Ransomware Statistics By Industry, Root Cause, Revenue and Economic Impact

Introduction

Ransomware Statistics: Ransomware is a type of harmful software (malware) that can lock, steal, or misuse sensitive information. As the name suggests, the hacker demands payment (ransom) in exchange for unlocking the data. Even with all the efforts to keep systems secure, ransomware attacks still happen.

In 2021, more than 2,000 devices were affected by these attacks. This overview will give you the latest Ransomware facts, trends, and Ransomware Statistics, helping you understand how common it is and why it’s important to protect yourself. We’ll also share tips on how to stay safe. Let’s get started!

Editor’s Choice

• In 2023, victims paid more than $1.5 billion to people who hack after ransomware attacks.
• In February 2023, the City of Oakland, California, declared a state of emergency after a ransomware attack forced them to shut down their IT systems.
• In January 2023, ION Cleared Derivatives was hit by a ransomware attack that took their systems offline. This company helps financial firms automate trades, but the attack forced them to process trades manually, as per Ransomware Statistics.
• In 2022, the BlackCat ransomware group stole about 1.6TB of sensitive data from Swissport, a company with billions in revenue.
• In 2023, the Costa Rican government was targeted by multiple ransomware attacks, which led to a national emergency as their important systems were shut down.
• The REvil ransomware group was behind around 37% of all ransomware attacks in 2023.
• In May 2021, Colonial Pipeline was attacked, which disrupted oil supplies across the eastern U.S.
• In June 2021, JBS USA, a major meat supplier, was attacked by ransomware, which affected its meat packaging operations. The company paid the REvil group $11 million in ransom.

You May Also Like To Read

• Augmented Reality Statistics
• Metaverse Statistics
• Virtual Reality Statistics
• Quantum Computing Statistics
• Biometrics Statistics
• Ransomware Statistics
• Robocalls Statistics
• Data Breach Statistics
• Laptop Statistics
• Desktops Statistics
• Smartphone Statistics
• VoIP Statistics

What Is Ransomware?

Ransomware is a type of harmful software (malware) that takes control of a victim’s sensitive information or device, threatening to lock it or cause other damage unless the victim pays money to the hacker.

In earlier ransomware attacks, the hacker would demand payment in exchange for the key to unlock the data or device. By backing up data regularly, businesses could reduce the impact of these attacks and avoid paying the ransom.

However, ransomware attacks have become more advanced in recent years. Now, they often involve double-extortion and triple-extortion tactics, making the situation more dangerous for victims.

• Double extortion occurs when the hacker demands money and threatens to steal and release the victim’s data online.
• Triple extortion goes further by threatening to use the stolen data to harm the victim’s customers or business partners.

These new strategies make it harder for victims to protect themselves, even if they have backups or pay the ransom.

Types of Ransomware

Ransomware attacks are becoming more common and complicated. Here are some of the most common types:

• Scareware: This type shows a fake warning on your computer, saying it found malware. It usually pretends to be antivirus software and asks you to pay to fix a problem that doesn’t even exist. While it may not seem very dangerous, it can still cause a lot of stress and money loss. Always check the validity of security alerts and use trusted antivirus software.
• Screen Lockers: These programs lock you out of your computer, making it impossible to use your files. The screen displays a message asking for payment to unlock your system. Screen lockers can make your whole computer unusable, so it’s important to back up your data and know how to restart your computer to get around the lock safely.
• Encrypting Ransomware (also called Crypto-Ransomware): This type locks your files by encrypting them and demands payment to get a decryption key to unlock them. It can be very damaging since it makes your files inaccessible. Regularly back up your data and use strong security measures to protect yourself from this type of ransomware.
• DDoS Extortion: This ransomware threatens to launch a Distributed Denial of Service (DDoS) attack on your website or network unless you pay the ransom. DDoS extortion can cause serious problems, especially for businesses that rely on their online presence. To protect against it, use DDoS protection and have a solid response plan in place.
• Mobile Ransomware: This type targets your smartphone or tablet and asks for money to unlock the device or decrypt data. As mobile devices are used more for personal and business purposes, this threat is growing. To protect yourself, keep your mobile device’s operating system updated and be careful about downloading apps.
• Doxware (also called Leakware): Doxware is a more advanced form of ransomware that threatens to release sensitive or private information unless a ransom is paid. It can damage your reputation or invade your privacy. To protect yourself, keep your data safe and avoid storing sensitive info online.
• Ransomware-as-a-Service (RaaS): In this model, cybercriminals provide ransomware tools to other hackers or attackers, who then use them to target victims. RaaS makes it easier for criminals to launch attacks, similar to how a legitimate software service works. They also provide support and updates to service users.

These are just a few examples of the common types of ransomware. As cybercriminals improve their methods, they find new ways to exploit weaknesses and break into systems.

General Ransomware Statistics

• The average ransom in 2024 is $2.73 million, which is almost $1 million more than in 2023 (Sophos).
• Ransomware Statistics stated that almost 97% of organizations that had their data encrypted were able to recover it (Sophos).
• Ransomware attacks have increased by 13% over the past five years, with an average cost of $1.85 million per attack in 2023 (Astra).
• After a ransomware attack, the average downtime for a business is 24 days (Statista).
• The largest ransom payment in 2021 was $40 million, which was the highest recorded so far (Business Insider). The highest ransom demand ever was $70 million (NetApp).
• In 2022, nearly half a billion ransomware attacks were detected globally.
• The U.S. had the most ransomware attacks in 2023, making up 47% of all attacks.
• Ransomware Statistics stated that almost 93% of ransomware attacks are done using Windows-based programs.

(Reference: checkpoint.com)

• Hackers most commonly use email phishing, RDP weaknesses, and software flaws to carry out ransomware attacks.
• 59% of businesses let their employees access work apps on personal devices that the company does not control.
• A survey of 1,263 companies found that 80% of victims who paid a ransom were attacked again soon after. 46% of them were able to get their data back, but much of it was corrupted.
• 60% of companies said they lost revenue, and 53% said their brand reputation was damaged after an attack.
• 42% of businesses with cyber insurance said the insurance only covered part of the damage caused by ransomware.
• Ransomware Statistics stated that almost 27% of malware breaches in 2023 involved ransomware.

You May Also Like To Read

• iPhone Vs. Android Statistics
• Google Pixel Smartphones Statistics
• iPhone vs Android Users Statistics
• Mesh Wi-Fi System Statistics
• Robots Statistics
• Western Digital Statistics
• Cloud Gaming Service Statistics
• Virtual Reality Headset Statistics
• AI in Robotics Statistics
• 3D Printers Statistics
• Smart City Statistics
• 3D Printing Statistics

Ransomware Attacks By Industries Statistics

• In 2023, schools and universities had the most malware attacks, but the number dropped by 3%.
• Between 2022 and 2024, educational institutions paid an average ransom of $6.6 million.
• Surprisingly, 67% of colleges and universities paid more than the amount originally asked for in 2023.
• Blackfog found that in 2022, ransomware attacks affected the education, government, and healthcare sectors most.
• Nearly all organizations (99%) that experienced an identity-related breach saw their business directly impacted.
• According to Unit 42, the manufacturing sector was the most affected by ransomware in 2023.
• Although ransomware hit companies in over 120 countries, the U.S. was the biggest target, with 47% of attacks affecting U.S.-based companies.
• Mid-sized companies were the most targeted, with 65% reporting a ransomware attack in the past year.

(Reference: cxotoday.com)

• Ransomware Statistics stated that only 7% of organizations planned to significantly increase their spending on ransomware protection in the next year.
• In 2024, the healthcare sector experienced a 7% rise in ransomware attacks compared to the previous year.
• Malware attacks on the healthcare industry grew by 20% in 2024.
• The rate of ransomware attacks on healthcare organizations went up from 60% in 2023 to 67% in 2024.
• Healthcare was one of the most attacked sectors in 2023.
• Ransomware continues to be a major issue in IT, with Gartner predicting a 3.5% rise in global IT budgets for 2024.
• In 2023, 39% of healthcare organizations paid more than the ransom amount initially asked for.
• 52% of companies faced major disruptions in their systems and operations because of ransomware attacks.
• Ransomware Statistics stated that almost 82% of data breaches involved cloud-based data, and ransomware was a leading cause.
• 34% of government organizations reported ransomware attacks in 2023, according to Sophos.
• This shows a big increase, as malware attacks on government entities rose by 38% since 2019, according to SonicWall.

(Reference: statista.com)

• According to Sophos, the government sector will experience the highest attack rate in 2024, with 68% of attacks targeting central and federal government organizations.
• Even in the distribution and transport sector, where ransomware attacks were less common, 82% of organizations targeted said attackers tried to access their backups.
• Bitcoin is used in around 98% of ransomware payments, but it’s becoming easier to trace. This is leading cybercriminals to consider using privacy-focused cryptocurrencies like Monero.

Ransomware Attacks Root Cause Statistics

(Reference: thesslstore.com)

Revenue And Economic Impact Of Ransomware Statistics

• Ransomware Statistics stated that almost 94% of people said their company would pay a ransom to get their data back and resume business. 5% said they might pay, depending on how much the ransom is.
• About 67% of businesses would pay more than $3 million to recover their data, and 35% would pay over $5 million.
• The largest ransom payments in 2023 ranged from $25,000 to $99,999, making up 44% of all ransom payments.

(Source: chainalysis.com)

• The average cost of a data breach in 2023 reached a record high of $4.45 million.
• For smaller companies with fewer than 500 employees, the average cost of a data breach increased from $2.92 million to $3.31 million, which is a 13.4% rise.
• While 91% of companies have budgets set aside for ransomware, only 61% actually use those funds after an attack, possibly because of tighter financial conditions.
• In 2023, total ransomware payments exceeded $1 billion.
• In the second quarter of 2023, 34% of companies hit by ransomware paid the ransom, a decrease from 45% in the previous quarter.
• Around 33% of companies said they would decide whether to pay the ransom on a case-by-case basis.

(Source: chainalysis.com)

• By the fourth quarter of 2023, only 29% of companies that were victims of ransomware paid the ransom, the lowest rate ever.
• Ransomware Statistics stated that almost 38 companies plan to keep their current spending on ransomware protection.
• 80% of businesses that paid a ransom suffered another ransomware attack. Additionally, 68% of companies had another attack within just one month of paying.
• In the second quarter of 2023, the average ransom paid increased from about $328,000 in the first quarter to more than $740,000, more than double.
• In the first half of 2023, ransomware extortion reached $176 million more than the total for 2022.

(Reference: chainalysis.com)

• Due to its anonymity, ransomware payments are often made using cryptocurrency. Chainalysis found that more than $602 million in ransomware payments were made with cryptocurrencies.
• LockBit saw a 3.5% increase in ransomware attacks, while BlackCat saw a significant increase of 5.4%.
• The average ransom demand in 2023 rose to $1.54 million, nearly double the amount in 2022.

Future Predictions Of Ransomware Statistics

Ransomware is rapidly changing and will continue to affect all industries in 2024 and beyond. Here are some important predictions and trends:

(Source: pandasecurity.com)

• By 2025, 60% of companies, investors, and venture capitalists will consider cybersecurity risks when evaluating new business opportunities.
• By 2025, 30% of countries will pass laws to control ransomware payments and negotiations.
• By 2025, 40% of company boards will have a cybersecurity committee, as protecting against cyber threats becomes a major priority.
• By 2025, 70% of CEOs will invest in building a cyber-resilient culture within their organizations.
• Hackers are expected to use IoT (Internet of Things) devices more frequently to carry out ransomware attacks starting in 2023 and beyond.
• The corporate web security industry has grown steadily since 2016 and is expected to reach nearly $8 billion by 2025.

Regional Ransomware Statistics

(Source: nordlocker.com)

• In the above chart, we can see the regional impact of ransomware throughout the globe.
• In 2021, there were 304.7 million ransomware attacks around the world.
• The U.S. had the highest number of ransomware attacks in 2023.
• The U.K. had the second-highest number of ransomware attacks in 2023. (SonicWall, 2021)
• The average ransom payment in the U.S. in 2022 was over $6.3 million.
• Ransomware attacks in Europe grew by 234% in 2022.
• North America saw a 180% rise in ransomware attacks in.2023, as per Ransomware Statistics.
• The U.K. saw a 144% increase in ransomware attacks in 2022.
• Asia had a 59% increase in ransomware attacks in 2022.
• India experienced almost 4 million ransomware attacks in 2023.

You May Also Like To Read

• Network Attached Storage (NAS) Statistics
• Hacking Statistics
• Augmented Reality Glasses Statistics
• Virtual Reality Treadmill Statistics
• Uninterruptible Power Supply Devices (UPS) Statistics
• Social Engineering Statistics
• Podcast Statistics

Impact of Ransomware Statistics

• The total global cost of ransomware is expected to exceed $30 billion in 2023.
• For large companies in 2022, the average cost of a ransomware attack was $4.54 million.
• In 2023, the average cost to recover from ransomware for smaller companies with yearly earnings under $10 million will be $205,400.
• In 2023, 84% of private sector organizations affected by ransomware reported losing revenue.
• The education sector (94%) and the construction sector (93%) were the most likely to report revenue or business losses because of ransomware attacks.

(Reference: stationx.net)

• Ransomware Statistics stated that almost 64% of businesses now have some cyber insurance.
• Barracuda Networks found that 77% of companies with cyber insurance faced at least one ransomware attack, compared to 65% of companies without insurance. Attackers might target insured companies, assuming they are more likely to pay the ransom.

(Reference: stationx.com)

• When a business decides to pay the ransom, the payment usually covers around 15% of the total cost of the attack. The remaining costs include incident reports, system recovery, legal fees, monitoring, and the overall business disruption.
• In 40% of cases, businesses that experience a ransomware attack end up laying off workers.

(Reference: stationx.net)

• 39% of companies take up to a week to fully recover from a ransomware attack.
• According to research by Sophos, organizations that use backups to restore their data bounce back from a ransomware attack faster than those who pay the ransom.

Conclusion

The general advice from law enforcement is to avoid paying the ransom when dealing with ransomware. Ransomware Statistics show that fewer people are paying, which suggests that more organizations are focusing on cybersecurity and using backups and recovery plans instead of giving money to attackers.

However, after a quieter year in 2023, ransomware attacks are increasing again. Advances in self-spreading scripts make it easier for cybercriminals to access and steal sensitive data, creating more ways to extort victims. In short, ransomware attacks will likely continue to be a major threat in the future.

Barry Elad

Barry Elad is a tech enthusiast passionate about exploring various technology topics. He collects key statistics and facts to make tech easier to understand. Barry focuses on software and its benefits for everyday life. In his free time, he enjoys creating healthy recipes, practicing yoga, meditating, and walking in nature with his child. Barry's mission is to simplify complex tech information for everyone.

More Posts By Barry Elad

5G Chipset Statistics and Facts (2025)

Smart Glasses Statistics By Region, Technology, Users and Facts

Smartphone Battery Life Statistics and Facts (2025)

Kik Statistics And Facts (2025)

Twitter User Statistics By Gender, Age, Region, Habits, Emojis and Facts

Social Media User Statistics and Facts (2025)

(Bring Your Own Device) BYOD Statistics By Security, Work, Adoption, Benefits and Facts

Facebook Advertising Statistics By Revenue, Costing, Campaign Objectives, Performance and Facts

Smartphone Screen Protector Statistics and Facts (2025)

Kickstarter Statistics and Facts (2025)