Today, we’re going to discuss a topic that’s more important than ever in 2023 – the number of malware attacks.
Cybercrime has evolved so much that it’s becoming harder and harder for companies to protect themselves against malware. The sophistication of some of these cyberattacks is through the roof as well.
In this article, I’ll show you how common malware attacks have become, and which industries are targeted the most.
While we don’t have data for 2023 yet, Statista shows us the how many malware attacks happened yearly across the world from 2015 to 2022.
Here’s what the data shows:
|Year||Number of Malware Attacks|
|2016||7.9 billion (-3.65%)|
|2017||8.6 billion (+8.86%)|
|2018||10.5 billion (+22.09%)|
|2019||9.9 billion (-5.71%)|
|2020||5.6 billion (-43.43%)|
|2021||5.4 billion (-3.57%)|
|2022||5.5 billion (+1.85%)|
Over the years, it seems that the number of malware attacks has decreased, with 5.5 billion in 2021.
This is a 32.92% decrease from the 8.2 billion attacks in 2015, which is a 7-year difference.
2022 has seen 100 million more malware attacks compared to 2021, though, but this is still a far cry from the numbers we’ve seen in 2015, 2016, 2017, 2018, and 2019.
So far, the situation is looking good but let’s keep looking!
In this section, I will show you which vectors (attack methods) are used by hackers to launch malware attacks on their victims.
Statista provide us with the data:
|Year||Web Malware Attacks||Email Malware Attacks|
|2016||36% (-46%)||64% (+93%)|
|2017||17% (-52%)||83% 9 (+29%)|
|2018||16% (-5.88%)||84% (+1.2%)|
|2019||14% (-12%)||86% (+2.3%)|
Over the years, threat actors have shifted from web-based malware attacks to email-based attacks, showing a change in their attack patterns.
Email malware attacks increased by 160% from 2018 to 2022, and web malware attacks decreased by 79%.
The reason for this is the increased efficiency in email-based malware attacks. There are more attack options and the victims are more vulnerable on their emails.
Plus, these attacks are easier to pull off, as the simplest phishing attacks on email only require an active internet connection, a well-crafted email, and a virus in an attachment.
Let’s take a look at the malware categories used in cyberattacks in selected global regions in 2022:
|Type of Malware||Global||Americas||EMEA||APAC|
*EMEA – Europe, the Middle East, and Africa
**APAC – Asia-Pacific
Multipurpose malware was the most common type of malware used in cyberattacks globally, with Asia Pacific being the prime target.
Infostealers came a close second, with Asia Pacific still receiving the brunt of these attacks.
And then, there are crypto-miners, mobile malware, and ransomware in terms of distribution variety.
Multipurpose malware include trojans, botnets, worms, and more. These are malware who can perform multiple actions across several attack chains.
Most importantly, these malware are able to evade security controls and infiltrate systems with a lower chance of detection.
Next, I’ll show you which sectors have been targeted the most by malware attacks in July-August of 2022.
Here’s the data:
|Industry||Number of Malware Attacks|
|Retail and Consumer Goods||574,926|
|Healthcare and Pharmaceuticals||329,820|
|Power and Utilities||93,662|
|Financial Services and Insurance||93,258|
In July-August 2022, the Education industry was, by far, the most targeted sector by malware attacks, up to 5 million attacks.
This is an 88.79% increase compared to the Retail and Consumers Goods, which has received only 574,926 malware attacks in the same period.
This tells us that, at least for malware, the Education sector is a very attractive target. Since the outbreak of COVID-19, many institutions in this sector have implemented online learning technologies.
This made the victims more vulnerable to attacks, which is why we’re seeing more attacks on educational platforms.
Let’s have a look at how 2022 compared to 2021 in terms of the number of malware attacks distributed across several industries:
This chart confirms what we’ve seen previously – that the Education sector has become the most targeted industry in the world.
There’s been a 157% increase in the number of attacks against the Education sector since between 2021 and 2022.
Finance comes second with an 86% increase, which is almost half as much attacks in the same period.
The Healthcare and Government sectors saw a decrease in the number of malware attacks against them, on the other hand.
This is likely because the Education, Finance, and Retail sectors were the most vulnerable targets in that period.
Lastly, I’ll show you the year-over-year change in the weekly number of malware attacks globally in 2022, by industry:
|Internet Service Provider/Managed Service Provider||28%|
The year-over-year increase in weekly malware attacks between 2021 and 2022 shows that the Healthcare industry is under most weekly attacks.
It has seen a 74% increase in weekly malware attacks. The Education industry has only seen a 43% increase, despite this industry being the most targeted yearly.
All in all, the industries with a year-over-year increase over 50% in weekly malware attacks are:
There’s not much more to say about this. These four industries are especially at risk of being attacked by malware based on the data above.
As of 2023, there have been 5.5 billion malware attacks worldwide, with the most targeted industry being the Manufacturing sector.
According to Statista, the most common cyberthreat worldwide was Riskware, which I should talk about in a future article. Stay tuned for it!
2022 saw more malware attacks compared to 2021, so we’re in an uptrend of cyberattacks as of right now.
Even though 2022 was far away from reaching a peak of yearly global malware attacks (that was in 2018), we’re not any safer.
Cybercrime-as-a-service has become extremely popular in recent months, leading to a new wave of hackers making victims all over the world.
All we can do is prepare ourselves better and become aware about the cybersecurity risks we’re putting ourselves in when going online.
Cyber insurance is especially important for businesses who operate online and who are storing valuable customer data.
Cybercriminals are getting more and more sophisticated in the methods they’re using, so awareness alone doesn’t cut it anymore…
Statista – Annual Number of Malware Attacks Worldwide from 2015 to 2022
Statista – Distribution of Malware Attack Vectors Worldwide from 2018 to 2022
Privacy Affairs – Why Is Phishing So Common & How to Protect Against It?
Statista – Distribution of Cyberattacks in Selected Global Regions in 2022, by Category
Privacy Affairs – Cybersecurity Deep Dive: What Is a Worm Attack?
Statista – Industry Sectors Most Frequently Targeted by Malware Attacks Worldwide from July 2022 to August 2022
Statista – Year-over-Year Change in the Number of Malware Attacks Worldwide Across Selected Industries as of 2022
Statista – Year-over-Year Change in Average Weekly Number of Malware Attacks in Organizations Worldwide in 2022, by Industry
Privacy Affairs – Cybersecurity Deep Dive: What Is Cybercrime-as-a-Service?
Privacy Affairs – What Is Cyber Insurance and How Does It Impact Cybercrime?