And despite the best efforts to maintain a sense of control when it comes to cybersecurity, these attacks indeed happen. In fact, hackers used ransomware attacks to compromise more than 2,000 devices in 2021 alone.
To that end, use this roundup of the latest ransomware statistics, trends, and facts for more insight into how prevalent ransomware is and why you should protect yourself from it. That’s also where our protection tips come in. Let’s get started.
And with each as dangerous as the next, you can never have too much information on what to expect from these potential threats.
Ransomware demands are increasing
Cybercriminals made sure to pair their use of new and different types of ransomware with a raise in payment demands. According to recent reports, ransomware demands saw a 144% increase in 2021, with the ransomware payouts averaging more than $6 million for victims in the U.S.
Ransomware’s threat to mobile devices is spreading
Mobile devices have become a new target for current ransomware attacks. For example, more than 10 million people lost money and had data exploited after being tricked by a ransomware scam targeting Android users.
Ransomware as a Service is growing (RaaS)
The whole purpose behind ransomware is to make money — whether that's done legally or not. That’s why hackers created Ransomware as a Service tools, helping them make more profit as other hackers carry out widespread ransomware attacks.
You could think of RaaS tools as a subscription service like Netflix or Hulu, but instead of having access to movies and TV shows, you get software that can decode and encrypt most vulnerable systems effortlessly. This provides a steady stream of income for the RaaS owner and more successful ransomware attacks for the hacker.
Key ransomware statistics
Ransomware attacks are more popular than ever — up 85% since 2020. Take a look at how hackers have been using this ransomware to threaten your personal cybersecurity over the past couple of years.
1. The FBI’s Internet Crime Complaint Center (IC3) received 3,729 complaints identified as ransomware in 2021. (IC3, 2021)
2. Ransomware attacks increased 105% in 2021. (SonicWall, 2022)
3. There are an estimated 4,000 ransomware attacks per day. (Theiia, 2022)
4. Nearly 50% of businesses reported losses from a ransomware attack in 2021. (Cybereason, 2022)
5. There was an 85% increase in ransomware attacks since 2020. (Palo Alto Networks, 2021)
18. The average ransom payout for a business was more than $812,000 in 2021. (Sophos, 2022)
19. The IC3 reported losses of more than $49.2 million to ransomware in 2021. (IC3, 2021)
20. Ransomware targets only had about 65% of stolen data returned after paying their ransom. (Sophos, 2022)
21. The highest ransom paid in 2021 was $3.2 million. (Backblaze, 2021)
22. Nearly 30% of ransomware targets had less than 50% of their data restored. (Sophos, 2022)
23. There was an 85% increase in victims who had personal information exposed on the dark web. (Palo Alto, 2022)
24. Less than 10% of ransomware victims got all of their files returned. (Sophos, 2022)
25. The average ransom payout has risen by nearly 80% since 2021. (Palo Alto, 2022)
26. It costs a business $1.85 million on average to recover from a ransomware attack. (Sophos, 2022)
27. Ransomware gangs made more than $400 million in 2020. (Backblaze, 2021)
28. The most common payment made by ransomware victims was $10,000. (Sophos, 2022)
Headline-worthy ransomware attacks
The threat of ransomware became an all-too-real reality for many companies and internet users in 2021 — just imagine waking up to a $70 million ransom note on your computer. Get a better picture of the magnitude by poring over some of the latest ransomware attacks that caught people’s attention most.
29. Colonial Pipeline suffered a ransomware attack that led them to handing more than $4.4 million to hackers to restore stolen data. (Colonial Pipeline, 2021)
30. Ransomware group DarkSide targeted the chemical distribution company Brenntag and demanded a payout of $7.5 million in Bitcoin. (Brenntag, 2021)
31. REvil ransomware group targeted Acer and demanded $50 million to return stolen files to the well-known computer manufacturer. (Acer, 2021)
32. Food processing company JBS Foods fell victim to a ransomware attack that forced them to pay $11 million to hackers. (JBS Foods, 2021)
34. 15,000 devices were compromised when hacking group Evil Corp targeted CNA to steal private insurance information. (CNA, 2021)
35. Ransomware group REvil demanded $70 million from Kaseya after successfully breaching and encrypting confidential files. (Kaseya, 2021)
36. A former Canadian government employee pled guilty to using NetWalker ransomware to steal more than $29 million from vulnerable internet users. (NetWalker, 2022)
37. Conti ransomware was responsible for attacks that disrupted essential services for Costa Rican citizens. (Costa Rica, 2022)
38. A school district in New Jersey reported a ransomware attack that compromised their district-wide computer system. (Tenafly Public Schools, 2022)
39. Macmillan publishing company shut down operations to prevent the spread of a ransomware attack on their systems. (Macmillan, 2022)
Ransomware attacks by country
The threat of ransomware is a global issue, with more than 300 million attacks worldwide in 2021. As such, several countries around the world are learning how to stay protected.
40. There were 304.7 million ransomware attacks globally in 2021. (SonicWall, 2021)
41. The United States experienced the most ransomware attacks in 2021. (SonicWall, 2021)
42. The United Kingdom had the second highest total ransomware attacks. (SonicWall, 2021)
43. The average ransom payment in the U.S. in 2021 was more than $6.3 million. (Mimecast, 2021)
44. Europe saw a 234% increase in ransomware attacks in 2021. (SonicWall, 2021)
45. North America saw a 180% increase in ransomware attacks in 2021. (SonicWall, 2021)
46. The United Kingdom experienced a 144% increase in ransomware attacks in 2021. (SonicWall, 2021)
47. Asia saw a 59% increase in ransomware attacks in 2021. (SonicWall, 2021)
48. India experienced almost 4 million ransomware attacks in 2021. (SonicWall, 2021)
Ransomware stats by industry
Similar to its spread around the world, ransomware trends are showing an increase of attacks targeting specific industries. Why? hackers know businesses dealing with larger amounts of private data may be willing to pay a pretty penny to protect it.
49. Health care was the most targeted industry by ransomware in 2021. (IC3, 2021)
50. 66% of health care companies experienced a ransomware attack in 2021. (Sophos, 2022)
51. 34% of health care companies experienced a ransomware attack in 2020. (Sophos, 2021)
52. 61% of ransomware attacks resulted in hackers encrypting data to prevent access in 2021. (Sophos, 2022)
53. 99% of health care organizations got their stolen data restored in 2021. (Sophos, 2022)
54. 65% of health care organizations got their encrypted data restored after paying their ransom in 2021. (Sophos, 2022)
55. The ransom payment rate for health care companies increased by 61% in 2021. (Sophos, 2022)
56. The average ransom payment amount in the health care industry increased by 33% in 2021. (Sophos, 2022)
57. The average ransom payout within the health care industry was $197,000 in 2021. (Sophos, 2022)
58. The average cost to resolve a ransomware attack in the health care industry was $1.85 million in 2021. (Sophos, 2022)
59. It takes about one week for a health care business to recover from a ransomware attack. (Sophos, 2022)
60. 64% of higher education institutions experienced a ransomware attack in 2021. (Sophos, 2022)
61. 70% of higher education institutions used data backups to recover stolen information in 2021. (Sophos, 2022)
62. 60% of higher education institutions had their data restored after paying their ransom in 2021. (Sophos, 2022)
63. Ransomware attacks on higher education institutions increased by 28% in 2021. (Blackfrog, 2022)
100. Predictions estimate ransomware costing victims more than $265 billion annually by 2031. (Cybersecurity Ventures, 2022)
101. 30% of countries will enact legislation to regulate ransomware payments and negotiations by 2025. (Gartner, 2022)
102. Mobile devices will be increasingly used by hackers to deliver ransomware attacks in 2022 and beyond. (Security Boulevard, 2022
Ransomware attack protection tips
At the end of the day, ransomware is much like any other cyberthreat — there are steps you can take to help protect yourself. Here are a few tips for avoiding ransomware attacks and infection techniques:
Beware of phishing and other suspicious emails often used to deliver ransomware.
Always keep operating systems and programs updated with the latest security features and settings.
Never use unfamiliar USB sticks that could be hosting malicious software.
Look out for smishing texts sent to your phone that are often riddled with infected links.
Making an effort to stay on top of the potential threats that could put your data and online privacy at risk is a responsible thing to do. Use these 102 ransomware statistics to better your understanding of how to stay safe online and the importance of prioritizing data security.
Ransomware statistics FAQs
Still have questions surrounding ransomware and the ransomware statistics presented here? We have answers.
Hackers favor ransomware because of their ability to easily target victims with security patches and outdated operating systems.
How long does a ransomware attack take?
It could take a ransomware attack as little as 45 minutes to compromise a target.
What percentage of cyberattacks are ransomware?
Ransomware accounted for 10% of all cyberattacks in 2021.
How many people actually pay ransomware?
According to a study by Thycotic, 83% of people felt like they had no other choice but to pay their ransom.
What is the largest ransomware payment made?
A payment of $40 million marked the largest ransom paid to reverse the effects of a ransomware attack.
Norton™ 360 for Mobile
Powerful protection for your mobile device and online privacy – plus Dark Web Monitoring.
It’s more important than ever to make sure your mobile devices are secure and your personal information stays private. Norton 360 for Mobile helps deliver powerful, proactive protection for your device and personal information against stealthy cyberthreats and online scams.
Clare Stouffer, a Gen employee, is a writer and editor for the company’s blogs. She covers various topics in cybersecurity.
Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc.