The Latest Ransomware Statistics, Facts, FAQs and Trends (2024)

Understanding the latest ransomware statistics, facts and trends can help you protect yourself and your data. Here’s everything you need to know, including industry-specific figures and frequently-asked questions.

Recent Ransomware Statistics

These are some of the most important ransomware statistics for business owners, IT teams and individuals.

2020 Ransomware Statistics 

• Phishing scams were the leading attack vector for ransomware infections in 2020.

• In 2020, organizations took an average of 287 days to recover from a ransomware attack.

• According to one cyber insurance firm, the average ransom demand increased by 47% in the beginning of 2020, amounting to an average of $338,669 per attack. 

• In 2020, 51% of IT professionals reported their organization had been hit by ransomware within the past year. In 73% of those cases, the attackers successfully encrypted data.

• The number of malware types increased to 678 million in 2020, up from 28.24 million in 2010 — a 2,300% increase in a decade.

2021 Ransomware Statistics

• About 82% of all ransomware attacks in 2021 impacted companies with fewer than 1,000 employees. 

• According to one estimate, a ransomware attack occurred every 11 seconds in 2021.

2022 Ransomware Statistics

• The average ransom demand surpassed $7.2 million in 2022. 

• According to a global study of nearly 1,500 cybersecurity professionals from a mix of small, medium and enterprise-level organizations, seven in 10 respondents stated their ransomware-related losses totaled between $1 million and $10 million.

2023 Ransomware Statistics 

• According to the U.S. Office of the Director of National Intelligence, the frequency of global ransomware attacks increased by about 74% from 2022 to 2023.

• Ransomware attack volume experienced a 55.5% year-over-year increase from 2022 to 2023. 

• According to a survey of working adults and IT security professionals, 39% of global organizations experienced one to three ransomware attacks in 2023. Another 38% experienced four to six attacks in the same period. 

2024 Statistics and Predictions

• As of 2024, the average incident response cost to a ransomware attack is about $4.54 million — which is higher than the $4.35 million the average data breach costs.

• Cybersecurity experts predict ransomware attacks will occur every two seconds by 2031. 

• Experts estimate ransomware attacks will cost victims $265 billion in annual losses by 2031.

Ransomware Attack Frequency Statistics 

Here’s a ransomware statistic that proves ransomware is on the rise as technological advancements lower the entry barriers to cybercriminality. 

• There were 483.33 million total ransomware attacks in 2022, down from 623.25 million from the previous year. Still, overall attack frequency rose between 2018 and 2023. According to these figures, there’s been a 139% increase in the five-year period.

Statistics on Victims Who Paid the Ransom

Your problems won’t always disappear when you pay the ransom, as these ransomware statistics prove.

• About eight in 10 organizations who paid the ransom stated they experienced at least one follow-up ransomware attack. Unfortunately, 68% reported being targeted again for a higher ransom within a month. 

• In 2022, 54% of those who paid the ransom said data corruption and system issues persisted after payment — up from 46% in 2021.

• According to the same study, nearly half of organizations — 49% of them to be exact — said their main motivation for paying the ransom was to avoid potential revenue losses.

Ransomware Statistics by Industry

Ransomware statistics show the health care, financial services, education and manufacturing sectors have a history of being the top targets for attacks. 

Health Care

• The health care sector received 16% of all ransomware attacks in the fourth quarter of 2023, making it the second-most targeted industry in this period.

• In the health care sector, the length of ransomware-related downtime increased to 18.71 days in 2023, up from 15.71 days in 2022.

Financial Services

• According to the U.S. Internet Crime Complaint Center (IC3) — a cyber crime reporting hub run by the Federal Bureau of Investigation (FBI) — the financial services sector filed 122 ransomware complaints in 2023, making it the fourth-most victimized industry.

Education 

• In 2023, 80% of K-12 schools and 79% of colleges and universities reported they experienced ransomware attacks, up from 56% and 64% in 2022, respectively.

• Over 80% of the ransomware attacks targeting K-12 schools successfully encrypted data, up from 72% in 2022. Colleges and universities reported 73% of the attacks resulted in data being encrypted in 2023. 

• Ransomware attacks against K-12 schools and higher education institutions compromised 6.7 million personal records between 2018 and 2023.

Manufacturing

• According to the U.S. IC3, critical manufacturing was the second-most victimized industry in 2023.

• Manufacturers experiencing downtime due to ransomware attacks — which doubled to 12 days in 2022, up from six days in 2021 — lost an estimated $46.2 billion between 2018 and 2023, amounting to an average of $8,660 in losses per minute.

Frequently Asked Ransomware Questions

These are some of the most pressing questions about ransomware statistics people like you have been asking.

What percentage of companies are hit by ransomware?

A majority of organizations become victims of ransomware each year, regardless of their size or location. In 2023, three-quarters of organizations reported they experienced at least one attack, with nearly one-third experiencing four or more attacks. 

What is the largest ransomware ever paid?

The MediaMarkt attack, aimed at one multinational consumer electronics enterprise, is one of the largest ransoms ever paid. The company, affected by Hive ransomware, received a demand for $240 million in 2021. They ultimately negotiated the price down to $50 million. While the price cut was substantial, they paid more than almost any other firm ever has. 

Which industry has the most ransomware attacks?

According to the latest figures, education has emerged as the industry most targeted by ransomware. Nearly 80% of lower and higher education institutions report being hit by at least one attack in 2023. 

In order from most to least targeted, construction, government agencies, entertainment, retail, critical infrastructure, logistics, financial services, sales, health care and manufacturing follow closely behind. Ransomware hit at least 50% of organizations in each industry in 2023.

What percentage of ransomware victims pay the ransom?

The frequency of ransomware payments varies by region, entity and industry, so the global average is general. Roughly three in 10 ransomware victims choose to pay the ransom. Although it’s technically illegal to pay the ransom in the U.S., many companies still do so.

The Top Emerging Ransomware Trends

Here are three key emerging trends based on ransomware statistics. 

State-Sponsored Ransomware

The country’s top security experts have noticed the growing trend of nation-state adversaries backing ransomware groups. There’s been a significant uptick in the amount of state-sponsored attacks on higher education institutions and critical infrastructure as foreign entities attempt to block domestic academic innovations and cause disorder. 

Double-Extortion Ransomware

In a double-extortion ransomware attack, the attackers exfiltrate the target’s data and threaten to release or sell it unless they receive payment. At the same time, they encrypt the data and demand a ransom in exchange for a decryption key. Even if organizations have backups for recovery, they have no choice but to pay — which can be more expensive.

AI-Powered Ransomware Attacks  

Attackers are increasingly leveraging AI to write malicious code for ransomware attacks. Historically, they’ve used malware like REvil or LockBit. With AI, they have the ability to make dynamic code that constantly changes. They can easily embed it into web scripts or links and update it frequently, making defense much more challenging. 

Use Ransomware Statistics to Strengthen Your Defenses

You can use these ransomware statistics to figure out if your cybersecurity posture is adequate, whether you’re at risk of experiencing an attack and how much an attack would cost you. This way, you have a better idea of how to organize your defenses.