In the first half of 2022, 236.1 million ransomware attacks happened worldwide.
The number of cases of ransomware attacks reached 129.9 million in the first quarter of 2022. In the second quarter, this number decreased significantly and reached 106.2 million.
Let’s look at how the number of ransomware attacks changed over the years.
The Number of Ransomware Attacks in 2016 – 2022 (First Half)
| Year | Number of Ransomware attacks, millions |
|---|---|
| 2016 | 638 |
| 2017 | 183.6 |
| 2018 | 206.4 |
| 2019 | 187.9 |
| 2020 | 304.6 |
| 2021 | 623.3 |
| 2022 (First Half) | 236.1 |
623.3 million ransomware attacks happened in 2021, nearly double that in 2020.
(Source: Statista)
More people have started working from home due to the pandemic, which makes them more vulnerable to attacks. Additionally, cybercriminals are becoming more sophisticated and efficient in their attacks.
In the second quarter of 2021, 188.9 million ransomware attacks happened, compared to 106.2 million attacks in the second quarter of 2022.
(Source: Statista)
The final number of ransomware attacks in 2022 and 2023 is up to see yet. But in the second quarter of 2022, ransomware attacks decreased rapidly compared to the second quarter of 2021.
How Many Ransomware Attacks Are There Per Day?
According to the FBI, more than 4000 ransomware attacks happen daily.
(Source: FBI)
It is a 300% increase compared to 1000 ransomware attacks in 2015. In the coming years, the rise in ransomware attacks could be even higher if people don’t make prevention efforts.
Businesses Ransomware Attacks Statistics
According to Statista, 71% of businesses experienced ransomware attacks in 2022.
(Source: Statista, CyberEdge)
This research included 1,200 respondents from organizations with more than 500 employees and representing 17 countries across the globe. According to this research, the number of ransomware attacks is increasing yearly. This year is the highest number for the previous five years.
Percentage of Businesses Affected By Ransomware Attacks Worldwide (2018-2022)
| Year | Percentage of Businesses Affected by Ransomware, % |
|---|---|
| 2018 | 55.1 |
| 2019 | 56.1 |
| 2020 | 62.4 |
| 2021 | 68.5 |
| 2022 | 71 |
According to Sophos’ research, 66% of organizations were attacked by ransomware in 2021, compared with 37% in 2020.
(Source: Sophos)
The research was done by Sophos and included 5,600 respondents from mid-sized organizations with a wide range of sectors across 31 countries. This survey shows that the percentage of organizations suffering from ransomware attacks has grown rapidly due to one year.
In 2021 65% of victims said ransomware gangs successfully encrypted their data.
(Source: Sophos)
In 4% of cases, data wasn’t encrypted by cybercriminals, but attackers were asking for ransom. Some attackers not encrypting files but steal the data and threaten to publish it if ransom won’t be paid.
Organizations with 5,000 – 25,000 employees are the “sweet spots” for ransomware attacks.
(Source: CyberEdge)
Firstly, organizations of such size have enough money to pay the high ransom. Secondly, such organizations don’t have a large impact on local economies, so there is less risk of getting attention from national governments or law enforcement agencies.
19% of US organizations reported that ransomware was the cause of the cyberattack.
(Source: UpCity)
Before the COVID-19 pandemic, ransomware was responsible for 15% of all cyberattacks in the US.
48% of organizations affected by ransomware reported that their sites were down between 8 and 24 hours.
(Source: UpCity)
The downtime caused by ransomware can lead to many negative consequences for businesses, including lost productivity and revenue and damage to their reputation. In addition, the costs associated with recovery can be significant.
50% of SMBs in the US already have a cybersecurity plan.
(Source: UpCity)
30% of US SMBs have thought of creating a cybersecurity plan in 2022. Rare small businesses can financially or operationally recover from ransomware attacks. So having a cybersecurity strategy in place can be very helpful.
Ransomware Attacks Cost and Payment Statistics
$812,360 was the average ransom paid by mid-sized organizations in 2021, compared to $170,404 in 2020.
(Source: Sophos)
That’s almost 5 times increase just for one year. Attackers are taking advantage of the fact that organizations need their data and are willing to pay anything to get it back.
11% of companies paid $ 1 million or more ransom in 2021.
(Source: Sophos)
21% of organizations paid less than $10,000 in ransom in 2021. The organization’s size often determines how much ransom is paid, with larger organizations generally paying more. In addition, the type of organization can also affect the ransom amount, with healthcare and educational organizations often being targeted for higher ransom payments.
$1.4 million was the average cost to fix the influence of ransomware attacks on the business in 2021.
(Source: Sophos)
This includes paid ransom, downtime, people time, lost opportunities, network cost, etc. In 2020 the ransomware attack cost $1.85 million on average.
$159.4 billion is the cost of ransomware attacks in downtime in the USA in 2021.
(Source: Comparitech)
This is a huge cost! Ransomware attacks can cause a lot of damage and downtime.
88% of organizations that already experience ransomware attacks will choose to pay the ransom if they get attacked again.
(Source: Kaspersky)
Compared to this data, only 67% of organizations that weren’t attacked by ransomware before would choose to pay ransom in case of attack.
62.9% of organizations attacked by ransomware gangs paid a ransom in 2022.
(Source: CyberEdge)
This is a 5.2% increase compared to the 57.7% of organizations that paid a ransom in 2020.
| Year | Percent of Attacked Organizations Paid Ransomware, % |
|---|---|
| 2019 | 45.0 |
| 2020 | 57.7 |
| 2021 | 57.0 |
| 2022 | 62.9 |
72% of organizations recovered their data after paying the ransom.
(Source: CyberEdge)
This is a 5.4% increase compared to 2020, when 66.8% of payers received their data back. That’s why more victimized companies choose to pay a ransom.
Ransomware Groups Statistics
BlackCat ransomware group was the most active in Q2 2022, with a 16.9% market share.
(Source: Coveware)
Lockbit 2.0 ransomware group was the second most active group and had a 13.1% market share.
$12.72 million was the most significant total payment in ransom in 2021, and it was received by Conti ransomware gang.
(Source: atlasVPN)
The Conti is highly sophisticated ransomware that not only encrypts data but also threatens to post it online. The group targets hospitals, 911 dispatch carriers, law enforcement agencies, etc.
$12.13 million, the second largest total payment in ransom payment in 2021, was received by REvil/Sodinokibi.
(Source: atlasVPN, Wikipedia)
REvil was a Russian-based ransomware group that targeted mostly large organizations. REvil group was dismantled by the Russian Federal Security Service in January 2022.
Ransomware Attacks by Industries
Media, leisure, and entertainment sectors were the most affected by ransomware attacks in 2021, with a 79% rate of attacks.
(Source: Sophos)
This is 13% higher than the rate of attacks for all sectors combined.
77% of organizations in the retail industry were victimized by ransomware in 2021.
(Source: Sophos)
It’s a huge increase compared with 44% of retail organizations attacked in 2020. Retail became the second most affected industry by ransomware attacks in 2021.
| Industry | Percentage of Organizations Hit by Ransomware, % | Percentage of Organizations Paid Ransom, % | Percentage of Data Restored After Paying Ransom, % | Insurance Ransom Payout Rate, % |
|---|---|---|---|---|
| Media, leisure, entertainment | 79 | 34 | 60.4 | 40 |
| Retail | 77 | 49 | 62.1 | 35 |
| Energy, oil/gas and utilities | 75 | 55 | 61.6 | 44 |
| Distribution and transport | 74 | 48 | 50.0 | 45 |
| Business and professional services | 73 | 45 | 61.4 | 40 |
| Other | 69 | 37 | 64.0 | 45 |
| Healthcare | 66 | 61 | 64.8 | 47 |
| Higher education | 64 | 50 | 60.8 | 36 |
| Construction and property | 63 | 56 | 57.5 | 36 |
| IT, technology and telecoms | 61 | 46 | 61.7 | 37 |
| Central/Federal government | 60 | 35 | 64.4 | 46 |
| Local/state government | 58 | 32 | 59.0 | 49 |
| Lower education | 56 | 45 | 60.4 | 53 |
| Manufacturing and production | 55 | 33 | 59.0 | 30 |
| Financial services | 55 | 52 | 62.8 | 32 |
$447,000 was the average ransomware attack cost in higher education in 2020.
(Source: Bluevoyant)
It is clear that these incidents can be very costly for organizations. As such, it is important f to have a plan in place to protect from these attacks and minimize the impact if an attack does occur.
$18.9 billion was the cost of ransomware attacks that affected government organizations in the US in 2020.
(Source: Comparitech)
Every minute of downtime because of ransomware attacks costs about $8,662 for government organizations in the USA.
Ransomware Attacks by Country
84% of organizations in Austria were hit by ransomware in 2021.
(Source: Sophos)
This was the highest percentage among organizations from other countries participating in the Sophos study. Additionally, that’s a huge increase for Austrian companies compared to 57% of organizations attacked by ransomware in 2020.
58% of organizations from the US experienced ransomware attacks in 2021.
(Source: Sophos)
Ransomware attacks in the US increased by 7% compared with 2020, when 51% of US companies experienced attacks.
Organizations from Japan were the biggest payers of ransomware worldwide in 2021, with an average ransom of $4,327,024.
(Source: Sophos)
The Netherlands had the second-highest average ransom payment of over $2.0 million.
$1.08 million was the average cost to rectify the ransomware attack in the US in 2021.
(Source: Sophos)
That’s a 48% decrease compared to the $2.09 million cost in 2020.
| Country | Percentage of Organizations Hit by Ransomware, % | Encryption Rate in Ransomware Attacks, % | Average Ransom Payment, US$ |
|---|---|---|---|
| Austria | 84 | 75 | $77,867 |
| Australia | 80 | 79 | $226,863 |
| Malaysia | 79 | 64 | $899,933 |
| India | 78 | 80 | $1,198,475 |
| Czech Republic | 77 | 79 | $295,039 |
| Poland | 77 | 78 | $166,828 |
| Hungary | 76 | 78 | $724,470 |
| Belgium | 75 | 60 | $153,200 |
| Mexico | 74 | 57 | $482,446 |
| France | 73 | 74 | $297,011 |
| Nigeria | 71 | 70 | $706,452 |
| Spain | 71 | 73 | $184,906 |
| Netherlands | 69 | 69 | $2,010,366 |
| Sweden | 69 | 64 | $308,071 |
| Philippines | 69 | 58 | $1,617,533 |
| Germany | 67 | 61 | $273,453 |
| Israel | 66 | 67 | $1,347,405 |
| Singapore | 65 | 65 | $1,161,329 |
| Chile | 65 | 65 | $501,593 |
| Colombia | 63 | 54 | $36,764 |
| Japan | 61 | 69 | $4,327,024 |
| Italy | 61 | 63 | $709,746 |
| Switzerland | 60 | 62 | $87,857 |
| Turkey | 60 | 57 | $30,846 |
| UAE | 59 | 46 | $225,338 |
| Canada | 59 | 64 | $123,579 |
| US | 58 | 60 | $129,777 |
| UK | 57 | 57 | $166,828 |
| Saudi Arabia | 56 | 38 | $100,800 |
| Brazil | 55 | 56 | $225,338 |
| South Africa | 51 | 45 | $634,288 |
Ransomware Future Trends
Ransomware attacks will cost US businesses an annual $265 billion by 2031.
(Source: Cybersecurity Ventures)
This is a huge number, which means many businesses will be forced to close their doors due to these attacks. So, companies need to be prepared and take steps to protect themselves.
Every 2 seconds new ransomware attack will happen by 2031.
(Source: Cybersecurity Ventures)
Such predictions could be made due to ransomware attackers gradually improving their skills and malware.
Conclusion
The frequency of ransomware attacks has increased significantly in recent years, and the number of victims continues to grow. Despite the efforts of law enforcement and security experts, these malicious campaigns show no signs of slowing down.
Ransomware attacks can have a devastating effect on individuals and businesses, causing financial losses and disrupting operations. In order to protect yourself from these threats, it is important to be aware of the latest trends and to have a good backup and recovery plan in place.
