Notable Ransomware Statistics and Facts

Aruna Madrekar
Written by
Aruna Madrekar

Updated · Oct 30, 2024

Aruna Madrekar
Edited by
Aruna Madrekar

Editor

Notable Ransomware Statistics and Facts

Introduction

Notable Ransomware Statistics: Even in the year 2024, ransomware is ranked among the most disruptive and expensive types of cybercrime. This is software that keeps people from accessing their gadgets until they pay an amount, and it keeps getting better with time while looking for people to pay or companies.

Data as of 2024 indicated that there was an upward trend in the prevalence and economic losses caused by ransomware attacks throughout the world. Emerged are some notable ransomware statistics to consider in the year 2024.

Editor’ Choice

  • According to notable ransomware statistics, in 2024, the average ransom demand escalated to USD 2.73 advance dollars million, almost one million dollars more than in the previous year.
  • 97% of organisations experienced data breaches in which their data was encrypted, and they managed to retrieve their data.
  • Ransomware costs in the past five years have gone up by 13%, with the cost per incidence being USD 1.85 million, according to the 2023 forecast.
  • On the other hand, companies take, on average, 24 days of downtime after an attack of this nature.
  • The year 2021 saw a massive cryptocurrency ransom imposed on an insurance firm, with USD 40 million as the highest payout recorded in history.
  • The largest ransom ever demanded was, however, USD 70 million.
  • Notable ransomware statistics reveal that Almost 500 million ransomware threats were recorded in 2022, with the United States undertaking 47% of the total attacks in 2023.
  • Interestingly enough, Windows-based executables were involved in 93% of the attacks.
  • Some of these are weaponised emails, RDP, and software vulnerabilities.
  • Moreover, it was found that 59% of the employers support Bring Your Own Devices (BYOD) culture in their organisations, allowing employees to use their personal devices to access company applications.
  • According to the notable ransomware statistics, 80% of businesses that were ransomed paid the ransom and were victims again in a very short time.
  • Only 46% of these businesses managed to get back their information, but most of it was damaged.
  • Consequently, revenue losses were incurred by 60% of organisations, and brand damage was experienced by around 53%.
  • In addition, among cyber insurance holders, 42% of firms indicated that the insured damages were only a fraction of the losses.
  • In 2023, 27% of breaches involving malware can be attributed to ransomware. Victims of these attacks willfully paid more than one billion to ransomware groups.
  • The Clop ransomware attack on MOVEit Transfer is worth mentioning as it revolved around the sensitive information of millions and dozens of organisations.
  • In February 2023, a ransomware attack which crippled its IT systems prompted the City of Oakland, California, to issue a local state of emergency.
  • In another case, many clients of ION Cleared Derivatives experienced a slowdown in financial trading processes after the company was compromised during an attack in January 2023.
  • Notable ransomware statistics show that in 2022, the BlackCat ransomware group attacked Swissport, a prominent global corporation, and stole an estimated 1.6TB of data.
  • Attacks and a state of emergency in Costa Rica due to the hacking of secrets central government systems.
  • The same REvil ransomware as before pushed a third of all ransomware attacks in the world in 2021, as their figures depict.
  • That year, some of the offline businessmen’s problems included the disruption of oil supplies in Eastern USA following a Cyberattack on the colonial pipeline and paying USD 11 million to a ransom hacking group, Revil, by JBS USA meat company.

Ransomware Key Facts

  • Ransomware accounts for about 68 % of the cyber threats reported throughout the world in the year 2022.
  • Notable ransomware statistics indicate that, toward the end of that year, approximately 155 million cases of ransomware attacks were recorded worldwide.
  • By the year 2023, Singapore and Austria recorded the highest number of businesses experiencing ransomware attacks, whereas the United States recorded the highest number of such attacks.
  • In the second quarter of the year 2023, BlackCat and Black Basta took up a big share of the market, with 15.5 % having the latest updates of when the top ransomware attacks were detected.
  • The most used ransomware in 2022 remained the Stop/Djvu Trojan, with more than 16 % of the cases being older than 16 years.
  • This is a Trojan that attacks Windows operating system computers by encrypting its users’ files.
  • The second most reported was the WannaCry Trojan, which is said to have affected 12 % of the users in the world.
  • In recent notable ransomware statistics, the model of doing business referred to as Ransomware as a Service (RaaS) has been developed. This means that adversaries create ransomware and only sell it.
  • Thus, a less skilful group of offenders called affiliates are able to execute their attacks without the aid of the main offender.
  • The past activities of cybercriminals in 2022 reveal that of 1,829 incidents recorded around financial institutions globally, 477 resulted in the breach of confidential data.
  • The second quarter of 2023 also witnessed a decrease in the percentage of organisations that resolved to pay the ransom from 45% in the first quarter to 34%.
  • Nevertheless, the average ransom height of more than 2.5 rose during that time, as there was an inconsiderate rise from around USD 328,000 in the first quarter to approximately USD 740,000 in the second quarter.
  • It is usually argued that the ransomware epidemic began in May 2017 when computers running Microsoft Windows fell prey to WannaCry ransomware.
  • The assailants married this with the use of EternalBlue, which is an exploit which had been created by the US National Security Agency (NSA) to enable it to challenge computers.
  • Around 300,000 hosts were infected with computers.

Annual Number Of Ransomware

Annual Number Of Ransomware Attempts Worldwide From 2017 To 2023(Reference: statista.com)

  • Notable ransomware statistics show that in 2023, there was a total of 317.59 million identified attempts of ransomware across the world.
  • There was a rise in the number of ransomware cases reported between the third and fourth quarters of 2022, estimated at about 102 million and a near reach of 155 million, respectively.
  • Ransomware attacks are mostly directed towards institutions that hold huge volumes of sensitive and valuable information.
  • When under attack, however, many of these institutions tend to give in and pay the ransom to get back their files instead of reporting the incident right away.
  • This is because most of them are very reluctant to inform about the attack due to the losses that would come from reputational risks associated with the loss of data.
  • Ransomware is often aimed at the manufacturing industry as this sector is part of the critical infrastructure.
  • In 2022, for instance, manufacturing industries across the globe suffered 437 attacks, while the food and beverage industry was ranked second, with CISCO reporting more than 50 attacks.
  • The North American continent ranked first in critical infrastructure ransomware attacks, with Europe coming second.
  • In the year 2022, the healthcare and public health authorities in the USA reported to law enforcement more cases of ransomware attacks than any other associations or sectors.
  • Ransomware as a Service, or its abbreviated form, the RaaS system, has been in existence for over ten years.
  • This system entails hackers creating ransomware and selling it to other individuals or syndicates who use it independently to launch attacks.
  • In the whole process, when a hacker designs the RaaS, he is entitled to a share in a ransom paid for services rendered.
  • The first quarter of 2022 saw the emergence of 31 RaaS groups in the world, whereas 19 were recorded by the same period the previous year.

Ransomware Attacks on Organisations by Country

Share Of Organizations Worldwide Hit By Ransomware Attacks From 2022 To 2024, By Country(Reference: statista.com)

  • In an opinion poll of cyber security leaders from different parts of the world, notable ransomware statistics revealed that an average of 59% of organisations globally suffered a ransomware attack between January and February of 2024.
  • The highest rates of ransomware were observed in France, with 74% of firms reporting suffering attacks in the previous 12 months.
  • Countries such as South Africa, Italy, and Austria registered up to 69% of the countries surveyed advanced or attempted ransomware attacks on organisations within their boundaries.

Most Detected Ransomware Worldwide

Ransomware Families Most Frequently Detected Worldwide In 2023(Reference: statista.com)

  • In the year 2023, the most widely identified ransomware globally was StopCrypt, with 4277 counts.
  • LockBit followed in second place with 4206 counts after BlackCat, which was experienced 3857 times.

Total Value Received By Ransomware Attackers

Total Annual Amount Of Money Received By Ransomware Actors Worldwide From 2017 To 2023(Reference: statista.com)

  • Notable ransomware statistics indicate that Ransomware players managed to amass USD 1.1 billion in 2023, which is a rise of more than 140% from USD 457 billion the previous year.
  • This constitutes the highest recorded global activity in ransomware to date as well as the highest amount of payouts recorded since the onset of the coronavirus perk.

Number Of Ransomware Victims

Number Of Ransomware Leak Site Victims Worldwide From 1st Quarter 2021 To 4th Quarter 2023(Reference: statista.com)

  • In terms of victims recorded globally in the ransomware leak sites, by the end of Q4 of the year 2023, there was a recorded increase of 10.4% over the previous quarter, with a total of 1,185.
  • Such attacks exploit weaknesses in systems to block access to vital data, usually holding it hostage and asking for a ransom to release it.

Financial Organizations Hit By Ransomware Attacks

Share Of Financial Organizations Worldwide Hit By Ransomware Attacks From 2021 To 2024(Reference: statista.com)

  • Over the span of three years, from 2021 to 2024, there has been an increase in the number of financial institutions reported to be targeted by ransomware attacks.
  • Notable ransomware statistics reveal that in the year 2021, ransomware attacks were reported by only 34% of financial businesses across the globe. In 2023, this number, however, had almost doubled, rising to 64%.
  • One year later, in 2024, the share increased marginally to 65%, which illustrates the increasing concern that ransomware attacks are causing the financial industry at this time.
  • This persistent increase indicates the likelihood that such institutions are susceptible to these onslaughts owing to the significant amount of critical information they house.

Root Causes Of Ransomware Attacks

Root Causes Of Ransomware Attacks In Organizations Worldwide As Of February 2024(Reference: statista.com)

  • According to notable ransomware statistics in 2024. Of cybersecurity practitioners working in organisations around the world, the survey found that 32% of ransomware attacks were caused by vulnerabilities that were exploited.
  • The next most common successful attack was the compromise of credentials, with malicious email services taking the third position.

By The Healthcare Industry

  • Healthcare spending on breach defences is estimated to reach USD 125 billion from 2020 to 2025. 64.8% of healthcare data, on average, is recovered after paying ransom.
  • In 2023, more than 630 ransomware threats targeted the healthcare sector worldwide.
  • From 2016 to 2021, the rate of cyber attacks involving ransomware on organisations providing healthcare services increased twofold.
  • For the 13th year in a row, the data breach costs incurred in the healthcare sector were still the most and rated on average USD 10.93 million. In 2020, 80 incidents of ransomware were reported targeting 560 healthcare facilities.

By The Education Industry

  • According to notable ransomware statistics, the education industry suffered the most number of ransomware attacks within a year, with 79% of respondents from higher education institutions confirming the attacks.
  • Among those who experienced these attacks, 59% reported huge losses in business and revenue, while approximately 28% reported relatively minor losses.
  • The education industry faced a total of USD 3.65 million worth of data breach costs in 2023, in which the lower education sector spent a median recovery cost of 750,000 dollars.
  • Eighty-four cases of ransomware attacks have taken place as of today, affecting 1,681 higher education institutions since 2020.
  • Furthermore, 66% of grading institutions do not have rudimentary email security settings, and 38% of the US universities examined in the Cybersecurity in Higher Education Report had database ports that were open or unsecured.
  • Among educational institutions, ransomware attacks were mostly due to the exploitation of vulnerabilities at 40% and compromised accounts came in second at 37%.

By The Finance And Insurance Industry

  • In 2023, the banking industry was still a target, leading all sectors in the number of attacks by detected ransomware and losses amounting to USD 5.90 million on average, thanks to the costly remedial measures taken within the particular industry.
  • The supply and financial services sectors observed an upward change in the part of ransomware attacks recorded from 55% in the year 2022 to 64% in the previous year’s figures.
  • In the year 2021, over 204,000 individuals were targeted through attacks aimed at their banking credentials.
  • The main causes behind the crippling ransomware attacks within the finance industry were unpatched systems that were successfully hacked (40%) and the hacking of user accounts (23%).
  • Financial services also recorded the highest increase in data encryption in the span of three years, with 81% of financial institutions claiming to have encrypted their data.
  • KPKT Trojan virus has caused 70 % of all computer assaults directed at the banking industry in the year 2020.

By The Mobile Industry

  • To begin with, more than 90% of the world’s 5.3 billion people use mobile devices, especially smartphones and internet-consuming gadgets.
  • In the first quarter of 2023, 4,948,522 attacks related to mobile malware, adware, and riskware were blocked.
  • China leads the global statistics of mobile malware attacks with a percentage of 17.7, Syria comes second with 15.61%, and Iran comes third with 14.53%.
  • In the year 2022, around 200 thousand mobile banking trojan viruses were registered, which is a 100% increase compared to the previous year and also the highest increase in mobile malware inventions for the past six years.
  • Of all the detected threats to mobile devices, adware posed the greatest risk, at 34.8%. In 2022, worldwide mobile malware attacks comprising RiskTool used 24.05% and adware 24% of the newly identified threats for that year.
  • Finally, trojan attacks comprised an estimated 15.6% of all new mobile malware detected in the time period analysed.
  • In total, over 4,000 mobile threat variants and families are included in the sample database of McAfee, and 50 times more malware is caused by Android devices than iOS.
  • Android represents 47.15% of all mobile devices that have been infected, while iOS represents less than 1%.

Conclusion

Notable ransomware statistics are still a major concern in 2024. The number of attacks has increased considerably, and so has the financial damage they have inflicted. Universal and Embracing cybersecurity investments on the part of organisations become inevitable in order to minimise the risks.

With the average ransom payment being more than USD 1.2 million and downtime costs increasing, the price of being caught off guard can be quite high.

FAQ.

What will the average ransom demand be in 2024, and how does it differ from previous years?

The average ransom demand in 2024 reached a staggering $2.73 million, which is almost $1 million higher than that of 2023. Over the past five years, the cost of ransomware has increased by 13%. The average number of incidents per unit has been projected to be $1.85 million.

How widespread are ransomware attacks in various sectors?

Ransomware attacks have impacted all industries to a great degree. In 2023, 97% of organisations stated they suffered data breaches involving encrypted information. The health sector experienced the worst average cost of a data breach at $10.93 million, whereas the education sector also suffered losses to the extent that 79% of colleges reported facing ransomware attacks.

What are the reasons behind ransomware attacks?

It has been established that these are the primary operating room disorders in 2024, with 32% attributed to attacks leveraging exploits and 23% to attacks through compromised credentials and other methods. Besides, malicious emails have equally been classified as a major contributing factor.

What measures are being put in place by organisations to mitigate the risks associated with ransomware threats?

Organisations are investing heavily in cybersecurity, and particularly, the healthcare sector expects to spend $125 billion on breach defences in the period between 2020 and 2025. In addition, 96% of state and local government organisations have also upgraded their cyber defences in order to secure insurance.

How has the trend of ransomware attacks changed, and what is its economic impact?

Ransomware, as we all know, is a fruitful venture getting out of hand by too many, and as such, $1.1 billion worth of ransom pay was recorded in the year 2023, which is a 140% rise from the previous year. Ransomware as a service (RAAS) has escalated beyond comprehension, recording a total of 317.59 million attempts in 2023, and the number of successful breaches is increasing in proportion, showing the high economic risks posed to organisations by ransomware.

Aruna Madrekar
Aruna Madrekar

Aruna is an editor at Sci-Tech Today with a strong knowledge of SEO. She is skilled at writing and editing articles that are helpful and interesting to readers. Aruna also creates charts and graphs to embed in the articles, making them easier to understand. Her work helps Sci-Tech Today reach a large audience and share valuable information.

More Posts By Aruna Madrekar