2021 In Review: A Forecast For Ransomware Statistics 2022

    2021 was the biggest year ever for ransomware attacks. Read on to find out more facts and statistics for these attacks and what you can do to prevent them.

    Ransomware attacks are becoming increasingly frequent

    2021 saw an unprecedented rise in the amount and scale of ransomware attacks. New technologies such as cryptocurrency, as well as the increased use of work-from-home corporate models, mean that organizations of all sizes will likely be increasingly vulnerable to these types of cybercrimes in 2022.

    But just how big have these attacks gotten? How big are they likely to get? Let’s look at a statistical breakdown for ransomware attacks to better understand their origins, their effects, and their future.




    What is ransomware?

    Ransomware is a form of cybercrime committed through the use of malicious software, known as malware. The objective of ransomware attackers is to either trick you into downloading this software or to find a preexisting point of entry into a computer network to plant the virus secretly. Once this malware has infiltrated your IT network, attackers will then encrypt private information so that you cannot access it unless you pay a certain amount of money.

    Unfortunately, this form of cybercrime has become increasingly popular in 2021. The statistics for this year say a lot about how ransomware attacks will grow into 2022, as well, so breaking down this number is vital to improving your data protection and cybersecurity.


    Ransomware statistics in 2021

    Across the board, cybercrime statistics have shown that ransomware attacks are becoming increasingly frequent and much more severe. Cybercriminals have expanded their targets to include utility companies and infrastructure, and the payouts for these crimes have only made participating in them more tempting.


    The cost of ransomware attacks in 2021

    The overall amount of damages paid for ransomware attacks in 2021 was around $20 billion, with payouts in 2031 estimated to total around $231 billion. While this number is staggering, it speaks to just how severe and commonplace these attacks have become.


    Industries affected by ransomware in 2021

    The biggest target for ransomware attacks this year is certainly small and large-scale businesses. Ransomware attackers find companies to be easier targets since there are several employees to try and fool, as well as a wider number of access points into an IT infrastructure.

    Ransomware statistics for utilities

    Some of 2021’s largest scale ransomware attacks have been against vital infrastructures, such as gas pipelines and water treatment plants. These companies are targeted not only because they can pay a ransom, but also because they provide vital services to the public at large.

    Ransomware statistics for healthcare

    Mid-year reports had found at least 48 large-scale attacks against hospitals and healthcare centers in the United States alone, with the number increasing by year’s end. Hospitals are particularly vulnerable targets because they often do not work with cybersecurity professionals and do not spend resources on upgrading their IT architecture.

    Ransomware statistics for government

    40% of central government organizations in the United States in 2021 were subject to ransomware attacks, with 34% of local government organizations also being affected. Once again, government entities make easy targets because they often do not view cybersecurity as a necessity in their budget, leaving them easy targets for cybercriminals.


    The payout for ransomware

    The average ransomware payout in 2021 was around $220,000, increasing from last year’s average payout of $178,000. Additionally, smaller-scale attacks are predicted to increase in frequency, making individuals and smaller companies likely targets.




    5 Important 2021 ransomware facts

    In addition to the financial strain caused by ransomware this year, there are several other alarming facts that show this cybercrime is becoming a significant problem, such as:

    • The most popular software, or “strains,” for ransomware in 2021 were Sodinokibi, Maze, and Phobos.

    • These strains used phishing, RDP comprising, and software vulnerabilities as their most common ports of entry, or “attack vectors.”

    • The fastest-growing attack vector in 2021 was phishing scams.

    • Some of the highest targeted businesses in 2021 were retail, financial services, and manufacturing companies.

    • The vast majority of ransomware attacks take place in under four hours.


    Types of ransomware attacks

    As discussed in the last section, ransomware attackers will use their software through specific methods known as “attack vectors.” These attack vectors work differently depending on the scale of the company and the software the attacker uses.


    Phishing is the use of impersonating authorities, bosses, or experts through email or phone to gain access to valuable personal information which can then be used to infiltrate an IT network. Phishing attacks are a popular attack method for larger-scale companies, as their larger number of employees means it’s more likely that one of them will fall victim to a subtle phishing campaign.


    Remote desk protocol is a feature of Microsoft computers that allows two computers connected to the same IT network to communicate with each other. Unfortunately, the nature of this software opens up vulnerabilities to ransomware attacks, which is a popular technique for criminals targeting smaller companies and individuals.

    Software vulnerabilities

    Unpatched or un-upgraded software can leave the door wide open to cybercrime, as ransomware attackers are experienced in finding exploits in commonly used software that companies have not put the resources and time into upgrading. While this is the least common form of cyberattack, it has still increased in frequency for larger companies in recent years.


    Ransomware: moving forward into 2022

    While these numbers project an increasingly worrisome cybersecurity landscape for 2022, cybersecurity experts are working constantly to make sure that companies have the most up-to-date ransomware prevention strategies and software. Nobody can predict the next moves of cybercriminals, but you can control your next move, and increase the likelihood that your organization will avoid becoming a ransomware statistic in 2022.

    Companies like Mimecast can help your business deal with ransomware attacks by educating your employees and auditing the current state of your IT infrastructure. With their help, you can be adequately prepared to address ransomware attacks when they arise, and you can have a team on your side to help you deal with them.


    Back to Top