10 Spine-Chilling Ransomware Stats in 2022

ATTACK Simulator
4 min readAug 17, 2022
10 Spine-Chilling Ransomware Stats in 2022

Ransomware has never been more prevalent and costly, with threats waiting around the corner for the slightest human mistake or security flaw.

A closer look at ransomware stats and facts shows that hackers have turned their attention to business, where they prey on interconnected systems with security vulnerabilities, a willingness to pay up to avoid disruptions, and deep pockets.

We’ve compiled a list of ten dizzying ransomware stats to show you just how menacing this cyber threat is.

What is Ransomware?

Ransomware is a very dangerous form of malware from cryptovirology, capable of causing significant financial damage to victims. Hackers use this extortion software to encrypt your data, deny you access to your files or your entire computer, and provide you the decrypting key only in exchange for a ransom ranging from a few hundred to thousands of dollars.

Usually, the payments are made through anonymous and untraceable methods, such as Bitcoin.

10 Ransomware Stats to Blow Your Mind

1. A staggering 14 ransomware attacks per second occurs in 2022, 20% more than a 2018 prediction.

2. Annual ransomware damages skyrocketed to $20 billion in 2022.

3. Phishing emails are responsible for two-thirds of ransomware infections. Spear-phishing techniques and insufficient security awareness training for employees are another two major vectors of ransomware attacks.

4. 46% of ransomware operators impersonate authority figures such as the FBI to create the illusion of authority and scare people into paying. “FBI — YOU HAVE BEEN WATCHING PORN OR GAMBLING OR BOTH, YOU MUST PAY $200 TO MONEYGRAM” — an actual ransom note.

5. Ransomware stats from 2018 show that businesses and enterprises accounted for 81% of ransomware targets. Enterprises remain to this day the main targets for these types of cyber attacks. Email, the primary channel of communication for businesses, is the most prevalent vector of ransomware distribution.

6. A company is hit with ransomware around every 40 seconds. Withstanding this massive amount of attacks calls for a serious investment in cybersecurity and security awareness training for employees.

7. Organizations spend a total $10 billion globally on employee security awareness training. It takes something as small and insignificant as a click to compromise your entire business. Investing in solid and comprehensive employee security awareness training is your best bet to strenghten your company’s defenses.

8. 15% of businesses paid the ransom in 2019, almost quadrupling from 2018’s 4%. Companies have little to no choice when a devastating ransomware attack hits — pay up or say goodbye to the compromised data. Of course many will pay the ransom as a last resort, but results aren’t always as expected: the files might become corrupted during the decryption process, the key may be too slow or not work at all.

9. Only 37% of American businesses are confident that they can stop a ransomware attack. American companies are pretty pessimistic when it comes to assessing their ability to prevent a ransomware attack, while their Canadian and German colleagues are much more confident: 67% consider themselves safe from ransomware attacks.

10. 37% of organizations worldwide were victims of a ransomware attack in Q1 2021 and 68.5% were victimized throughout the same year.

Ransomware attacks in 2021. Source: Statista

Security Awareness Training Will Increase Your Company’s Ransomware Resiliency

Many ransomware attacks happen via phishing emails, and threat actors prey on potential human error.

The only way to combat human error is by providing your employees with a solid and comprehensive Security Awareness Training program, such as ours.

Researching the latest phishing trends and strategies and adequately training your employees can be a hassle, so leave it to professionals.

Here are a few perks of choosing ATTACK Simulator:

- Automated attack simulation — we simulate all kinds of cyberattacks.
- Real-life scenarios — we evaluate users’ vulnerability to give company-related or personal data away using realistic web pages.
- User behavior analysis — we gather user data and compile it into extensive reports to give you a detailed picture of your employees’ security awareness level.

- Malicious file replicas — our emails contain malware file replicas, to make the simulation as realistic as it can be.
- Interactive lessons — if employees fail to recognize our traps and fall into one, they will discover lessons on the best security practices.
- Brand impersonation — we impersonate popular brands to make the phishing simulations all the more realistic.

ATTACK Simulator’s Security Awareness Training program will help you equip your employees with the necessary security knowledge and up-to-date security practices to keep your company safe from scammers and avoid potentially irreparable damage.


Data Prot Ransomware Statistics in 2022: From Random Barrages to Targeted Hits

Statista Ransomware — statistics & facts


Feature Image: Illustrations vector created by freepik — www.freepik.com

Technology illustration vector created by pikisuperstar — www.freepik.com

Phishing email vector created by katemangostar — www.freepik.com



ATTACK Simulator

We’re a fresh startup that aims at creating a culture of security in every company by teaching security awareness through automated phishing simulations.