10 Scary Ransomware Statistics

The bottom line is this: when it comes to cyberattacks your business better be ready because it’s not “if” an attack will occur but “when”. This article is a wake-up call to anyone thinking they can get by with minimal cybersecurity.  The investment in cybersecurity far outweighs the costs.

1. It’s predicted that according to the current trend there will be a ransomware attack every 11 seconds by 2021. This is up 20% from 2019, when a new business fell victim to ransomware every 14 seconds. (CyberSecurity Ventures)

 2. The cost of annual ransomware damages are estimated to hit $20 billion by 2021. This is up from $11.5 billion in 2019 and $8 billion in 2018. Although recent security breaches are less frequent they are more lucrative as cybercriminals are targeting high profile people. (CyberSecurity Ventures)

3. 20% of ransomware victims are small to midsize businesses. According to a survey from Datto’s Global State of Channel Ransomware Report, one in five ransomware attacks were infiltrated on small and midsize businesses in 2019. (Hashedout) Every 40 seconds a business is attacked by ransomware. (Kaspersky) It’s been found that hackers are shifting their focus to businesses as they have weak security and are usually willing to pay up to resume business functions. (DataPort)   

4. The main objective of cyberattacks is to disrupt businesses. Crowdstrike found that ransomware, DDoS, and malware are the leading causes of business disruption in cyber attacks. (CrowdStrike) 71% of breaches were financially motivated and 25% were motivated by espionage. (Verizon)

5. 67% of ransomware infections start from phishing emails. One popular method of spreading malicious code is to use spam mail campaigns. Another approach is called spearfishing which uses a targeted approach to more effectively penetrate complex security networks. Managed service providers pinpointed spam and phishing emails as the leading causes of ransomware infections. (Statista & HashOut)

6. About 46% of ransomware criminals impersonate authority figures. In order to scare people and give an air of authority, attackers sometimes pose as FBI representatives.  For instance, one ransom note said, “FBI- YOU HAVE BEEN WATCHING PORN OR GAMBLING OR BOTH, YOU MUST PAY $200 IN MONEYGRAM.” Some people without stopping to think about it pay the cybercriminals even though they demand payment in cryptocurrencies or a prepaid cash voucher. (Stanford)  

7. 50% of companies feel they are not adequately prepared for a cyberattack. (healthitsecurity.com) Only 37% of American businesses are confident that they can stop a ransomware attack. (Malwarebytes) 56% of Americans report they are not sure what to do should their data be breached. (Varonis)

8. Cybercriminals make about $1 billion dollars annually off of ransomware. (Bromium)  Supposedly, 15% of ransomware victims decided to pay the ransom in 2019; This is a jump from 4% in 2018 4 times as many businesses with 100 or more employees pay up. (HashedOut)

9. Around $10 billion dollars is spent by companies globally on employee security training.  This number has risen since 2014 when it was reported at 1 billion. (Herjavec) On average $1,178 is spent per employee for cybersecurity purposes. (Varonis)

10. 85% of managed service providers (MSPs) report ransomware attacks as the most common malware threat to small to mid-size businesses. About 80% of MSPs report that their own businesses are increasingly targeted by cyberattacks. (HashedOut)