How Many Ransomware Attacks in 2023? (Statistics and Trends)

In the first half of 2022, 236.1 million ransomware attacks happened worldwide.

The number of cases of ransomware attacks reached 129.9 million in the first quarter of 2022. In the second quarter, this number decreased significantly and reached 106.2 million.

Let’s look at how the number of ransomware attacks changed over the years.

The Number of Ransomware Attacks in 2016 – 2022 (First Half)

Year Number of Ransomware attacks, millions
2016 638
2017 183.6
2018 206.4
2019 187.9
2020 304.6
2021 623.3
2022 (First Half) 236.1

623.3 million ransomware attacks happened in 2021, nearly double that in 2020.

(Source: Statista)

More people have started working from home due to the pandemic, which makes them more vulnerable to attacks. Additionally, cybercriminals are becoming more sophisticated and efficient in their attacks.

In the second quarter of 2021, 188.9 million ransomware attacks happened, compared to 106.2 million attacks in the second quarter of 2022.

(Source: Statista)

The final number of ransomware attacks in 2022 and 2023 is up to see yet. But in the second quarter of 2022, ransomware attacks decreased rapidly compared to the second quarter of 2021.

How Many Ransomware Attacks Are There Per Day?

According to the FBI, more than 4000 ransomware attacks happen daily.

(Source: FBI)

It is a 300% increase compared to 1000 ransomware attacks in 2015. In the coming years, the rise in ransomware attacks could be even higher if people don’t make prevention efforts.

Businesses Ransomware Attacks Statistics

According to Statista, 71% of businesses experienced ransomware attacks in 2022.

(Source: Statista, CyberEdge)

This research included 1,200 respondents from organizations with more than 500 employees and representing 17 countries across the globe. According to this research, the number of ransomware attacks is increasing yearly. This year is the highest number for the previous five years.

Percentage of Businesses Affected By Ransomware Attacks Worldwide (2018-2022)

Year Percentage of Businesses Affected by Ransomware, %
2018 55.1
2019 56.1
2020 62.4
2021 68.5
2022 71

According to Sophos’ research, 66% of organizations were attacked by ransomware in 2021, compared with 37% in 2020.

(Source: Sophos)

The research was done by Sophos and included 5,600 respondents from mid-sized organizations with a wide range of sectors across 31 countries. This survey shows that the percentage of organizations suffering from ransomware attacks has grown rapidly due to one year.

In 2021 65% of victims said ransomware gangs successfully encrypted their data.

(Source: Sophos)

In 4% of cases, data wasn’t encrypted by cybercriminals, but attackers were asking for ransom. Some attackers not encrypting files but steal the data and threaten to publish it if ransom won’t be paid.

Organizations with 5,000 – 25,000 employees are the “sweet spots” for ransomware attacks.

(Source: CyberEdge)

Firstly, organizations of such size have enough money to pay the high ransom. Secondly, such organizations don’t have a large impact on local economies, so there is less risk of getting attention from national governments or law enforcement agencies.

19% of US organizations reported that ransomware was the cause of the cyberattack.

(Source: UpCity)

Before the COVID-19 pandemic, ransomware was responsible for 15% of all cyberattacks in the US.

48% of organizations affected by ransomware reported that their sites were down between 8 and 24 hours.

(Source: UpCity)

The downtime caused by ransomware can lead to many negative consequences for businesses, including lost productivity and revenue and damage to their reputation. In addition, the costs associated with recovery can be significant.

50% of SMBs in the US already have a cybersecurity plan.

(Source: UpCity)

30% of US SMBs have thought of creating a cybersecurity plan in 2022. Rare small businesses can financially or operationally recover from ransomware attacks. So having a cybersecurity strategy in place can be very helpful.

Ransomware Attacks Cost and Payment Statistics

$812,360 was the average ransom paid by mid-sized organizations in 2021, compared to $170,404 in 2020.

(Source: Sophos)

That’s almost 5 times increase just for one year. Attackers are taking advantage of the fact that organizations need their data and are willing to pay anything to get it back.

11% of companies paid $ 1 million or more ransom in 2021.

(Source: Sophos)

21% of organizations paid less than $10,000 in ransom in 2021. The organization’s size often determines how much ransom is paid, with larger organizations generally paying more. In addition, the type of organization can also affect the ransom amount, with healthcare and educational organizations often being targeted for higher ransom payments.

$1.4 million was the average cost to fix the influence of ransomware attacks on the business in 2021.

(Source: Sophos)

This includes paid ransom, downtime, people time, lost opportunities, network cost, etc. In 2020 the ransomware attack cost $1.85 million on average.

$159.4 billion is the cost of ransomware attacks in downtime in the USA in 2021.

(Source: Comparitech)

This is a huge cost! Ransomware attacks can cause a lot of damage and downtime.

88% of organizations that already experience ransomware attacks will choose to pay the ransom if they get attacked again.

(Source: Kaspersky)

Compared to this data, only 67% of organizations that weren’t attacked by ransomware before would choose to pay ransom in case of attack.

62.9% of organizations attacked by ransomware gangs paid a ransom in 2022.

(Source: CyberEdge)

This is a 5.2% increase compared to the 57.7% of organizations that paid a ransom in 2020.

Year Percent of Attacked Organizations Paid Ransomware, %
2019 45.0
2020 57.7
2021 57.0
2022 62.9

72% of organizations recovered their data after paying the ransom.

(Source: CyberEdge)

This is a 5.4% increase compared to 2020, when 66.8% of payers received their data back. That’s why more victimized companies choose to pay a ransom.

Ransomware Groups Statistics

BlackCat ransomware group was the most active in Q2 2022, with a 16.9% market share.

(Source: Coveware)

Lockbit 2.0 ransomware group was the second most active group and had a 13.1% market share.

$12.72 million was the most significant total payment in ransom in 2021, and it was received by Conti ransomware gang.

(Source: atlasVPN)

The Conti is highly sophisticated ransomware that not only encrypts data but also threatens to post it online. The group targets hospitals, 911 dispatch carriers, law enforcement agencies, etc.

$12.13 million, the second largest total payment in ransom payment in 2021, was received by REvil/Sodinokibi.

(Source: atlasVPN, Wikipedia)

REvil was a Russian-based ransomware group that targeted mostly large organizations. REvil group was dismantled by the Russian Federal Security Service in January 2022.

Ransomware Attacks by Industries

Media, leisure, and entertainment sectors were the most affected by ransomware attacks in 2021, with a 79% rate of attacks.

(Source: Sophos)

This is 13% higher than the rate of attacks for all sectors combined.

77% of organizations in the retail industry were victimized by ransomware in 2021.

(Source: Sophos)

It’s a huge increase compared with 44% of retail organizations attacked in 2020. Retail became the second most affected industry by ransomware attacks in 2021.

Industry Percentage of Organizations Hit by Ransomware, % Percentage of Organizations Paid Ransom, % Percentage of Data Restored After Paying Ransom, % Insurance Ransom Payout Rate, %
Media, leisure, entertainment 79 34 60.4 40
Retail 77 49 62.1 35
Energy, oil/gas and utilities 75 55 61.6 44
Distribution and transport 74 48 50.0 45
Business and professional services 73 45 61.4 40
Other 69 37 64.0 45
Healthcare 66 61 64.8 47
Higher education 64 50 60.8 36
Construction and property 63 56 57.5 36
IT, technology and telecoms 61 46 61.7 37
Central/Federal government 60 35 64.4 46
Local/state government 58 32 59.0 49
Lower education 56 45 60.4 53
Manufacturing and production 55 33 59.0 30
Financial services 55 52 62.8 32

$447,000 was the average ransomware attack cost in higher education in 2020.

(Source: Bluevoyant)

It is clear that these incidents can be very costly for organizations. As such, it is important f to have a plan in place to protect from these attacks and minimize the impact if an attack does occur.

$18.9 billion was the cost of ransomware attacks that affected government organizations in the US in 2020.

(Source: Comparitech)

Every minute of downtime because of ransomware attacks costs about $8,662 for government organizations in the USA.

Ransomware Attacks by Country

84% of organizations in Austria were hit by ransomware in 2021.

(Source: Sophos)

This was the highest percentage among organizations from other countries participating in the Sophos study. Additionally, that’s a huge increase for Austrian companies compared to 57% of organizations attacked by ransomware in 2020.

58% of organizations from the US experienced ransomware attacks in 2021.

(Source: Sophos)

Ransomware attacks in the US increased by 7% compared with 2020, when 51% of US companies experienced attacks.

Organizations from Japan were the biggest payers of ransomware worldwide in 2021, with an average ransom of $4,327,024.

(Source: Sophos)

The Netherlands had the second-highest average ransom payment of over $2.0 million.

$1.08 million was the average cost to rectify the ransomware attack in the US in 2021.

(Source: Sophos)

That’s a 48% decrease compared to the $2.09 million cost in 2020.

Country Percentage of Organizations Hit by Ransomware, % Encryption Rate in Ransomware Attacks, % Average Ransom Payment, US$
Austria 84 75 $77,867
Australia 80 79 $226,863
Malaysia 79 64 $899,933
India 78 80 $1,198,475
Czech Republic 77 79 $295,039
Poland 77 78 $166,828
Hungary 76 78 $724,470
Belgium 75 60 $153,200
Mexico 74 57 $482,446
France 73 74 $297,011
Nigeria 71 70 $706,452
Spain 71 73 $184,906
Netherlands 69 69 $2,010,366
Sweden 69 64 $308,071
Philippines 69 58 $1,617,533
Germany 67 61 $273,453
Israel 66 67 $1,347,405
Singapore 65 65 $1,161,329
Chile 65 65 $501,593
Colombia 63 54 $36,764
Japan 61 69 $4,327,024
Italy 61 63 $709,746
Switzerland 60 62 $87,857
Turkey 60 57 $30,846
UAE 59 46 $225,338
Canada 59 64 $123,579
US 58 60 $129,777
UK 57 57 $166,828
Saudi Arabia 56 38 $100,800
Brazil 55 56 $225,338
South Africa 51 45 $634,288

Ransomware Future Trends

Ransomware attacks will cost US businesses an annual $265 billion by 2031.

(Source: Cybersecurity Ventures)

This is a huge number, which means many businesses will be forced to close their doors due to these attacks. So, companies need to be prepared and take steps to protect themselves.

Every 2 seconds new ransomware attack will happen by 2031.

(Source: Cybersecurity Ventures)

Such predictions could be made due to ransomware attackers gradually improving their skills and malware.


The frequency of ransomware attacks has increased significantly in recent years, and the number of victims continues to grow. Despite the efforts of law enforcement and security experts, these malicious campaigns show no signs of slowing down.

Ransomware attacks can have a devastating effect on individuals and businesses, causing financial losses and disrupting operations. In order to protect yourself from these threats, it is important to be aware of the latest trends and to have a good backup and recovery plan in place.


Scroll to Top