Skip to content

28 Malware Attack Statistics That Might Make You Say ‘No Way!’

Malware is malicious software that is used to intentionally damage computer operation, collect confidential information, or gain access to private computer networks. Malware is commonly divided into a number of classes such as virus, Trojan horse, spyware, ransomware, adware, keylogger, and etc. Malware may comprise email attachments, malicious ads on well-known websites, fake software installations, infected USB drives, infected applications, and phishing emails. Today, we’ll share with you 28 interesting malware attack statistics that you need to know.

28 Malware Attack Statistics You Need to Know

1. Ransomware has impacted organizations at the business level and from an IT security policy perspective. On the business side, malware attacks caused 59% of organizations an increase in IT security-related spending and a loss in productivity (57%) in 2020.

2. The attack landscape is getting worse, not better. 86% of organizations feel an attack on their organization is likely within the next year while 12% feel an attack is slightly likely.

3. For 77% of organizations, organized cyber-criminals were the most concerning attacker type, followed by opportunistic hackers (67%) and nation-state sponsored hackers (50%). Spear-phishing emails remain the single most threatening malware attack vector (82%), followed by domain spoofing (45%) and man-in-the-middle attacks (43%).

4. 61% of respondents acknowledged that their organization was damaged by ransomware at some point in 2020. This was a serious increase from 2019 when only 51% of respondents reported the same.

5. With remote work becoming the new normal, malware risk remains greatly elevated. 72% of cybersecurity professionals see remote work as a moderate to extreme risk to their organization. 20% sees it as a small threat and 2% thinks it is not a threat at all.

6. Among the organizations that were affected by ransomware, 52% felt compelled to pay the ransom. Nevertheless, of these, only 66% managed to recover their data whereas 34% failed to get their data back, in spite of paying the ransom.

7. The speed of detecting malware/ransomware infiltrations is most critical in responding to fast-moving attacks before they spread across the network. 72% of respondents claim they are capable of detecting an attack within hours. 50% of organizations said that they can detect malware and ransomware within minutes. 8% of organizations said that they need several days to detect an attack.

Malware Attack Statistics

8. With ransomware attacks so prevalent, 39% of security professionals say their organization has experienced ransomware attacks. 61% indicate they have not been impacted by ransomware or aren’t aware of a previous attack.

9. When asked how organizations recover from a ransomware attack, 52% of organizations report they re-installed or restored backups. 16% brought in third-party professionals for extra assistance and 13% managed to decrypt locked files. A small percentage (5%) paid the ransom.

10. 41% of security professionals say their organization has experienced ransomware attacks. Professionals who are aware of an attack indicate their organizations (80%) have suffered at least once in the past year. What’s more alarming is that 29% of organizations are experiencing 11 or more attacks per year whereas 19% of companies experience 2 to 5 attacks in a year.

11. Malware attacks impact business, operations, and IT stakeholders. Organizations highlight that attacks bring up security-related spending (59%) and productivity loss (56%). At the IT operations level, ransomware is forcing cybersecurity professionals to update IT security strategies to focus on mitigation (44%), and causing system downtime (41%).

12. 64% of cybersecurity professionals do not have confidence in their organization’s capacity to detect and tackle a malware/ransomware attack before it spreads to critical IT systems and files. Only 8% are extremely confident.

13. When asked how cybersecurity professionals would respond after a ransomware attack is detected. The most common response (73%) after an attack is detected, is to isolate and shut down all infected systems, and recover the encrypted files from backups while blocking the initial attack vector. 43% said they would engage a third-party incident response service and 41% stated they would get in touch with a cyber insurance provider.

14. When asked how organizations detect and respond to infected computers that participate in a botnet, 49% stated that they have incident response teams and tools in place to detect and isolate the malware. 39% of organizations use sophisticated malware detection and response tools.

malware facts 2021

15. While an attack can wreak havoc on an organization’s ability to operate, 79% of respondents stated they need at least a few days to recover business after a ransomware attack. 10% estimate it will take more than a week to recover and another 11% of organizations said they will never fully recover.

16. Financial gain (78%) came at the top of the list of motivators for malware and ransomware attacks in 2020. This was followed by a desire to sabotage and damage business activities (55%). Nonetheless, while money extortion was the most common motivation for cybercriminals, other motivations included hacking for fun (31%), state-sponsored attacks (28%), and political motivations (17%).

17. When asked about the organization’s major driver for enhancing ransomware defense, 74% of organizations stated system downtime as the biggest motivator for enhancing their organization’s ransomware defense. For 69% of companies, the protection of sensitive business data against attacks is the most important motivator. For 55%, protecting the reputation of the brand mattered the most.

18. Data continued to be a key strategic asset to virtually every organization and a high-value target for cybercriminals in 2020. The research revealed that the information most at risk from ransomware attacks was customer information (62%), followed by financial data (59%), and company intellectual property (52%).

19. Security professionals rank anti-malware/antivirus/endpoint security (80%) as the most efficient solutions in tackling malware and ransomware. This is followed by user awareness and training (69%) and keeping operating systems and software current (67%) as effective methods to combat an attack.

malware statistics 2022

20. The increase in remote work is putting a serious emphasis on endpoint protection. Detecting and blocking malicious behavior (68%) and blocking ransomware and other attacks pre-execution (59%) rank as the most valuable endpoint security capabilities. For 48% of companies, having built-in web security preventing access to phishing, fraudulent, or exploit-hosting sites is the most important endpoint security technology to invest in.

21. There was a broad array of malware variations in 2020, and new variants are created every day. When asked what types of malware organizations find most concerning, ransomware was the top offender at 82% of responses, followed by phishing attacks (73%) and viruses (55%).

22. When asked about the biggest barriers to malware defense, most organizations identify evolving sophistication of malware attacks (53%), lack of budget (50%), and lack of human resources (31%) as the major barriers. The increasing proliferation of attacks (38%) and insufficient user awareness (37%) is a concern as well.

23. When asked how likely organizations are to make ransom payments, the vast majority of survey respondents say they will not pay (68%). Only 5% stated that they would absolutely pay the ransom.

24. Based on a survey conducted among1263 companies in 2021, 80% of organizations who submitted a ransom payment suffered from another attack soon after, and 46% received access to their data however most of it was corrupted.

25. Ransomware attacks were responsible for nearly 50% of all healthcare data breaches in 2020.

26. In 2020, cybersecurity professionals considered spear-phishing emails the single most dangerous malware attack vector at 83%, followed by web server exploits and domain spoofing with 46% each. For 45% of respondents, man-in-the-middle attacks were the most devastating attack vector.

27. The average cost of a ransomware attack in the higher education industry is $447,000.

28. In 2020, phishing emails (68%) have taken the number one spot of entry points for ransomware. Mail attachments (61%) and malicious websites (46%) round out the top three most widespread infection methods for ransomware to gain access.

View our other statistics-related content below: