15 (CRAZY) Malware and Virus Statistics, Trends & Facts

Even though antivirus programs work tirelessly to detect and remove malicious software, malware threats are on the rise, infecting more computers than ever before.

How bad is it?

By analyzing past behavior and the steps taken to eradicate problems, we can make several predictions about the future of this industry. Let’s take a look at the latest malware trends, major statistics, and the effects that malware can have on Windows, Android, and Mac devices.

This article will help you stay up to date on:

  • Major developments in the malware industry.
  • New malware creation trends.
  • Malware infection rates by type.
  • Infection rates by region and sector.
  • The ways different operating systems handle malware threats.

1. Americans are really worried about cybercrime.

Over 70% of US Americans are worried about having their personal data stolen from their computers and online networks. To put that in perspective, only 24% are worried about terrorism and 17% are worried about being murdered.

This fear is definitely justified. While murder rates are pretty low and have been dropping for years, cybercrime — especially nowadays — seems like it can reach out and touch you anywhere at anytime. Americans are right to worry.

<!--more-->1. Americans are really worried about cybercrime.

2. Big Data breaches are on the rise.

2020 saw a number of catastrophic data breaches affect some of the world’s largest companies. Anurag Sen, from our SafetyDetectives team, reported a significant data leak from live-streaming website CAM4, in which 10.88 billion records were exposed.
The Thai cell network AIS also suffered a huge data leak, in which 8.3 billion logs of customer data became exposed.

In the US alone, data breaches fell to an estimated 1.1 billion in 2020. It is predicted, however, that the number of data breaches in the US will rise to over 1.4 billion in 2021.

2. Big Data breaches are on the rise.

3. MS Office is a primary attack point.

Beware of your own productivity tools. While .exe files used to be the weapon of choice for attackers, users have caught onto the fact that they shouldn’t click them and email services block them from being sent. But people don’t tend to suspect ordinary looking .doc files, and hackers have been using this to their advantage.

As much as 38% of malware is now being disguised as a Word document.

3. MS Office is a primary attack point.

4. Advanced security continues to decrease data breach costs.

The average cost of a data breach decreased by 1.5% in 2020, from $3.92 million to $3.86 million. While a quick glance at these statistics may indicate a plateau, digging deeper into the evidence suggests otherwise.

Companies that use advanced security measures found that they had saved, on average, far more than companies who did not — and this gap is growing.

For example, of companies that fully deployed security automation in 2020, the average saving on data breaches was a staggering $3.58 million more than companies that did not employ the same measures. A gap that has grown from $2.51 million in 2019, and $1.55 million in 2018.

4. Advanced security continues to decrease data breach costs.

5. Ransomware isn’t going anywhere.

Reports of ransomware becoming less common are very untrue. This year, organizations and individuals will pay $11.5 billion, either as a cost of remediating ransomware damage or simply as a cost or paying a ransom.

Local governments continue to be a popular target. This year, Jackson County, GA, Orange County, NC, and Baltimore, MD, all joined the list of prominent victims.

5. Ransomware isn’t going anywhere.

6. Malware is taking an increasingly large toll.

In 2015, the global cost of malware was an already-staggering $500 billion. Fast forward to 2021, and cybercrime is costing an estimated $500 billion every month. The total cost of cybercrime is expected to reach $6 trillion by the end of the year.

At the current trajectory, the total cost will reach $10.5 trillion annually in 2025.

6. Malware is taking an increasingly large toll.

7. Cyrptojacking spikes with cryptocurrency value.

In order to generate cryptocurrency (i.e. mining), a cryptocurrency miner needs to harness significant amounts of CPU power. This can be expensive to buy on its own – but it’s free if a hacker can steal this power instead.

Cryptojacking malware steals your CPU cycles to mine cryptocurrency. After a boom that lasted until March 2019, however, cryptojacking attempts have been on a sharp decline for the last few years (a 40% drop was reported in early 2020).

But with cryptocurrency values going through the roof in 2020 and 2021, many believe cryptojacking attempts will once again spike.

The evidence suggests this is true. After an increase in the value of Bitcoin, blocked cryptojacking attempts spiked to over 48,000 in June 2020, and they have since continued to ebb and flow with the rise and fall of Bitcoin.

7. Cyrptojacking spikes with cryptocurrency value.

8. Hackers are coming for your phone.

As if everything else weren’t enough, your phone is now a major target. Mobile malware targets older versions of Android apps, and malicious apps now populate both the Apple and Android app stores.

About 24,000 malicious apps are blocked every day — a volume that virtually guarantees at least a few malicious apps are getting through.

8. Hackers are coming for your phone.

9. You’re not as ready as you think you are.

Despite the eight points you’ve read already, it’s likely that your home network or business still isn’t prepared for a cyberattack.

A survey of over 4,000 organizations shows that over 70% are unprepared to face down even the most basic attempt at a security breach.

9. You’re not as ready as you think you are.

10. You should be watching out for phishing attacks.

Even in the age of security awareness training, the vast majority of cyberattacks stem from phishing. 9 out of 10 cyberattacks start with a simple phishing email, and trick users into handing over important information.

Even if you think you’re savvy to this kind of threat, phishing attacks are becoming increasingly more invasive and more sophisticated every day.

10. You should be watching out for phishing attacks.

11. Most malware comes via email.

In line with the study above, email is basically radioactive when it comes to cyberattacks. Out of 50,000 security incidents, email is responsible in 92% of cases.

Second place was taken by browser-based malware such as “drive-by-downloads” at a paltry 6%.

11. Most malware comes via email.

12. Most cybercriminals want cash.

Forget reasons such as petty revenge, industrial espionage, nation-state espionage, and simple activism/vandalism – most cybercriminals only want your money.

76% of attackers are motivated by financial gains, with organized criminals making up the majority of attackers.

12. Most cybercriminals want cash.

13. Most customers think that their data is not protected.

With companies leaking data in security breaches left, right, and center, it’s understandable that customers feel that their data privacy is not getting the protection it deserves.

Only 25% of consumers feel safe that their data is not vulnerable to hacks, leaks, and security breaches.

13. Most customers think that their data is not protected.

14. Companies have started investing in privacy.

In response to consumers not feeling safe, large companies are beginning to invest in cybersecurity in order to head off mass customer desertions.

But even though it’s seen as important, only 10% of this investment in security will be driven by customers’ privacy concerns.

14. Companies have started investing in privacy.

15. Small businesses are the most susceptible.

If your company has less than 1,000 employees, you are a prime target for malware.

Over 60% of attacks are directed toward this business category, which overwhelmingly lacks the budget and manpower to defend against serious threats.

15. Small businesses are the most susceptible.

Awareness is the Best Defense Against Malware

Malware is still a significant problem. Now more than ever, hackers are interested in breaking into your accounts, collecting your sensitive information, and stealing anything of value from you.

While having an antivirus program is an important first step, they can’t always protect you from your own computer behaviors like clicking harmful links or failing to update your software.

That’s why you need to stay informed, keep learning about the latest malware, and update your antivirus, browser, and operating system regularly in order to be prepared for tomorrow’s emerging threats today.

Feel free to use any of these images and/or analysis on your website or social media, with attribution to SafetyDetectives. 

Malware Statistics, Trends & Facts Resources:

https://www.accenture.com/_acnmedia/pdf-96/accenture-2019-cost-of-cybercrime-study-final.pdf

https://portal.iansresearch.com/content/3792/cat/92-of-malware-is-delivered-through-email

https://www.symantec.com/content/dam/symantec/docs/security-center/white-papers/istr-cryptojacking-modern-cash-cow-en.pdf

https://news.gallup.com/file/poll/244697/181108CrimeWorries.pdf

https://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-january-2019-1769185063-records-leaked

https://hacken.io/research/industry-news-and-insights/no-more-privacy-202-million-private-resumes-exposed/

https://www.cisco.com/c/dam/m/hu_hu/campaigns/security-hub/pdf/acr-2018.pdf

https://newsroom.ibm.com/2018-07-10-IBM-Study-Hidden-Costs-of-Data-Breaches-Increase-Expenses-for-Businesses

https://cybersecurityventures.com/ransomware-damage-report-2017-part-2/

https://www.herjavecgroup.com/wp-content/uploads/2018/07/2017-Cybercrime-Report.pdf

https://www.symantec.com/content/dam/symantec/docs/reports/istr-24-2019-en.pdf

https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-2018-en.pdf

https://www-03.ibm.com/press/us/en/photo/51069.wss

https://cofense.com/wp-content/uploads/2018/02/PhishMe-Enterprise-Phishing-Susceptibility-and-Resiliency-Report_2016.pdf

https://enterprise.verizon.com/resources/reports/DBIR_2018_Report.pdf

https://www.pwc.com/us/en/advisory-services/publications/consumer-intelligence-series/protect-me/cis-protect-me-findings.pdf

https://www.gartner.com/en/newsroom/press-releases/2018-08-15-gartner-forecasts-worldwide-information-security-spending-to-exceed-124-billion-in-2019

https://www.knowbe4.com/hubfs/rp_DBIR_2017_Report_execsummary_en_xg.pdf

https://www.capita.com/sites/g/files/nginej146/files/2020-08/Ponemon-Global-Cost-of-Data-Breach-Study-2020.pdf

https://www.crunchbase.com/hub/cyber-security-startups

https://cybersecurityventures.com/cybercrime-damages-6-trillion-by-2021/

https://www.datto.com/resource-downloads/Datto2019_StateOfTheChannel_RansomwareReport.pdf

https://www.securitymagazine.com/articles/94076-the-top-10-data-breaches-of-2020 https://www.darkreading.com/vulnerabilities—threats/cryptojacking-the-unseen-threat/a/d-id/1338903

https://www.statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-of-breaches-and-records-exposed/

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/threat-landscape-trends-q2-2020

https://www.enisa.europa.eu/publications/enisa-threat-landscape-2020-cryptojacking

About the Author

Andrew Sanders
Andrew Sanders
Writer on technology, information security, and telecom

About the Author

Andrew is a writer on technology, information security, telecommunications, and more