Statistic as Excel data file

Annual number of ransomware attempts worldwide from 2017 to 2022 (in millions)
Access data

Source

Source
Conducted by
Survey period
Region
Type of survey
Number of respondents
Age group
Special characteristics
Note

Publication

Published by
Publication date
Original source
ID
ansomware attempts worldwide from 2017 to 2022 (in millions)

Description
In 2022, organizations all
SonicWall ransomware attempts. Ov
SonicWall between the third and four
2017 to 2022 102 million to nearly 155 m
Worldwide
n.a.
n.a. Ransomware attacks usua
n.a. amounts of data and are c
data is based on SonicWall Capture Labs characteristics; wider industry metrics may vary these organizations prefer
n.a. rather than to report the a
loss also damage compan
reasons why ransomware

SonicWall Most targeted industries a

March 2023 As a part of critical infrastr
Cyber Threat Report 2023, page 33 usually targeted by ransom
494947 organizations worldwide s
beverage industry ranked
attacks. By the share of ra
infrastructure, North Amer
regions, followed by Europ
organizations filed the high
enforcement in 2022 abou

Ransomware as a service
The Ransomware as a Se
for over a decade. The mo
Hackers develop ransomw
affiliates. The latter then u
According to the business
receives a service fee per
In the first quarter of 2022
(RaaS) extortion groups w
groups in the same quarte
Description
In 2022, organizations all around the world detected 493.33 million
ransomware attempts. Overall, this number decreased significantly
between the third and fourth quarters of 2022, going from around
102 million to nearly 155 million cases, respectively.

Ransomware attacks usually target organizations that collect large

amounts of data and are critically important. In case of an attack,
these organizations prefer paying the ransom to restore stolen data
rather than to report the attack immediately. The incidents of data
loss also damage companies’ reputation, which is one of the
reasons why ransomware attacks are not reported.

Most targeted industries and regions

As a part of critical infrastructure, the manufacturing industry is
usually targeted by ransomware attacks. In 2022, manufacturing
organizations worldwide saw 437 such attacks. The food and
beverage industry ranked second, with over 50 ransomware
attacks. By the share of ransomware attacks on critical
infrastructure, North America ranked first among other worldwide
regions, followed by Europe. Healthcare and public health sector
organizations filed the highest number of complaints to the U.S. law
enforcement in 2022 about ransomware attacks.

Ransomware as a service (RaaS)

The Ransomware as a Service (RaaS) business model has existed
for over a decade. The model involves hackers and affiliates.
Hackers develop ransomware attack models and sell them to
affiliates. The latter then use them independently to attack targets.
According to the business model, the hacker who created the RaaS
receives a service fee per collected ransom.
In the first quarter of 2022, there were 31 Ransomware as a Service
(RaaS) extortion groups worldwide, compared to the 19 such
groups in the same quarter of 2021.
Number of ransomware attempts per year 2017-2022
Annual number of ransomware attempts worldwide from 2017 to 2022 (in millions)

2017
2018
2019
2020
2021
2022
183.60
206.40
187.91
304.64
623.25
493.33