21 Important Ransomware Statistics

Getting to know ransomware statistics is imperative if you’re to protect your business from this ever-present threat. If there’s one thing that ICT managers and cybersecurity teams can agree on, it’s the importance of identifying new threats and implementing countermeasures. Unless you familiarize yourself with key ransomware stats, how can you protect your interests from the latest ransomware attacks? 

As much as it can feel like it’s all you can do to keep your head above water sometimes, a good knowledge of ransomware stats is essential for a proactive approach to cybersecurity. 

As we edge closer to the end of the year, it’s important to take stock of the ransomware statistics of 2019 if we’re to be prepared for the threats 2020 will bring. With that in mind, let’s familiarize ourselves with some scary (but important) ransomware facts and stats.

Top Ransomware Facts (Editor's Pick)

Only have a moment to spare? These terrifying but fascinating facts paint a picture of the state of current ransomware attacks:

  • Ransom malware is behind 56% of overall malware attacks.
  • The average cost of a malware attack on a business is $133,000.
  • Ransomware has cost businesses over $8 billion in 2019.
  • Ransomware costs businesses in excess of $75 billion every year.
  • 75% of businesses infected with ransomware were running up-to-date endpoint protection.
  • The average ransomware payment increased by 184% from Q1 to Q2 this year, increasing average costs from $12,762 to $36,295.
  • Most ransomware payouts are made using Bitcoin.
  • 50% of cybersecurity professionals don’t think that their organizations are adequately prepared to deal with ransomware attacks.
  • Less than a third of businesses that pay their ransoms retrieve all of their money.
  • Ransomware’s minimum global annual revenue is $1 billion.

Sobering stuff to be sure! Let’s dive deeper into some key ransomware stats of 2019 and the past few years to better understand the scope of the issue and prepare ourselves to face tomorrow’s threats.

The Disturbing Rate of Worldwide Ransomware Attacks

Make no mistake; ransomware is more than just an ever-present threat. It’s an ever-evolving threat that continues to impact businesses of all shapes and sizes at an increasingly alarming rate.

Looking at ransomware attacks that have occurred recently, it becomes clear that even if your business has yet to perceive a ransomware attack, you may be on borrowed time. Take a look at these statistics on the disturbing rate of global ransomware attacks.

1. A new business was affected by ransomware every 14 seconds in 2019 and will be every 11 seconds by 2021.

It’s easy to assume that it’ll never happen to you. But this sobering statistic highlights the uncomfortable truth that new businesses are affected by ransomware attacks every day. Within just over a year, it’s expected that a new business will be affected by a ransomware attack nearly every 10 seconds.

Businesses can no longer afford to assume that they will never be among the afflicted.

2. Ransomware from phishing emails increased by 109% between 2017-2019. 

Phishing emails are among the most common methods by which ransomware is introduced into business systems. And with this common threat increasing by over 100% in the past two years, it’s essential to implement staff training to ensure that your team knows a phishing email when they see it. 

3. 1.5 million new phishing sites are created every month.

A phishing site (also referred to as a “spoof site”) looks virtually identical to a legitimate website and is used to capture data that could allow cybercriminals to access important data. As with phishing emails, it’s essential that staff are given sufficient training to help them identify phishing sites, especially if they are masquerading as intranet pages or browser-based applications that employees use as part of their work. 

4. Ransomware attacks have increased by over 97% in the past two years.

That’s a scary increase! The unfortunate truth is that as long as cybercriminals find ransomware attacks profitable, businesses can expect them to become increasingly inventive and commonplace, which is why it’s so imperative that businesses prepare themselves.

5. 34% of businesses affected by ransomware took a week or longer to regain access to their data.

When calculating the cost of ransomware, it’s vital that we remember the operational cost of operating without access to your data. In the case of almost 35% of ransomware victims, it took a week or longer to regain their data, causing them to operate in a diminished capacity or even close their doors.

Ransomware Statistics - security

The Shocking Cost of Ransomware Demands

A ransomware attack is an expensive proposition. Aside from the operational costs of having to operate without data, software, or hardware, there’s also the prospect of the payout itself. Without the right cybersecurity redundancies like Malwarebytes or McAfee Ransomware, not to mention robust cyber insurance, losses incurred could be crippling to your SMB. 

6. The average ransomware demand for 2019 was over $36,000. 

The average ransomware demand for this year is almost three times the average for 2018. This means that businesses must be prepared for the average demand to rise exponentially again in 2020. 

7. Almost 20% of ransomware victims never got their data back.

The sad truth is that even with robust insurance, it can be difficult to return to business as usual after an attack because the effects of ransomware can be far-reaching. According to Kaspersky, 17% of businesses never got their data back even after paying the ransom.

8. Less than a third of organizations who pay their ransom recover all of their lost money.

Even when incorporating proper redundancies and insurance, it can be extremely difficult to fully recover financially from a ransomware attack. Over 66% of businesses never truly recover the cost of an attack, which is why it’s so important to invest in the right antivirus protection and form a proactive cybersecurity strategy.

9. 47% of US businesses have been affected by ransomware.

While ransomware remains a global threat, US-based organizations are among the most commonly affected. In fact, almost half of all US businesses have been affected in one way or another by ransomware. 

Again, if your business has not yet been one of them, you may be on borrowed time.

10. 97% of US-based companies refuse to pay the ransom.

Interestingly, only 3% of American companies actually pay the ransom. In many cases, this has actually been against express FBI ransomware advice. In some cases, this is the result of a lack of backup data. Germany has paid 22% of ransoms, the UK paid 42%, and Canada has paid more than three-quarters of all ransoms (77%).

11. Ransomware downtime costs organizations more than $64,000 on average. 

Even though the average ransomware demand rarely exceeds $50,000, the costs associated often far eclipse the ransom itself. Between downtime and other associated costs, businesses can expect to lose an average of $64,000.

Ransomware Statistics - photo

Ransomware is Still Evolving

Broadly speaking, there are two main ransomware types. There’s the kind that blocks access to your files or data via encryption and those that block out access to computers and devices altogether. But one thing’s for sure, the variants of ransomware are evolving at an alarming pace. 

12. The number of new ransomware variants has increased by 46%.

One of the biggest challenges when developing a comprehensive approach to ransomware is the fact that new families and new variants are always increasing almost by half as we enter the 2020s. Some of the most commonly used among cybercriminals include GandCab, SamSam, Locky, and Crypt XXX.

13. WannaCry is still the world’s most popular ransomware. 

The WannaCry statistics make for some sobering reading. A new variant of this malign software was used recently to send operations at Taiwan Semiconductor Manufacturing Company. To date, WannaCry has infected hundreds of thousands of machines and generated tens of thousands in Bitcoin for its authors. Even two years after its debut, it remains one of the most popular and feared ransomware programs.

Common Ransomware Victims & Targets

14. Almost 50% of ransomware attacks reported in 2018 were from healthcare companies.

It comes as no surprise that hospital ransomware is still big business, accounting for almost half of all ransomware attacks reported last year. 

15. $400,000 was paid by Jackson County, Georgia, after a ransomware attack in 2019.

One of the biggest payouts this year following ransomware attacks in the USA was paid by Jackson County, GA. This latest attack locked the sheriff’s office and a number of other local agencies out of their computer systems. Upon payment of the ransom, all parties thankfully regained access to their data. Nonetheless, this shocking ransomware stat shows that municipalities remain profitable targets.

16. Estimated global ransomware losses for the healthcare industry stand at around $25 billion.

The healthcare industry is one of the biggest known ransomware targets, and it’s easy to see why. Healthcare institutions rely heavily on their computers and digital equipment to save lives and are responsible for huge volumes of patient data. 

17. Healthcare-related malware attacks will likely quadruple by 2020.

As more and more cybercriminals target the healthcare industry with ransomware attacks, this has given rise to the belief among the cybercriminal fraternity that these institutions are more likely to pay out. Whether or not that’s true, healthcare is expected to be bombarded by ransomware attacks well into the next decade.

18. Less than 25% of SMBs report their ransomware attacks.

One of the scariest things about reporting ransomware statistics is the knowledge that there are so many attacks that go unreported. In fact, over three-quarters of SMBs don’t even report attacks. And when this happens, the wider business community can’t learn from the mistakes and vulnerabilities of others.

Ransomware is Going Mobile

19. Ransomware attacks on Mac OS/iOS devices increased by 500%.

According to Datto’s Global State of the Channel Ransomware Report, during the first half of 2018, iOS and Mac devices saw an insane increase in ransomware attacks. As you can see, not even Apple devices are safe.

20. 80% of malware payloads are delivered through a mobile app.

Only 20% of mobile malware attacks were delivered through a mobile browser. That said, when it comes to ransomware on iOS and Android devices, mobile apps are the key point of vulnerability. This is why it’s more important than ever that businesses hold their employees to account when it comes to downloading apps onto company devices.

21. Mobile remains a key point of vulnerability for businesses.

As more and more businesses rely on mobile devices, they no longer need to just protect themselves from ransomware on Mac and PC. In an age where employees bring their mobile devices onto the premises (whether they’re allowed to or not), the need not only for proper cybersecurity software but established BYOD policies and procedures become ever clearer.

Ransomware Predictions for 2020

While time will tell us the total number of ransomware attacks in 2019, it’s fair to say that this year has seen a marked increase on last year. Industries, businesses, and municipalities that have yet to truly grasp the extent of their vulnerability have found themselves victims. What’s more, even organizations with up to date endpoint protection and robust ransomware antivirus software have found themselves exploited.  

These ransomware stats provide a clear roadmap for what organizations need to look out for in the coming year and decade. As the business world becomes more reliant on mobile devices, 5G, and the Internet of Things, these exciting developments lead to challenges as well as opportunities. 

Use these ransomware statistics to formulate and refine your ongoing cybersecurity strategy. Learn from the vulnerabilities in your industry and ensure that you are protected by security software and insurance as well as procedures, policies, and measures for employee accountability.

Don’t let your organization become just another one of next year’s ransomware stats!

Sources: