Have Malware Attacks Become More Common?

Alex Popa

By Alex Popa . 22 November 2023

Cybersecurity Journalist

Miklos Zoltan

Fact-Checked this

Today, we’re going to discuss a topic that’s more important than ever in 2023 – the number of malware attacks.

Cybercrime has evolved so much that it’s becoming harder and harder for companies to protect themselves against malware. The sophistication of some of these cyberattacks is through the roof as well.

In this article, I’ll show you how common malware attacks have become, and which industries are targeted the most.


Annual Number of Malware Attacks Worldwide from 2015 – 2022

While we don’t have data for 2023 yet, Statista shows us the how many malware attacks happened yearly across the world from 2015 to 2022.

Here’s what the data shows:

Year Number of Malware Attacks
2015 8.2 billion
2016 7.9 billion (-3.65%)
2017 8.6 billion (+8.86%)
2018 10.5 billion (+22.09%)
2019 9.9 billion (-5.71%)
2020 5.6 billion (-43.43%)
2021 5.4 billion (-3.57%)
2022 5.5 billion (+1.85%)

Over the years, it seems that the number of malware attacks has decreased, with 5.5 billion in 2021.

This is a 32.92% decrease from the 8.2 billion attacks in 2015, which is a 7-year difference.

2022 has seen 100 million more malware attacks compared to 2021, though, but this is still a far cry from the numbers we’ve seen in 2015, 2016, 2017, 2018, and 2019.

So far, the situation is looking good but let’s keep looking!

Distribution of Malware Attack Vectors Worldwide from 2018 to 2022

In this section, I will show you which vectors (attack methods) are used by hackers to launch malware attacks on their victims.

Statista provide us with the data:

Year Web Malware Attacks Email Malware Attacks
2015 67% 33%
2016 36% (-46%) 64% (+93%)
2017 17% (-52%) 83% 9 (+29%)
2018 16% (-5.88%) 84% (+1.2%)
2019 14% (-12%) 86% (+2.3%)

Over the years, threat actors have shifted from web-based malware attacks to email-based attacks, showing a change in their attack patterns.

Email malware attacks increased by 160% from 2018 to 2022, and web malware attacks decreased by 79%.

The reason for this is the increased efficiency in email-based malware attacks. There are more attack options and the victims are more vulnerable on their emails.

Plus, these attacks are easier to pull off, as the simplest phishing attacks on email only require an active internet connection, a well-crafted email, and a virus in an attachment.

Distribution of Malware Attacks in Global Regions in 2022, by Category

Let’s take a look at the malware categories used in cyberattacks in selected global regions in 2022:

Type of Malware Global Americas EMEA APAC
Multipurpose Malware 32% 23% 33% 44%
Crypto-Miners 16% 12% 15% 25%
Ransomware 7% 5% 8% 9%
Infostealers 24% 18% 25% 30%
Mobile 9% 7% 8% 14%

*EMEA – Europe, the Middle East, and Africa

**APAC – Asia-Pacific

Multipurpose malware was the most common type of malware used in cyberattacks globally, with Asia Pacific being the prime target.

Infostealers came a close second, with Asia Pacific still receiving the brunt of these attacks.

And then, there are crypto-miners, mobile malware, and ransomware in terms of distribution variety.

Multipurpose malware include trojans, botnets, worms, and more. These are malware who can perform multiple actions across several attack chains.

Most importantly, these malware are able to evade security controls and infiltrate systems with a lower chance of detection.

Global Industry Sectors Most Frequently Targeted by Malware Attacks from July 2022 – August 2022

Next, I’ll show you which sectors have been targeted the most by malware attacks in July-August of 2022.

Here’s the data:

Industry Number of Malware Attacks
Education 5,130,197
Retail and Consumer Goods 574,926
Healthcare and Pharmaceuticals 329,820
Telecommunications 141,598
Power and Utilities 93,662
Financial Services and Insurance 93,258

In July-August 2022, the Education industry was, by far, the most targeted sector by malware attacks, up to 5 million attacks.

This is an 88.79% increase compared to the Retail and Consumers Goods, which has received only 574,926 malware attacks in the same period.

This tells us that, at least for malware, the Education sector is a very attractive target. Since the outbreak of COVID-19, many institutions in this sector have implemented online learning technologies.

This made the victims more vulnerable to attacks, which is why we’re seeing more attacks on educational platforms.

Year-Over-Year Change in Global Malware Attacks in 2022, by Industry

Let’s have a look at how 2022 compared to 2021 in terms of the number of malware attacks distributed across several industries:

Industry Year-Over-Year Change
Education +157%
Finance +86%
Retail +50%
Healthcare -15%
Government -58%

This chart confirms what we’ve seen previously – that the Education sector has become the most targeted industry in the world.

There’s been a 157% increase in the number of attacks against the Education sector since between 2021 and 2022.

Finance comes second with an 86% increase, which is almost half as much attacks in the same period.

The Healthcare and Government sectors saw a decrease in the number of malware attacks against them, on the other hand.

This is likely because the Education, Finance, and Retail sectors were the most vulnerable targets in that period.

Year-Over-Year Change in Weekly Malware Attacks in 2022, by Industry

Lastly, I’ll show you the year-over-year change in the weekly number of malware attacks globally in 2022, by industry:

Industry Year-Over-Year Change
Education/Research 43%
Government/Military 46%
Healthcare 74%
Communications 27%
Internet Service Provider/Managed Service Provider 28%
Finance/Banking 52%
Utilities 48%
Insurance/Legal 47%
Manufacturing 36%
Leisure/Hospitality 60%
SI/VAR/Distributor 18%
Retail/Wholesale 66%
Transportation 41%
Software Vendor 37%
Consultant 19%
Hardware Vendor 25%

The year-over-year increase in weekly malware attacks between 2021 and 2022 shows that the Healthcare industry is under most weekly attacks.

It has seen a 74% increase in weekly malware attacks. The Education industry has only seen a 43% increase, despite this industry being the most targeted yearly.

All in all, the industries with a year-over-year increase over 50% in weekly malware attacks are:

  • Healthcare at 74% YoY increase
  • Retail/Wholesale at 66% YoY increase
  • Leisure/Hospitality at 60% YoY Increase
  • Finance/Banking at 52%

There’s not much more to say about this. These four industries are especially at risk of being attacked by malware based on the data above.


As of 2023, there have been 5.5 billion malware attacks worldwide, with the most targeted industry being the Manufacturing sector.

According to Statista, the most common cyberthreat worldwide was Riskware, which I should talk about in a future article. Stay tuned for it!

2022 saw more malware attacks compared to 2021, so we’re in an uptrend of cyberattacks as of right now.

Even though 2022 was far away from reaching a peak of yearly global malware attacks (that was in 2018), we’re not any safer.

Cybercrime-as-a-service has become extremely popular in recent months, leading to a new wave of hackers making victims all over the world.

All we can do is prepare ourselves better and become aware about the cybersecurity risks we’re putting ourselves in when going online.

Cyber insurance is especially important for businesses who operate online and who are storing valuable customer data.

Cybercriminals are getting more and more sophisticated in the methods they’re using, so awareness alone doesn’t cut it anymore…


StatistaAnnual Number of Malware Attacks Worldwide from 2015 to 2022
StatistaDistribution of Malware Attack Vectors Worldwide from 2018 to 2022
Privacy Affairs Why Is Phishing So Common & How to Protect Against It?
StatistaDistribution of Cyberattacks in Selected Global Regions in 2022, by Category
Privacy AffairsCybersecurity Deep Dive: What Is a Worm Attack?
StatistaIndustry Sectors Most Frequently Targeted by Malware Attacks Worldwide from July 2022 to August 2022
StatistaYear-over-Year Change in the Number of Malware Attacks Worldwide Across Selected Industries as of 2022
StatistaYear-over-Year Change in Average Weekly Number of Malware Attacks in Organizations Worldwide in 2022, by Industry
Privacy AffairsCybersecurity Deep Dive: What Is Cybercrime-as-a-Service?
Privacy AffairsWhat Is Cyber Insurance and How Does It Impact Cybercrime?

Leave a Comment