In 2023, organizations all around the world detected 317.59 million ransomware attempts. Overall, this number decreased significantly between the third and fourth quarters of 2022, going from around 102 million to nearly 155 million cases, respectively. Ransomware attacks usually target organizations that collect large amounts of data and are critically important. In case of an attack, these organizations prefer paying the ransom to restore stolen data rather than to report the attack immediately. The incidents of data loss also damage companies’ reputation, which is one of the reasons why ransomware attacks are not reported. Most targeted industries and regions As a part of critical infrastructure, the manufacturing industry is usually targeted by ransomware attacks. In 2022, manufacturing organizations worldwide saw 437 such attacks. The food and beverage industry ranked second, with over 50 ransomware attacks. By the share of ransomware attacks on critical infrastructure, North America ranked first among other worldwide regions, followed by Europe. Healthcare and public health sector organizations filed the highest number of complaints to the U.S. law enforcement in 2022 about ransomware attacks. Ransomware as a service (RaaS) The Ransomware as a Service (RaaS) business model has existed for over a decade. The model involves hackers and affiliates. Hackers develop ransomware attack models and sell them to affiliates. The latter then use them independently to attack targets. According to the business model, the hacker who created the RaaS receives a service fee per collected ransom. In the first quarter of 2022, there were 31 Ransomware as a Service (RaaS) extortion groups worldwide, compared to the 19 such groups in the same quarter of 2021.

In 2023, the worldwide number of malware attacks reached 6.06 billion, an increase of 10 percent compared to the preceding year. In recent years, the highest number of malware attacks was detected in 2018, when 10.5 billion such attacks were reported across the globe. Malware attacks worldwide In 2022, worm malware was blocked over 205 million times. Another common malware type during that period, Emotet, primarily targeted the Asia-Pacific region. Overall, websites are the most common vector for malware attacks and recent industry data found that malware attacks were frequently received via exe files. Most targeted industries In 2022, the education sector was heavily targeted by malware, encountering 2,314 weekly attacks on average. Government and military organizations ranked second, followed by the healthcare units. Overall, in 2022, the education sector saw over five million malware attacks in the examined year.

These latest ransomware statistics show how much damage is caused by attacks and the emerging trends you need to be aware of.

On average, 37% of organisations globally were victims of a ransomware attack between January and February 2021. The top 15 countries that were affected the most were...

As of 2023, over 72 percent of businesses worldwide were affected by ransomware attacks. This figure represents an increase on the previous five years and was by far the highest figure reported. Overall, since 2018, more than half of the total survey respondents each year stated that their organizations had been victimized by ransomware. Most targeted industries
In 2023, the healthcare industry in the United States was once again most targeted by ransomware attacks. This industry also suffers most data breaches as a consequence of cyberattacks. The critical manufacturing industry ranked second by the number of ransomware attacks, followed by the government facilities industry. Ransomware in the manufacturing industry
The manufacturing industry, along with its subindustries, is constantly targeted by ransomware attacks, causing data loss, business disruptions, and reputational damage. Often, such cyberattacks are international and have a political intent. In 2023, compromised credentials were the leading cause of ransomware attacks in the manufacturing industry.

Here are the most important ransomware statistics you need to know about the attacks, demands, payments and consequences that can occur.

From 2021 to 2024, the share of financial institutions worldwide experiencing ransomware attacks has increased significantly. In 2024, roughly 65 percent of financial organizations worldwide reported experiencing a ransomware attack, compared to 64 percent in 2023 and 34 percent in 2021.

While every industry is affected by ransomware attacks, the truth is that some industries are more susceptible than others. This is the full breakdown of the top 15 sectors most targeted by malware.

On average, 59 percent of organizations worldwide were victims of a ransomware attack between January and February 2024, according to a survey conducted among cybersecurity leaders of worldwide organizations. France ranked first by the ransomware rate in companies, with 74 percent reporting having encountered such an attack in the last 12 months. Companies in South Africa, Italy, and Austria followed, with up to 69 percent of the organizations experiencing ransomware attacks.

The following ransomware statistics detail which industries get attacked the most and which countries are most likely to be targeted.

Different types of ransomware are more common than others and more likely to affect your cybersecurity. The top 5 most common types of ransomware strains are...

A 2024 survey of cybersecurity professionals of organizations worldwide revealed that 32 percent of the organizations suffered ransomware attacks because of exploited vulnerabilities. Credential compromise was the second-most common cause of successful ransomware attacks, while malicious e-mail ranked third.

The main goal of any ransomware attacker is to hold people to ransom by not releasing their data until they get paid. But is it actually a good idea to pay the ransom? Here’s what the ransomware statistics tell us about organisations that paid up.

In 2023, manufacturing was the industry most targeted by ransomware attacks. Companies in this sector saw 638 ransomware attacks in the examined year. The industrial control systems sector ranked second, with 115 incidents. Organizations in the transportation sector were the next-most targeted, seeing 65 ransomware attacks in the measured year.

In 2024, healthcare organizations in California saw the highest number of ransomware attacks among other U.S. states. The state experienced in total of 66 ransomware attacks in the measured year. Texas ranked second, by the number of healthcare ransomware attacks, followed by New York.

Here are the leading causes of ransomware attacks today.

A 2024 survey of cybersecurity professionals of worldwide organizations revealed that the energy and utilities industry had the highest number of vulnerabilities exploited in ransomware attacks. The survey showed that the second-most common root cause of ransomware attacks was compromised credentials across all sectors, followed by malicious e-mail.

In 2023, 143 significant ransomware attacks were detected in Europe, marking a 31 percent increase from 109 known major ransomware attacks in the previous year. Meanwhile, the figures do not represent the overall number of ransomware attacks in the region. Furthermore, in 2022 small and medium enterprises (SMEs) remained the primary target for ransomware actors.

In 2023, the U.S. Internet Crime Complaint Center (IC3) received approximately 250 complaints indicating ransomware attacks in healthcare organizations. The second most victimized industry sector was critical manufacturing. Government facilities ranked third, with 156 complaints. Financial services organizations filed 122 complaints during the examined year.

Dataset

This dataset was created by John93

Contents