bank Info Security)

Around 50% to70% of all ransomware attacks in the United States hit small to medium-sized enterprises. The cost for the victims in 2020 was approximately $350 million.

Biggest Ransomware Attacks

In 2021, ransomware attacks became one of the most worrisome problems for enterprises worldwide.

Some popular ransomware examples are Locky, Bad Rabbit, WannaCry, Ryuk, Jigsaw, CryptoLocker, and others. The biggest targets are government bodies, schools, hospitals, and the construction industry.

Let’s take a quick look at the latest ransomware attacks in the world.

8. WannaCry is the largest ransomware attack in history.

(Source: Raconteur)

The WannaCry was a worldwide ransomware attack that occurred in May 2017. It is widely regarded as the largest and most destructive malware incident in history.

It is estimated that it crippled 250,000 systems in 150 nations, sending the whole planet into a panic for four days.

9. 15.4% of all ransomware attacks target towards government bodies.

(Source: Safety Detectives)

The manufacturing and construction services sectors trail closely behind at 13.9% and 13.2%, respectively.

10. In 36% of cyberattacks, the primary goal is to disrupt the business.

(Source: Crowd Strike)

Although the financial benefit is typically the primary goal of a ransomware attack, the cost of the resulting business interruption often outweighs the ransom sum.

11. 56% of ransomware victims choose to pay the ransom.

(Source: Kaspersky)

While more than half of the victims pay the ransom, 17% do not receive their data back.

Statistics reveal that people over the age of 55 are least likely to succumb to the pressure, with only 11% of them paying the ransom. This percentage is highest among those aged 35-44—65%.

12. CNA Financial Corp. paid $40 million in ransom in 2021.

(Source: Bloomberg)

Among the latest ransomware victims is CNA, one of the largest insurance companies in the USA. Reportedly, it paid $40 million dollars in ransom in March of 2021.

If the figure is accurate, this is one of the largest ransomware payouts. This ransomware attack in 2021 opened the eyes of many businesses that were reluctant to change their security policy.

Let’s take a look at the latest ransomware threats and trends to see what the future holds for us.

13. The cost of cybercrime will reach $5.2 trillion by 2023.

(Source: Security Magazine)

If they fail to implement adequate cybersecurity measures, companies will suffer significant financial losses.

The risk is the highest for high-tech companies, followed by the life sciences and the automotive industries.

(Source: Secure List)

In 2019, approximately 530 educational institutions reported being targeted by cybercriminals. This accounts for a whopping 61% of ransomware attacks.

And according to malware statistics from 2021, the educational section is the tenth most targeted industry.

15. The shipping industry could be the next major target of ransomware attacks.

(Source: Nextgov)

According to some experts, the shipping and distribution industry could become a focus of ransomware attacks in 2022.

Since people increasingly depend on these resources during lockdowns, hackers will most likely see it as a chance to extort more money.

16. Ransomware caused the first death in 2020.

(Source: Zdnet)

In 2020, the first recorded death as a result of a cyberattack was reported in Duesseldorf.

A woman in need of critical treatment was rerouted to a hospital nearly 20 miles away. The hospital she was initially taken to was dealing with ongoing ransomware infecting its systems, so it couldn’t receive new patients.

17. The number of cyberattacks increased by 400% since the beginning of the pandemic.

(Source: Six Degree)

The price of a ransomware attack today is also way higher than ever. The size of ransom payments increased by 104% from Q3 to Q4 of 2020.

And if hackers start threatening organizations' most critical assets, as predicted, the cost of malware will increase even more.

18. The demand for “ransomware as a service” will keep increasing.

(Source: Recorded Future)

Ransomware as a service (RaaS) is the perfect way for amateur cybercriminals to get started.

Underground forums are full of advertisements for RaaS services at different costs.

 19. Cyberattackers are taking advantage of Covid-19.

(Source: Microsoft)

In an attempt to deceive people into downloading ransomware, cybercriminals send phishing emails impersonating IT workers or claiming to offer knowledge about Covid-19 vaccinations or relief payments. Most people and businesses fall victim to spamming and phishing.

How to Protect Yourself From Ransomware?

Understanding what a ransomware attack is and the consequences it can have is the first step toward securing the safety of your business.

Unfortunately, there is no way to protect yourself completely. New ransomware attacks are causing headaches to many business owners.

However, there are some precautions you can take to reduce the extent of the attack.

  • Be careful with spam messages or obscure websites. If you click on a malicious link, an automated process may begin, potentially infecting your device.
  • Avoid opening suspicious-looking attachments. Pay attention to the source and make sure that the address is trustworthy.
  • Investing in security awareness training would aid in the development of a community of conscientious workers. People will be able to detect and stop suspicious connections, phishing emails, and harmful online activity.
  • Patching your programs helps keep hackers out of your device. Java, Flash, Adobe, and other apps must be updated on a regular basis in order to remain impenetrable.
  • To be safe, avoid using public WiFi for important transactions. Secure your connection with a VPN service instead.
  • Create an effective backup strategy and store important data on the cloud.
  • Training employees to recognize malicious emails will aid in the prevention of ransomware and other email-borne threats, such as phishing.

Wrap Up

But what are the most important lessons we can learn from these fascinating ransomware statistics?

Recent malware attacks statistics show that no one is exempt from this danger. And the numbers continue to grow.

The figures suggest that individuals and businesses are ready to spend exorbitant amounts to avoid the imminent repercussions of the attack.

Hopefully, these ransomware statistics convinced you that the cyber world isn't all that different from the real world. A protection system is needed to secure your property and belongings. Similarly, companies that manage sensitive consumer data must protect their networks and upgrade their systems on a regular basis.

The severity of recent ransomware attacks shows that hackers won’t stop at anything.

Organizations must provide their employees with the necessary resources to counter potential threats. A company's loss is a hacker's benefit, so you need to be cautious now more than ever.

Nick Galov
Nick Galov

Unaware that life beyond the internet exists, Nick is poking servers and control panels, playing with WordPress add-ons, and helping people get the hosting that suits them.