Ransomware can derail company operations in a matter of moments. Attackers come in and seize the organization’s digital assets, stating that they’ll only make the data or systems accessible after a ransom has been paid. Organizations in every sector can be potential targets. Government agencies, small businesses, and even regular people are at risk if they’re not careful.
If you’re curious about the world of ransomware attacks or want to know more about how harmful these threats can be, here are 24 must-read ransomware statistics and trends for 2020.
24 Must-Read Ransomware Statistics & Trends
1. The Average Total Cost of a Ransomware Attack is $4.44 Million
While every kind of cyberattack can be costly, ransomware attacks come with one of the bigger price tags. While the average cost of a data breach comes in at $3.86 million, ransomware attacks cost $4.44 million on average.
[Source: IBM]
2. 69% of North American Companies Have Been Affected by Ransomware
Overall, 69% of North American companies – including businesses in the United States, Canada, and Greenland – have been affected by ransomware. That’s the highest rate of any region.
In second place are Latin and South America as well as Africa and the Middle East, both of which come in at 61%. Even the lowest rate region – Asia and Oceania – cross the 50% threshold, coming in at 55%.
[Source: CyberEdge]
3. The Global Cost of Ransomware Will Increase by 74% by 2021
In 2019, the global cost of ransomware was $11.5 billion. By the time we reach 2021, the cost was a shocking $20 billion. That’s a $9.5 billion difference, or a 74% increase, in the total global cost.
[Source: Cybersecurity Ventures]
4. Cybercrime Quadrupled During COVID-19
COVID-19 fundamentally altered the business world, at times in ways that put cybersecurity on the backburner or made people vulnerable to scams. Since the onset of the pandemic, according to the FBI, cybercrime rates quadrupled.
[Source: ZDNet]
5. In 2020, 57.5% of Companies Paid the Ransom Using Anonymous Currency
While there is some debate about whether paying the ransom is a smart move, 57.5% of attacked companies decided it was the way to go. They used anonymous currency options, like Bitcoin, to give the attackers what they requested.
[Source: CyberEdge]
6. Even After Paying, 33.1% of Companies Still Lost Data
Paying isn’t a guaranteed way to get a company’s data back. Of those that did pay, 33.1% still lost data.
[Source: CyberEdge]
7. 85% of Attacks Target Windows Systems
Overall, Windows systems are targeted the most often, coming in at 85%. In second is macOS, which claims just 7%. The remaining targets are mainly mobile, with Android and iOS coming in with 5% and 3%, respectively.
[Source: Safety Detectives]
8. Attacks on Macs More Than Doubled Between 2018 and 2019
macOS was long purported as the safer option from a security perspective. However, ransomware and other malware attacks focused on Macs are on the rise. In 2018, detections came in with an average of 4.8 per device. In 2019, that number went up to 11, and 2020 projections show that the rate is going up even higher, potentially coming in near 14.2 before the year is done.
[Source: Safety Detectives]
9. In 2021, a Business Will Be Targeted with Ransomware Every 11 Seconds
By 2021, a business is going to be attacked with ransomware every 11 seconds. That’s nearly 7,855 attacks a day, or about 2.87 million attacks a year.
[Source: Cybersecurity Ventures]
10. In North America, Government Agencies Are the Primary Target, with 15.4% Saying They Were Attacked
The government sector is targeted more than any other industry in North America, with 15.4% of agencies reporting that they’ve been attacked in the past year. Manufacturing came in second, with 13.9% of companies saying they were targeted. In third is construction, with 13.2%.
[Source: Safety Detectives]
11. Only 4.6% of Financial Companies Report Being Attacked in the Past Year
While financial companies may seem like a great target, they are actually the least attacked industry. Only 4.6% of businesses in that sector report being targeted. It’s possible the low numbers are due to the fact that security regulations are strict in the sector, forcing the implementation of certain best practices.
[Source: Safety Detectives]
12. 28% of SMBs Have No Plan for Mitigating Ransomware Attacks
Even with 46% of small- to mid-sized businesses (SMBs) being victims of ransomware attacks, a full 28% don’t have any plan for mitigating those types of attacks.
[Source: Infrascale]
13. Among SMBs That Have Been Attacked, 73% Paid the Ransom
When an SMB has no defense against a ransomware attack – such as by lacking backups and other mitigation methods – paying the ransom may seem like the only option. That could be why 73% of SMBs ultimately decide to pay.
[Source: Infrascale]
14. A WannaCry Ransomware Attack Cost Britain’s NHS Over $100 million
WannaCry, one of the most devastating ransomware campaigns every, cost Britain’s National Health Service (NHS) caused over $100 million in losses. Some of this was due to system unavailability, while part of the cost resulted from appointment cancelations, hindered operations, and other disruptions caused by the attack.
[Source: Info Security]
15. The Average Initial Ransom Demand from a Ryuk Ransomware Attack Was Over $377,000
Companies hit with a Ryuk Ransomware attack were initially asked to fork over $377,026 on average. Now, this isn’t a reflection of what companies ended up paying (if they paid at all). At times, the attackers’ demands did shift, potentially as they learned more about the financial viability of the company.
[Source: CoveWare]
16. For 2020, Average Digital Ransom Paid Hits $8,100
On average, companies hand over $8,100 in digital ransoms if they choose to pay the attackers. That’s $2,200 more than the average payment in 2019.
[Source: Safety Detectives]
17. 99% of Ransom Payments Are in Bitcoin
Cryptocurrencies are, unsurprisingly, favored by cybercriminals. But bitcoin is the digital currency de jour, being used as payment in 99% of cases. The other 1% goes to privacy coins, like Dash.
[Source: CoveWare]
18. Sodinokibi Is the Most Prevalent Ransomware Attack, Seizing 29.4% Market Share
With a 29.4% market share, Sodinokibi – which is actually ransomware-as-a-service– is the most common form of ransomware attack. Ryuk comes in second with 21.5%, while Phobos is third with 10.7%
[Source: CoveWare]
19. Ryuk and Sodinokibi Detections Are Up 543% and 820%, Respectively
The rise of Ryuk and Sodinokibi is clear when you examine the number of detections. Ryuk has seen detections rise by 543% since Q4 2018, while Sodinokibi detections soared by 820% since its introduction in May 2019.
[Source: Malwarebytes]
20. Last Year, Over 68,000 New Mobile Ransomware Trojans Detected
While many people take computer security seriously, mobile devices usually aren’t treated with the same care, even if they can be targeted. Last year, 68,362 new mobile ransomware trojan installation packages were detected, making an increase of more than 8,000 over the year prior.
[Source: Kaspersky Labs]
21. Chance of Data Being Stolen During Ransomware Attack Goes Above 1-in-10
Ransomware doesn’t always aim to simply keep companies from access data; they may also include the threat of stealing – and even selling – sensitive information. The chance of data theft during a ransomware attack is on the rise, now reaching above 1-in-10 odds.
[Source: EmsiSoft]
22. Attackers Managed to Encrypt Data in 73% of Ransomware Attacks
Encrypting a company’s data allows attackers to prevent the organization from accessing its assets, making it possible to hold the data and systems ransom. In nearly three-out-of-four attacks, the cybercriminals were successful in encrypting the data.
[Source: Sophos]
23. 59% of Attacks with Encrypted Data Involved Public Cloud Data
Keeping data in a public cloud doesn’t necessarily put a company at greater risk, but it doesn’t make it inherently safer either. Of incidents where the attackers manager to encrypt an organization’s data, 59% of the attacks involved data held in public clouds.
[Source: Sophos]
24. Over 90% of Ransomware Attacks Are Preventable
Following cybersecurity best practices can make a difference. Overall, more than 90% of ransomware attacks are preventable, but only if the right security measures are in place.
[Source: Gartner]
Bottom Line
For many, the ransomware statistics and trends above are startling, as well as enlightening. Most people are generally aware of cyber threats, but knowing the details paints the entire scenario in a different light.
Not only do these ransomware statistics show how prevalent the attacks can be, but they also highlight how damaging they are to businesses and individuals. Plus, it shows that, even with all of the knowledge we have today, people still engage in behaviors that put them or their companies at risk.
Ultimately, ransomware is likely to remain a long-term threat. By educating yourself on the signs and risks, as well as emerging ransomware trends, you can potentially protect yourself. Maintain a skeptical eye, and make sure security is always a priority. That way, you won’t find yourself becoming a ransomware victim.