Ransomware - Statistics & Facts

Ransomware is not one of the most prevalent types of malware but it has huge potential for damage and it is growing fast. During a 2017 survey of InfoSec professionals, the prevention of malware, especially ransomware, was named as the second-most pressing cyber security issue worldwide. Ransomware is a type of malicious software that threatens to forever block access to a victim’s data or publish it unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called crypto-viral extortion, in which it encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented ransomware extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Bitcoin are used for the ransoms, making finding and prosecuting the perpetrators challenging.


According to a September 2016 survey of businesses in the United States, the volume and severity of ransomware attacks has significantly increased in the past 12 months. Database files and SQL files are among the most targeted types of files and education and IT are the most targeted types of businesses. The countries with the highest ransomware infection rates in 2017 were Turkey, Vietnam and India.

Businesses are growing increasingly concerned about ransomware – as of September 2016, 18 percent of SMEs in the United States had experienced ransomware in the past three months and 17 percent in the past six months. A total of 30 percent of responding businesses felt very vulnerable to a ransomware attack and a further 28 percent stated that they felt vulnerable. The most common ways for SMEs in the United States to fall victim to these most recent ransomware attacks were phishing or social engineering, followed by insecure of spoofed websites. Over half of ransomware attacks were not reported as companies did not want to publicize incidents.

The actual financial damage of the extortion payment – which can be covered via cyber insurance – pales in comparison to a company’s losses of reputation and customers. The most common consequences of ransomware attacks according to SME victims in the United States are investment in new security technologies, loss of income from downtime and loss of clients.

The most commonly implemented ransomware solutions include security software that filters out ransomware, as well as employee training. Less common but in no ways less important are phishing testing of high risk employees, as well as online training for all employees. According to a survey of U.S. businesses, 43 percent of organizations who did not conduct online anti-phishing training for employees had experienced ransomware incidents in 2016. Business-email compromise (BEC) scams are one of the fasted-growing phishing scams which enable ransomware infection of business networks.

Read more

Ransomware - Important statistics

You may also be interested in these statistics

The whole topic in one document

Ransomware
  • Edited and prepared
  • Download in PPT/PDF format
  • Instant access
  • only $325

More interesting topics from the industry "Cyber Crime"

Any more questions?

Any more questions?

Get in touch with us quickly and easily. We are happy to help!

Get in touch with us quickly and easily. We are happy to help!

Do you still have questions?

Feel free to contact us anytime using our contact form or visit our FAQ page.