Ransomware - statistics & facts

Overview
Key figures
Statistics

Published by Statista Research Department, Jul 6, 2022

Although ransomware still ranks behind other more concerning malware types such as viruses and trojans, it has huge potential for damage - both for businesses and individuals alike. In fact, the annual share of ransomware attacks experienced by organizations worldwide has been on the rise since 2018, peaking at 68.5 percent in 2021.

What is ransomware?

Ransomware is a type of malicious software that threatens to permanently block access to a victim’s data or publish it unless a ransom is paid. While simple ransomware may lock the system in a manner that is easily reversible, more advanced malware uses a technique called crypto-viral extortion. Here the victim's files are encrypted, making them inaccessible after which a ransom payment is demanded in order to decrypt them. In a properly implemented ransomware extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Bitcoin are used for ransom transactions, making finding and prosecuting the perpetrators a challenge.

Ransomware on the rise

In the United States, the volume and severity of ransomware attacks has significantly increased in recent months. Database files and SQL files are among the most targeted types of files and education and IT are the most targeted types of businesses. In fact, in 2020 68 percent of U.S. organizations admitted to having experienced – and as a result paid the ransom for - ransomware attacks that year. The leading causes of ransomware infections were spam and phishing emails, followed by poor user practices and lack of cyber security training. According to MSPs (Managed service providers), the most commonly experienced strains of ransomware by ransomware attack victims was CryptoLocker, WannaCry and CryptoWall.

The impact of ransomware, prevention, and security solutions

The actual financial damage of the extortion payment – which can be covered via cyber insurance – pales in comparison to a company’s losses of reputation and customers. The most common consequences of ransomware attacks according to victims in the United States are investment in new security technologies, loss of income from downtime and loss of clients. Unsurprisingly, the corporate web security industry has seen an increase in yearly revenue since 2016. This is speculated to reach nearly 8 billion U.S. dollars by 2025. On top of this, the ransomware pool is fast growing, with 327 new families added in 2017 and more recently, 127 in 2020. The most commonly implemented ransomware solutions include security software and employee training. This training may include phishing testing of high-risk employees, as well as online training for all employees.

This text provides general information. Statista assumes no liability for the information given being complete or correct. Due to varying update cycles, statistics can display more up-to-date data than referenced in the text.