Explore Jobs

Find Specific Jobs

Explore Careers

Explore Professions

Best Companies

Explore Companies

15+ Shocking Ransomware Statistics [2023]: Trends + Facts

By Jack Flynn
Feb. 7, 2023

Research Summary: From small businesses to massive tech companies, ransomware targets anyone and everyone. In fact, ransomware has been growing at an alarming rate in recent years, increasing the threat to businesses around the world.

Today, it’s even more essential for businesses to guard against ransomware attacks. To find out more, we’ve gathered an extensive list of ransomware statistics. According to our extensive research:

  • Ransomware attacks happen once every 11 seconds.

  • Businesses lost $1.3 billion to ransomware payouts and $159.4 billion to the resulting downtime in 2021.

  • Ransomware attacks have increased 80% year-over-year between 2021-2022.

  • The average ransomware attack costs $4.62 million.

For further analysis, we broke down the data in the following ways:
Frequency | Cost | Victim

Ransomware Frequency Statistics

Ransomware has been increasing in frequency rapidly since the 2020 pandemic. To understand just how problematic the frequency of ransomware has become, here are some essential facts:

  • There were 623.3 million ransomware attacks globally in 2021.

    While there are no annual numbers for 2022 yet, there were also 236.1 million ransomware attacks in the first half of 2022 alone.

    Year Number of ransomware attacks (in millions)
    2016 638M
    2017 183.6M
    2018 206.4M
    2019 187.9M
    2020 340.6M
    2021 623.3M
    H1 2022 236.1M
  • Roughly 71% of businesses were victimized by ransomware in 2022.

    In 2018, approximately 55.1% of businesses were victimized by ransomware, meaning that in only four years, the share of businesses impacted increased by 29%.

    Year Share of businesses victimized by ransomware
    2018 55.1%
    2019 56.1%
    2020 64.2%
    2021 68.5%
    2022 71.0%
  • 32% of ransomware attacks resolve with the attacker being paid.

    Just under one-third of victims choose to pay the ransom, but only 92% have their data returned by the attacker. This puts many businesses in a precarious position, where they can choose to either lose their data, lose their money, or lose both.

  • 54% of businesses deal with phishing emails as the cause of ransomware attacks.

    Phishing emails are by far the most common cause of ransomware attacks, followed by poor user practices (27%), lack of cybersecurity training (26%), and weak passwords (21%).

    Cause of ransomware attack Share of businesses
    Phishing emails 54%
    Poor user practices 27%
    Lack of cybersecurity training 26%
    Weak passwords 21%
    Open RDP preference 20%
    Clickbait 17%
    Malicious websites 14%
    Lost/stolen user credentials 10%

Ransomware Cost Statistics

Not only does ransomware affect the majority of businesses but can also be extremely costly. Here are some prominent examples of that cost:

  • The average ransomware attack costs $4.62 million.

    The average data breach in the US costs $4.35 million, meaning that ransomware is even more detrimental than most other data breaches.

  • The largest paid ransom in a ransomware attack was an estimated $40 million in 2021.

    CNA Financial paid a whopping $40 million (estimate) ransom in 2021, with other large attacks being on these companies: Garmin ($10 million), CWT Global ($4.5 million), Colonial Pipeline ($4.4 million), and Brenntag ($4.4 million).

  • Downtime from ransomware attacks costs an average of $8,662 per minute.

    That’s nearly $520,000 per hour, and given that the average downtime from ransomware is nine days, costs can add up extremely quickly.

  • The average payment request from ransomware attackers is $2.2 million.

    Cybercriminals are becoming increasingly bold with their demands, while in reality, only 15% of the total cost of the ransom is typically paid.

Ransomware Victim Statistics

Monetary numbers can give us an idea of how damaging ransomware is, but ultimately the real victims are the true story. These attacks can shutter small businesses and bankrupt large companies, which ultimately affects the livelihoods of all people involved. Here are the facts:

  • 10% of all data breaches start with ransomware attacks.

    This percentage reached its current state by doubling between 2020-2021, in part due to an increased reliance on the internet caused by the COVID-19 pandemic.

  • The average downtime for ransomware attacks is between seven to 21 days.

    More specifically, the median number of days of downtime is nine days, which is already incredibly costly for victims.

  • The average victim only recovers 65% of their stolen data after paying the ransom.

    Even when attackers do return data, which is rare, victims are unlikely to receive all of the data that was stolen.

  • 15% of IT professionals don’t believe their organization is prepared for a ransomware attack.

    Luckily, 85% of IT professionals believe their organization is at least somewhat prepared for a ransomware attack. However, this doesn’t change the fact that 38% of staff members say their company has not conducted any ransomware training.

  • 61% of SMBs were the target of a cyberattack in 2021.

    While many ransomware attackers target large companies in the hopes of a bigger payout, there are still plenty of attackers who target small businesses. This is mainly because SMBs usually lack the cybersecurity precautions of larger organizations.

Ransomware Statistics FAQ

  1. What percentage of ransomware attacks are successful?

    Ransomware attacks are somewhat successful, with an average of 32% of victims paying the ransom. This has also been increasing rapidly year-over-year, with 58% of affected organizations paying ransoms in 2021, compared to only 34% in 2020.

    However, it’s also important to note that only 15% of the total cost of the ransom is typically paid. This is important as it can mean the difference between a company paying thousands or millions of dollars.

  2. How often do ransomware attacks occur?

    Ransomware attacks occur once every 11 seconds in 2022. Overall, this is an increase of around 20% compared to 2019, when attacks occurred at a predicted one per 14 seconds.

    In other words, 5.45 ransomware attacks occur every minute, 327 every hour, and 7,848 every day in 2022.

  3. Are ransomware attacks increasing?

    Yes, ransomware attacks have increased by a rate of 80% year-over-year. The long-term effects of the COVID-19 pandemic are largely to blame for this, as many companies moved online in 2020.

    Between 2020-2021 alone, the number of ransomware attacks increased from 340.6 million to 623.3 million (83%).

  4. How much financial damage does the average ransomware attack cause?

    The average ransomware attack costs $4.62 million. While this is already a lot of financial damage, it can also be exacerbated by downtime and other factors. For example, downtime costs companies an average of $8,662 per minute.

    Ransomware can also be far more damaging as well, with companies like CNA Financial losing at least $40 million to ransomware in 2021.


Ransomware has become an increasingly pressing issue since the start of the COVID-19 pandemic in 2020. Today, attacks happen once every 11 seconds, and 71% of businesses have been affected.

These businesses lose an average of $4.62 million per attack, which can be absolutely debilitating for SMBs. For this reason, it’s crucial that businesses take proper cybersecurity precautions by properly training employees, ignoring scam emails, and having better passwords.


  1. INFIMA – Every 11 Seconds

  2. NetApp – Measuring the true cost of a ransomware attack

  3. TechCrunch – Ransomware is a global problem that needs a global solution

  4. Statista – Annual number of ransomware attacks worldwide from 2016 to first half 2022

  5. Statista – Percentage of organizations victimized by ransomware attacks worldwide from 2018 to 2022

  6. Statista – Phishing the Most Common Cause of Ransom Attacks

  7. Heimdall – Ransomware Payouts in Review: Highest Payments, Trends & Stats

  8. Bluvector – The True Cost of Ransomware Goes Beyond the Ransom Payment

  9. ZDNet – Ransomware payments: Here’s how much falling victim will now cost you

  10. LoughTec – Downtime: The Real Cost of Ransomware

  11. Businesswire – ISACA Survey: IT Security and Risk Experts Share Ransomware Insights in the Aftermath of the Colonial Pipeline Attack

How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

No votes so far! Be the first to rate this post.


Jack Flynn

Jack Flynn is a writer for Zippia. In his professional career he’s written over 100 research papers, articles and blog posts. Some of his most popular published works include his writing about economic terms and research into job classifications. Jack received his BS from Hampshire College.

Related posts