Ransomware Statistics, Facts, and Trends in 2023

Ransomware has evolved from a buzzword to a menacing reality posing a threat to governments, businesses, and individuals across the globe. Bad actors use malicious software to encrypt victims’ files, render them inaccessible, and demand specific ransom amounts in exchange for a decryption key to unlock the files.

The devastating effects of such attacks are twofold: the potential Loss of valuable data and the financial burden on victims. According to many reports, ransomware attacks have sapped over $2,500 per incident from several businesses. They are poised to extract more money for companies across various industries in the coming years.

So, in this article, we will delve into the alarming statistics and trends surrounding ransomware attacks from 2018 to 2022, shedding light on the magnitude of this growing security concern.

The Escalating Impact of Ransomware

/To better understand the ransomware landscape, we’ve compiled over 50 exciting statistics and facts from 2018 to 2022 and a few predictions for this vast security concern in the present and coming years.

1. The Surging Global Impact of Ransomware Attacks is Overwhelming.

According to Sonicwall’s research, ransomware attacks surged over 100% in 2021. Small-to-midsized businesses faced the highest number of attacks, notwithstanding large enterprises as well, have fallen victim to these attacks, with ransom demands reaching 7 or 8 figures.

(Source: Sonicwall

2. CNA Financial made Headlines in May 2021 When They Paid a Record-breaking $40 Million Ransom.

These staggering figures highlight the immense profitability of ransomware for cybercriminals, who can now collect over $100,000 per attack from individuals, government bodies, and even businesses.

(Sources: Bloomberg, Dark Reading)

The Alarming Targeting of Backup Repositories

According to reports, cybercriminals have increasingly targeted backup repositories with uncountable ransomware attacks. To further confirm, here’s what we found:

3. In 2022, VEEAM Reported That 95% of Ransomware Attacks Strived to Infect Backup Systems.

This emphasizes the importance of securing off-site backups in numerous locations to mitigate the risk of data loss and enable recovery during an attack.

(Source: VEEAM)

Vulnerabilities in Corporate Networks

Besides backup systems, corporate networks were more exposed to ransomware attacks. Positive Technologies’ study in December 2021 revealed an alarming reality:

4. 93% of Corporate Networks are Easily Penetrable by Hackers.

This makes organizations susceptible to ransomware attacks, as hackers can exploit these vulnerabilities to deploy malicious software.

(Source: Positive Technologies)

5. The Need for Robust Cybersecurity Measures is Evident, Yet a Shocking 50% of US Small and Midsize Businesses (SMBs) Lack Any Form of Cybersecurity.

This alarming statistic highlights the urgent need for startups and SMBs to prioritize cybersecurity to safeguard their valuable assets.

(Source: UpCity)

The Costly Consequences of Ransomware

The financial implications of ransomware attacks are substantial, with businesses, governments, and individuals facing significant losses.

6. In 2020, a Travel-management Organization, CWT, Paid $4.5 Million to Hackers Who Held its Sensitive Information for Ransom.

Although this payment represents a considerable sum, it was less than ½ of the attackers’ initial $10 million demand.

(Source: Reuters)

7. The Average Ransom Demand has Skyrocketed, With Cybercriminals Demanding $50 Million from a Leading Computer Organization, Acer, in 2021.

These escalating figures reflect the increasing audacity of attackers and the dire consequences for victims.

(Source: Hindustan Times)

Shifting Targets: Infrastructure Under Siege

In recent years, ransomware attacks have shifted their focus from individuals to larger targets. Check these stats out.

8. According to Reports, Prominent Institutions Like Local Governments, Universities, and Hospitals have Faced Ransomware Attacks.

These institutions hold critical infrastructure and sensitive data, making them prime targets for cybercriminals seeking substantial ransom payouts.

(Sources: AJC, AAMC, NY Times)

9. Despite the FBI’s Strong Advisory Against Paying Ransoms, Thycotic’s 2021 State of Ransomware Report Revealed that Approximately 83% of Victims End Up Paying.

FBI agents attacked by ransomware exploiters had to pay in the end.

(Sources: Thycotic, FBI)

10. The High-profile Bout on Colonial Pipeline in 2021 Exemplifies the Vulnerability of Critical Infrastructure, as a Ransomware Attack Forced the Firm to Append Operations, Leading to Fuel Shortages in Seventeen (17) US States.

Although the firm finally paid the $4.4 million ransom, the consequences of such attacks extend beyond financial losses, impacting public services and national security.

(Source: NY Times)

The Lingering Effects of Ransomware Attacks

Apart from the economic effects of ransomware attacks, these attacks inflict long-lasting damage that goes beyond the initial ransom payment.

11. The Baltimore City Government Experienced a Crippling Ransomware Attack in 2019, Estimated to Cost Over $18 Million to Recover.

Even though the cybercriminal exploiting the malware requested $76,000 worth of BTC (Bitcoin), the attack disrupted vaccine production, hospitals, airports, and ATMs, illustrating the widespread impact of ransomware on various sectors.

(Source: SHRM)

12. The Recovery Process of Ransomware Attacks can be Arduous and Time-consuming, and Paying the Ransom Does not Guarantee the Successful Decryption of Files.

Only 4% of respondents who paid a ransom in 2021 received their data back. Placing trust in cybercriminals often leads to disappointment and further complications.

(Source: Trend Micro)

13. According to Sophos, Entities that Pay a Ransom Rarely Get Back All Their Data.

Globally, 8% of the organizations recovered 100% of their data after paying a ransom. On the other hand, 29% received not more than half of their data, while 65% received an average amount of their data after their ransom payment.

(Source: Sophos)

The Soaring Costs and Painful Damages of Ransomware Attacks

As ransomware attacks increase dramatically, their costs and damages are soaring. In addition to higher ransom demands, cybercriminals are causing more extensive damage than ever. These incidents highlight the dire need for robust cybersecurity measures to prevent and mitigate the impact of ransomware attacks. Here’s what you must know:

14. Ransomware Attacks: Projected Loss Values to Surpass $265 Billion by 2031.

The financial toll of ransomware attacks continues to rise exponentially, with even Ransomware as a Service (Raas) coming into play today. By 2031, loss values are predicted to exceed $265 billion.

(Source: Cybersecurity Ventures)

15. Ransomware Group LAPSUS$ Strikes NVIDIA, Encrypts and Leaks One Terabyte of Proprietary Data.

In 2022, a ransomware group, LAPSUS$, encrypted approximately one terabyte of proprietary information belonging to NVIDIA, releasing the data when the ransom went unpaid.

(Source: The Verge)

16. Multiple Universities in Canada and the United Kingdom Compromised in Blackbaud Cloud Computing Provider Hack.

Universities and educational institutions have also fallen victim to attacks, with over 10 universities in Canada and the United Kingdom being compromised after hackers hacked the frequently-used cloud computing provider for educational institutions, Blackbaud.

(Source: BBC)

17. Blackbaud Pays Ransom Despite Claiming Successful Defense Against Ransomware Attack.

According to The Register, the cloud computing provider Blackbaud paid for its ransomware attack despite asserting it had successfully warded off the attack.

(Source: The Register)

18. Ransomware Attacks Doubled Previous Records in Just One Year.

In 1 year (2020 to 2021), the infections caused by ransomware attacks doubled to their previous records.

(Source: Symantec)

19. Healthcare Providers Fall Victim to Costly Ransomware Attacks in Early 2019.

An impressive number of healthcare providers faced ransomware attacks in early 2019, causing them to pay up to $75,000 and more for encrypted file recovery.

(Source: Health IT Security)

20. Alarming Increase in Ransomware Attacks: FBI’s Latest IC3 Report Reveals Over 3,700 Instances in 2021, Resulting in $49 Million Loss.

The latest IC3 report from the FBI recorded more than 3,700 reported ransomware instances in 2021, with the US accounting for a total of $49 million Loss and some going completely unreported.

(Source: IC3.Gov)

21. JBS Pays $11 Million to Regain Access to Confidential Files, Triggers Massive Shortages.

One of the world’s leading meat suppliers, JBS, paid up to $11 million to access its confidential files. Meanwhile, operations were force-stopped in the process, which caused massive shortages.

(Source: WSJ)

22. Garmin, Hit by Major Breach, Pays $10 Million to Restore GPS Services.

A significant entity in the technology industry, Garmin, experienced a critical breach that led to the prolonged inaccessibility of its GPS services for many days. The firm allegedly paid $10 million to regain control.

(Source: Sky News)

23. Massachusetts Educational Institution Pays in Bitcoin.

A Massachusetts educational institution paid $10,000 worth of Bitcoin in April 2018 after an attack on their data.

(Source: Cyberscoop)

24. Atlanta, Georgia Incurs Over $8 Million in Costs to Recover from Devastating SamSam Attack.

In March 2018, after the severe SamSam attack, Atlanta, Georgia, recorded over $5 million spent on redeveloping its computer network, plus another expenditure of nearly $3 million for hiring crisis managers and emergency consultants.

(Source: Statescoop)

25. Albany County, New York, Hit by Three Consecutive Cyberattacks, Including Christmas Day Ransomware Attack on ACAA.

In late 2019, Albany County, New York, faced 3 consecutive cyberattacks within three weeks, including an attack on the ACAA (Albany County Airport Authority) on Christmas day, leading to a 5-figure ransomware payment.

(Source: Times Union)

Expert Predictions: The Persistence of Ransomware on Businesses and Consumers

Despite increasing awareness, ransomware remains a persistent and ever-evolving threat. Criminals are capitalizing on the profitability of ransomware-as-a-service programs, which require minimal expertise to utilize. These projections underscore the urgent need for enhanced cybersecurity measures and increased focus on training and prevention.

26. The Alarming Rise of Ransomware: Projected $10.5 Trillion Annually by 2025.

Cybersecurity experts predict further growth in ransomware attacks, with Cybersecurity Ventures estimating that ransomware will cost a staggering $10.5 trillion annually by 2025.

(Source: Cybersecurity Ventures)

27. Rapid Escalation.

The frequency of attacks is expected to escalate, with an attack occurring every 2 seconds by 2031.

(Source: Cybersecurity Ventures)

28. Rapid Surge Expected.

According to Check Point, supply-chain attacks will increase dramatically.

(Source: Check Point)

29. Government of the United States Emphasizes Cybersecurity Training in Response to Rising Cyberattacks

Due to the potential growth of cyberattacks, SC Media says that the government of the United States will focus more on cybersecurity training.

(Source: SC Magazine)

30. Trellix Predicts Soaring Ransomware Demands as Attacks Become Highly Refined.

According to Trellix’s 2022 report, ransomware demands surged in 2 years by 3900%, climbing from $5,000 (2018) to $200,000 (2020). As such, Trellix says that as attacks become highly refined, the average ransomware cost will increase more.

(Source: Trellix)

Did You Know?

While ransomware has caused so much financial damage and technically, you should know a few fun facts. They include:

31. The United States Treasury has connected over $5 billion of BTC transactions performed for ransomware payments.

(Source: The Record)

32. Up to 98% of ransomware payments were carried out in Bitcoin, making crypto a primary payment method for ransomware.

(Source: Coveware)

33. 96% of firms that paid for ransomware attacks in 2019 received decoding applications from hackers.

(Source: Coveware)

34. In 2016, victims that paid their ransom were not up to 40%. However, this has climbed to 46% as of 2022.

(Sources: Sophos, Malwarebytes)

35. 65% of officials have received assistance-request from hackers.

(Source: Hitachi-ID)

36. Only 38% of local and state government employees undergo ransomware prevention training.

(Source: IBM)

37. In 2016, companies lost over $75 billion yearly to ransomware attacks.

(Source: Datto)

38. In 2019, many vital services went offline in New York City, Albany, when it faced a ransomware attack.

(Source: CNET)

39. Remediating ransomware attacks cost organizations over $1.4 million.

(Source: Sophos)

40. Symantec discovered that in 2018, companies were responsible for 81% of every ransomware exploit during the year.

(Source: Symantec)

41. Most users discovered other ways of recovering their data without paying their ransom.

(Source: Datto)

Common Sectors Targeted by Ransomware as of Quarter 4 of 2021

Here are the industries and the level of ransomware attacks they face in percentage throughout the 4th quarter of 2021.

42. The media industry faced 1.5%, and Real Estate and Capital Goods met 2.0%. 

43. Retailing faced 3.6%, and Transportation and Food & Staples faced 4.6%.

44. Technology Hardware faced 5.1%, Software Services (5.6%), Financial Services (6.6%), Health Care (7.7%), Materials (9.7%), and Public Sector (10.2%).

45. Consumer Services and Professional Services were the most affected industries recording 12.8% and 20.4% attacks.

(Source: Coveware)

How to Protect from Ransomware: Strategies for Defense

Individuals and organizations must adopt aggressive plans to protect their data and systems to lessen the risk of a ransomware attack. Implementing the following measures can significantly enhance cybersecurity:

Do Regular Backups

Maintain the latest backups of critical data on secure, off-site storage systems to enable recovery during an attack.

Multi-Factor Authentication

Multi-factor authentication adds another layer of security to user accounts and prevents unauthorized access.

Employee Training

Educate employees on the best cybersecurity practices, such as ignoring suspicious downloads, recognizing phishing emails, and using safer internet browsing, such as incognito mode.

Patch Management

Update software and programs regularly to ensure vulnerabilities are resolved quickly and to reduce the chance of thieves exploiting them.

Firewalls and Antivirus Software

Set up reliable antivirus software and robust firewalls to identify and stop hazardous activity and potential threats.

Network Segmentation

Use network segmentation to isolate crucial systems and data and lessen the impact of a ransomware attack.

Incident Response Plan

Develop a comprehensive incident response strategy to ensure a speedy and effective response during a ransomware attack.

Cybersecurity Audits

Conduct regular cybersecurity audits to find weaknesses and openings in existing systems and procedures.

Encryption

Even if a ransomware attack is successful, encrypt sensitive data to stop unauthorized access.

Cyber Insurance

Consider getting cybersecurity insurance for financial security and support after a ransomware attack.

Conclusion

Ransomware is still a growing menace in the digital world, wreaking havoc on individuals, businesses, and governments. The facts and trends mentioned in this article paint a stark picture of ransomware’s growing influence. Individuals and organizations can bolster their defenses against this persistent danger by establishing effective cybersecurity measures, remaining aware, and being prepared for possible assaults.

FAQs