Understanding malware statistics is crucial for everyone using technology in 2026. Malware, those sneaky computer bugs, is more than just a nuisance; they can cause serious damage. From stealing personal information to disrupting entire systems, malware poses a significant threat to our digital lives. 

 

This blog will delve into the latest numbers and trends surrounding malware. By staying informed, you can better protect yourself and your devices from these cyber threats. So, let’s dive in and explore the world of malware statistics together!

 

 

Malware volumes

 

– Approximately 1.2 billion malicious programs and potentially unwanted applications (PUAs) exist.

 

– In 2023, AV-Test spotted over 100 million types of malware and PUA.

 

– The busiest year for new kinds of malware was 2021. About 150 million fresh programs were found that year.           

 

– Last year, bad guys released about 200,454 different malware codes daily, equivalent to 1.5 new samples popping up every minute.

 

Malware attack rates

 

– 81% of companies dealt with malware, phishing, and password attacks last year.

 

– In 2022, the world saw 5.5 billion malware strikes, up 2% from the year before.

 

– The peak year for malware attacks was 2018, with a whopping 10.5 billion attacks worldwide.

 

– In 2023, malware was involved in 40% of data breaches, marking a 30% increase from 2022.

 

 

Malware variants

 

– In 2022, according to Trend Micro Smart Protection Network detections, worms were the most often stopped malware.

 

– In 2022, the top three most spotted malware families were Webshell, Emotet, and Negasteal.

 

– According to Trend Micro, Webshell was the most commonly encountered malware family in the first half of 2023. This kind of malware takes advantage of weaknesses in web servers accessible over the internet.

 

– In the first half of 2023, XLoader Packer was the most commonly found category of Android malware. This sneaky backdoor trojan spreads malware infections in Android apps using Domain Name System (DNS) spoofing.

 

– From the year leading to June 2023, Magniber stood out as the most frequently seen ransomware variant in attacks. It appeared in about 21% of all ransomware encounters.

 

– The main four ransomware types (Magniber, Lockbit, Hive, and BlackCat) make up 65% of all ransomware situations.

 

Quick link: What is a pharming attack?

 

Malware file names

 

– The most frequently found malware file name is “purchase order.exe.”

 

– Ransomware is the most prevalent form of malware. It’s involved in nearly 70% of breaches related to malware and around 24% of all breaches in general.

 

– In 2022, there were about 500 million ransomware attacks worldwide.

 

– The most challenging year for ransomware attacks was 2021, with over 600 million attacks globally.

 

– In 2021, it was calculated that someone became a victim of a ransomware attack approximately every 11 seconds.

 

– Specialists foresee that by 2031, ransomware will target an organization, consumer, or device every 2 seconds.

 

 

IoT malware variants

 

– In 2022, there was an 87% increase compared to the previous year in the number of malware attacks aimed at Internet-of-Things (IoT) devices. Globally, these attacks reached 112.3 million.

 

– In 2022, the finance sector experienced a whopping 252% rise in the volume of IoT malware attacks compared to the previous year. This increase was the largest among all industry sectors. 

 

Malware attacks by global region

 

– North America continues to be the region most targeted by malware. However, in 2022, there was a 10% decrease compared to the previous year in the volume of attacks, totaling 2.75 billion, marking the region’s lowest total since 2017.

 

– In 2022, Europe, LATAM, and Asia saw significant rises in the volume of malware attacks, with increases of 10%, 17%, and 38%, respectively.

 

– The United States remains the country most targeted by malware. In 2022, it experienced approximately 2.7 billion malware attacks out of the roughly 5.5 billion attacks globally. 

 

– Among US states, California has the highest volume of malware attacks. 

 

– When considering malware spread per capita, Kansas emerges as the US state with the highest risk of malware attack. 

 

– Vietnam holds the title for the highest malware spread, indicating the largest volume of malware attacks relative to the size of its population. 

 

– According to NordLocker’s analysis, the United States faced the highest frequency of ransomware attacks. In 2022, it accounted for 38.8% of all attacks. 

 

Industries most hit by malware 

 

– Education stands out as the industry sector most vulnerable to malware attacks. The number of attacks against this sector surged by 157% between 2021 and 2022.

 

– During the same period, the healthcare industry experienced a 15% decrease in the volume of malware threats.

 

– In the year leading up to 2023, the retail and finance sectors witnessed significant year-on-year increases in the volume of malware attacks, with jumps of 50% and 86%, respectively.

 

– According to Sophos, 66% of organizations faced ransomware attempts in 2022. 

 

 

Malware attacks and organization size 

 

– In the year leading up to June 2023, 70% of organizations dealing with human-operated ransomware had less than 500 employees.

 

– According to NordLocker’s analysis of ransomware cases from January 2022 to January 2023, small and medium-sized companies with 11 to 50 employees, as well as those with 51 to 200 employees, experienced the highest number of cyber attacks based on a cyber attack-per-employee ratio.

 

Financial motivations of malware threat actors 

 

– According to Verizon’s 2023 Data Breach Investigations Report, financial motivations drive the vast majority (94.6%) of cyber security breaches, including malware attacks.

 

– An estimated 65% of threat actors are believed to have ties to organized crime, while around 15% fall into the “other” category, such as lone wolf attackers.

 

– Ransomware is involved in 59% of all incidents motivated by finances.

 

– Ransomware is involved in 62% of all incidents carried out by organized crime actors.

 

Quick link: What is scareware?

 

Malware and nation-state/state-sponsored activity 

 

– It’s estimated that around 5% of threat actors are nation-state or state-affiliated attackers.

 

– Espionage motivates approximately 3% of attacks, while “Ideology” and “Grudge” motivate around 1% of attacks.

 

– In 2022, Ukraine experienced an astonishing 8,105% surge in total malware attacks, including a staggering 5,835% increase in ransomware.

 

– In 2021, an estimated 74% of all ransomware profits went to hackers linked to Russia.

 

– In the second half of 2021, The US Treasury’s Financial Crimes Enforcement Network found that 75% of ransomware-related incidents were connected to Russia, its proxies, or individuals acting on its behalf.

 

– In the year leading up to June 2023, nearly half of attacks by Russian state or state-affiliated cyber threat actors targeted Ukraine. Additionally, 36% of attacks were aimed at NATO member states.

 

– Education (16%), Government (12%), and Think Tanks / NGOs (11%) are the sectors most frequently targeted by state-sponsored threat groups globally.

 

Malware and remote work

 

– In 2023, 62% of companies faced a security breach related to remote work. According to Verizon, factors such as poorly secured home networks, multiple unknown users, and lower policy adherence increase the risk of malware infections.

 

– In 2021, the percentage of organizations dealing with malware installation on remote devices doubled from 3% to 6%.

 

 

Malware and the growing crypto-jacking threat 

 

– In 2023, there was a 399% increase worldwide in crypto-jacking, which involves the unauthorized use of someone else’s device to mine cryptocurrency by infecting it with XMRig mining malware.

 

– In 2023, Microsoft detected signs of current or past unauthorized coin mining activity in 4.2% of all its customer security engagements.

 

Malware generation and AI 

 

– Nearly half (46%) of senior security professionals believe that generative AI will heighten their organization’s susceptibility to attacks, as it could make it simpler for threat actors to devise and execute attacks.

 

– Within days of its launch in July 2023, the Telegram channel for Worm-GPT, a tool for generating malware and phishing campaigns, amassed over 5,000 followers.

 

Cost of malware attacks 

 

– The total global cost of ransomware surpassed $30 billion last year.

 

– According to IBM, the average global cost of a data breach in 2023, which includes breaches caused by malware, was $4.45 million, marking a 15% increase compared to 2020.

 

– For companies with an annual turnover of less than $10 million, the average recovery cost after a ransomware attack is $165,520.

 

– In 2021, the average ransomware demand was estimated at $220,298, a 43% increase from 2020.

 

– Based on FBI data, the median amount paid by ransomware victims to threat actors is $10,000.

 

– In 2023, 84% of private sector organizations affected by ransomware reported a revenue loss due to the attack.

 

– The education sector (94%) and the construction sector (93%) were the most likely to report business or revenue loss.

 

Readiness to mitigate the malware threat 

 

– 68% of IT professionals responsible for malware detection report challenges in detecting known and unknown malware variants.

 

– 67% of businesses struggle with inadequate signature-based solutions when dealing with the malware threat.

 

– 54% of IT professionals are grappling with fragmented tools for detecting malware.

 

– 68% of organizations acknowledge the necessity for additional investments in tools and processes to bolster their malware detection and threat intelligence capabilities.

 

– Only 22% of businesses describe their threat intelligence programs as “fully mature,” with most stating that they are still in the early stages of development.

 

New technologies for responding to malware 

 

– AI-based threat intelligence tools boast up to 300% greater accuracy than traditional techniques in detecting attempts by malicious scripts to exploit common vulnerabilities targeting a device.

 

– AI tools can identify 70% more malicious scripts than traditional techniques.

 

– Only 11% of IT managers utilize AI for threat detection, yet 56% are optimistic about its future use.

 

Quick link: What is a digital certificate?

 

Conclusion

 

In conclusion, the persistence and evolution of malware threats underscore the critical need for robust cyber security measures within organizations. Traditional approaches to threat detection often prove inadequate against the growing sophistication of cyberattacks. However, the emergence of AI-driven threat intelligence tools presents a promising solution, offering enhanced accuracy and efficiency in identifying and mitigating malicious activities.

 

Organizations can turn to CyberArrow GRC to bolster cyber security defenses and streamline compliance efforts. This innovative technology solution automates evidence collection for cyber security compliance controls, catering to organizations of varying sizes and industries. By automating up to 90% of the compliance workload, CyberArrow simplifies the implementation of cyber security standards, enabling organizations to allocate resources more strategically while ensuring comprehensive security measures are in place.

 

To stay ahead of the ever-evolving threat landscape, investing in CyberArrow GRC is a proactive step towards safeguarding valuable assets and maintaining regulatory compliance standards. Don’t wait until a security incident occurs; empower your organization with CyberArrow’s advanced automation capabilities to effectively fortify its cyber security posture.