Malware statistics have been a sweeping problem across the US for decades now, affecting companies and individuals in almost equal measure.

What is malware? 

The term is a contraction of the words “malicious” and “software.” So, any software that has been created to cause harm is called malware. Things like viruses, trojans, ransomware, and spyware are all examples.

More often than not:

Malware is created by hackers, even groups of them. The motivations of these hackers can be diverse, but the main reasons they apply themselves to cybercrime are to extract money from victims or test security protocols or make political statements or protest. 

Mobile malware statistics 2019 and for the past five years highlight the fact that some hackers have even been known to work with governments in order to target the online infrastructure of rival countries.

Which means that:

No matter the reason why malware is on your computer, the effect is the same - bad news for the infected party.

Which is why:

It’s imperative that both individuals and companies make malware awareness, prevention, and security their number one priority. By doing this, they can protect themselves from malware. 

With that said, let’s dive in.

Worrying Malware Facts (Editor’s Choice)

  • Over the last decade, there has been an 87% increase in malware infections.
  • At present, over 92% of all malware is delivered by email.
  • Android devices and users made up 98% of all mobile malware targets.
  • Nearly 30% of all email phishing targets open the messages from hackers. 11% of those also click on a malicious link or attachment.
  • According to 83% of experts, ransomware attacks in 2020 are set to reach an all-time high.
  • Nearly 50% of ransomware victims have been known to pay the ransom.
  • The US has the most malware attacks per year, 34% higher than any other country.
  • In 2015, a Russian cyberattack group named “Peace” was able to successfully hack LinkedIn security protocols, which led to 117 million customers having their details compromised.
  • Malware effects have been projected to cost the US government $5 trillion by 2021.

Global Malware Statistics

1. Malware attacks cost the average US business well over $2 million.

At present, computer viruses statistics show that malware attacks in 2019 have been recorded as costing the average US company an average of $2.4 million per year.

2. Five-year forecasts for malware security are set to be in the $1 trillion ballpark.

Analysts predict that malware security spending forecasts for US businesses in 2020 will break the trillion-dollar mark easily.

3. A malware attack can cost 50 days in time.

Hacking statistics show that the average recovery time for a business or individual from a malware attack can be close to two months.

4. Cybercrime costs have risen by over 20%.

Worryingly, from 2018 to 2019 cybersecurity costs jumped up by a whopping 23.7%

5. The global cybercrime has gone up dramatically in recent years.

Reports incorporating malware statistics by operating system have received data showing that the average global cost of cybercrime increased by over 27% in 2017 and went up by a further 32% in 2019.

6. Information loss forms 47% of expenses.

Computer viruses statistics show that malware attacks bring a host of expenses. Of these, the expense of information loss is by far the most costly, with close to half of malware costs being attributed to it.

7. 2019 saw ransomware damage in excess of $5 billion in the US.

2019 proved to be a costly year in the US, with ransomware damage exceeding $5 billion, a full 38% higher than 2018.

8. Security breaches in the US can cost $225 per record.

Globally, the average cost per cybercrime stolen record is around $140

However in the US the cost is considerably higher, making security breaches in the US the most costly.

9. For every 50,000 breached records due to malware, a cost of $6.3 million is incurred.

This is huge! The financial losses malware does to large companies is truly mind-blowing, so they need to take cybersecurity far more seriously than they have been so far.

10. Global malware damage is set to hit the $6 trillion dollar mark by the end of 2020.

Cybercrime, particularly malware, has caused billions of dollars of damages over the last few years. This is projected to rise even further in 2020.

Recent Malware Attacks and Breaches

Malware facts show that attacks ran wild in 2019 and resulted in nearly 80% of all large corporations taking a hit from cybercriminals. In addition to corporations, millions of users across the US were targeted and fell victim to malware attacks.

Below we’ve gathered the attack and breach statistics on malware-related cybercrime, to give you an overview of the landscape regarding malware in North America.

11. Yahoo had 3 billion accounts compromised.

In 2013, global giant Yahoo saw a mind-boggling 3 billion email accounts compromised.

As a result, cybercriminals gained access to sensitive customer information in what remains the largest breach of its kind to date.

12. Reports show that 37.5 million records were stolen in one of the largest malware heists in history.

In 2015, servers at Anthem Inc. were compromised by hackers. The breach resulted in over 37 million records being stolen.

13. Myspace once had 360 million accounts compromised by malware.

In 2016, former social media giant Myspace was successfully targeted, resulting in lost data from over 360 million accounts.

14. Uber suffered the most public of breaches in 2017.

Uber, one of the world’s largest companies, suffered a major breach in 2017. The business giant was hacked and lost 50 million records of riders, 7 million driver records, and 600,000 US driver’s license details.

Worse than the breach was Uber’s dealings approach to the breach. It tracked down the hackers and tried to pay them off in order to keep the breach quiet. The result was a more public humiliation than would have normally happened.

15. Marriot International lost over 500 million user accounts due to malware breaches.

Malware infection statistics highlight the Marriot data attack as one of the worst in cybercrime history.

During 2018, Marriot was targeted and victimized by a group of hackers. The attack targeted US accounts in a bid to steal and share personal info for profit. Over half a billion user accounts were compromised.

16. Nearly 80,000 accounts were lost by the Maryland Department of Labor in 2019.

The Maryland Department of Labor experienced a huge malware breach in 2019 when hackers were able to use malware to breach the department’s data. Malware attack statistics clearly reveal how the attack led to 78,000 names, addresses and social security numbers being stolen.

Malware and Small Businesses

Small businesses are the beating heart of the US economy. Although large companies contribute greatly toward the economic health of the US economy, it is the thousands of small businesses across the nation that help the country to maintain its foothold in the world economy.

Which means that:

Without small businesses, our country would start to lose its economic momentum.

So, we decided to list some facts about computer viruses below, and we also highlighted the effects of such actions on small businesses:

17. Almost 50% of malware attacks are aimed at small businesses.

Malware trends and trojan horse computer virus facts show that annually, 47% of all malware attacks carried out in the US target small businesses.

18. Almost 10% of all US businesses experienced a cyberattack weekly in 2019.

Analysts report that 8% of small US businesses experienced consistent cyber attacks on a weekly basis throughout the whole of 2019.

19. The majority of small businesses are not ready to deal with malware attacks.

Antivirus statistics show that 73% of small businesses are unprepared to deal with a cyberattack of any kind. These businesses have no protocols in place to combat malware, and some of them (28%) do not have any specialized antivirus software protecting their servers and network.

20. Almost 90% of small businesses feel IT security is a cost they can cut back on.

For most small businesses in the US, the area of IT security seems frivolous and a cost which their company can do without. This type of negligent attitude, displayed by nine out of ten small businesses, leaves gaping holes in security. And hackers will no doubt seek methods to exploit them.

21. Over 66% of small businesses will encounter a malware issue on any given day in the US.

Ransomware statistics show that 69% of small businesses are estimated to encounter malware attacks on a standard US working day.

22. Over 80% of small businesses in the US are in need of malware security.

Internet security statistics show 85% of small businesses need to purchase or upgrade their current cybersecurity measures. Most small businesses are trying to coast by on freemium security software, which is limited and ineffective as a commerce solution. 

What’s worse:

Cybercrime statistics suggest other small businesses have opted to not even invest additional funds into cybercrime defense.

23. Over 50% of small businesses have not invested in creating malware protocols.

51% of small businesses have been reported to have said they do not allocate any money to creating malware protocols. Which means that not only are they grossly underprepared and open to attack from cybercriminals, but they also have no customer services in place to deal with any problems in case of a successful malware attack.

24. By the end of 2019, ransomware attacks on small businesses cost damages that amount to almost $12 billion.

Computer virus statistics show that every 14 seconds, one small business in the US falls victim to ransomware.

These statistics were reached after analyzing the effects of ransomware on small businesses in the US during 2019.

25. Almost 50% of malware delivered to businesses originates from email.

Trojan horse virus facts for 2018 and 2019 show that 49% of malware sent to small businesses was delivered via email.

The most common malicious email disguises are bill invoices, email delivery failure notifications, package deliveries, legal/law enforcement message, or a scanned document.

26. 63% of small businesses feel that malware attacks are becoming too hard to deal with.

Spyware facts conclude that nearly two-thirds of small businesses say the malware attacks they have encountered were either too severe to recover from or that the attacks were becoming too sophisticated to combat.

27. Extensive surveys have shown that only 12% of small US businesses rate themselves as being fully effective at dealing with cybercrime.

I another worrying stat, only a small minority of small businesses highly rate their ability to effectively and confidently deal with cybercrime threats.

28. According to data, malware attacks in 2019 resulted in 63% of the victims going out of business.

Computer viruses facts show that just shy of two-thirds of small companies go out of business within six months of a cyber attack.

29. Small businesses value consumer records 66% more than any other data.

A selection of surveys conducted from malware statistics 2018 and incorporating results that span throughout 2019 pointed to the fact that two-thirds of small businesses prioritized consumer records over all else.

30. Analysts say that 67% of consumer records in the US are at risk of being stolen.

After analyzing computer virus facts and statistics for the last decade, experts have concluded that on average, a whopping 67% of consumer records will either be stolen/ or be at risk of being stolen.

31. Most companies view intellectual property as 49% more important than financial information.

A poll conducted on computer virus stats and through various platforms showed that intellectual property is far more important to some people than even company financials.

32. 46% of all credit and debit card information will be compromised at some point.

Alarming results from studies conducted across the US point to the possibility of close to half of all credit and debit card information as being at risk of being stolen by malware attacks.

33. Hackers tend to target the clients of businesses as opposed to employees.

Mobile malware statistics and studies conducted on malware targeting have consistently shown that hackers are more focused on targeting the clients of a business than they are their employees.

Malware statistics 2019 show that only 8% of employee records were targeted.

34. Areas such as business correspondence have been known to attract only 5% of malware threats.

Business correspondence may be important for business but not for hackers. According to reports from 2019, only a small minority of malware threats were aimed at/related to the business correspondence of any small business.

35. There are approximately 11 main types of cyberattack that can threaten a small business.

Malware detection statistics highlight the fact that of cyber attacks that can threaten a small business, the main ones are: 

  • Web-based attacks
  • Phishing
  • Social engineering scams
  • General malware
  • An SQL injection
  • Denial of service
  • Malicious insider
  • Stolen device false alarm
  • Ransomware
  • Cross-site scripting
  • Fake prize or competition wins

36. A negligent employee or contractor is one of the main root causes of data breaches.

Smartphone malware statistics and reports investigating malware across the board and spectrum of technology have found that the root causes of data breaches for small businesses can be listed as follows: 

  • Negligent employee or contractor
  • Third-party mistakes
  • Error in system or operating process
  • Don’t know
  • External (hacker) attacks
  • Malicious insider
  • Other 2%

Data Priorities

Businesses all store and value data in various ways and through varying systems and protocols.

These business priorities can be broken down as follows:

  • 68% store email addresses
  • 64% store phone numbers
  • 54% store billing addresses
  • Small businesses are not investing in cybersecurity
  • 38% regularly upgrade software solutions
  • 31% monitor business credit reports
  • 22% encrypt databases
  • 69% of small businesses do not strictly enforce password policies.

Which means that:

Only 16% of small businesses say they had only reviewed their cybersecurity posture after they were hit by an attack.

That clearly points to the fact that:

Just 16% of small businesses are very confident in their cybersecurity readiness.

The areas that are lacking can be listed as:

Strategy – Having a clearly defined strategy around cybersecurity.

Accountability – Having a leadership role dedicated to cybercrime issues.

And not to mention:

Willingness to respond – Being willing, and more importantly, able to respond effectively following a cybercrime instance.

In addition:

Training – Having a training regime in place that ensures staff are ready and able to respond in the event of a cyber attack.

With the area of:

Insurance – Insurance policies must be inclusive and up to date. The relevant leaders should be aware of how to claim and execute on a policy with maximum efficiency.

Malware and The General Public

Apart from small businesses and large companies, one of the most targeted preferential targets for hackers is “good old Joe public.”

Despite hackers claiming to be statement makers or conduits for change and/or revolution, they are essentially criminals. So, they will target anyone of their choosing. 

Below, we’ve collated some statistics that show how individual users have been affected:

37. Since 2018, worldwide malware attacks have risen by 350% in total.

I one of the most unnerving stats, cybercriminals attacked lots more individual users in the US in 2019 than they did in 2018. According to analysts examining ios vs android malware statistics and other such phenomena, this sudden burst in attacks was related to people’s lax attitude towards malware. And all the while, hackers and cybercrime have been evolving at a record pace.

All this has led to the gulf that now exists between the sophisticated nature of malware and the insufficient or outdated counteraction measures that companies and individual users are clinging to.

38. Over 500 experts said their company wasn't equipped to deal with a malware attack.

A survey of 590 information technology security professionals uncovered the fact their organization was not prepared to deal with a malware attack of a general nature, let alone a targeted or specific one.

39. Over 80% of experts believe 2020 will bring more malware attacks than ever.

Results from recent studies have shown that a massive 81% of cybersecurity experts think this year will see a record number of malware attacks.

40. 75% of users infected with malware had up-to-date endpoint protection.

A round-up of 2019 showed that three-quarters of home users who were affected by malware actually had up-to-date endpoint protection on their machines and network.

The reason these measures were ineffectual had to do with the fact that the malware protection installed was either a freemium product, a trial of a full product, or simply the cheapest option the user could find.

41. Malware cost users more than $75 billion in 2019.

Malware reparations, user outlay, and insurance payouts for 2019 have been listed in the $75 billion per year ballpark.

42. The NotPeyta malware attack was one of the most costly.

The attack losses of the NotPetya malware attack have already exceeded a remarkable $1 billion, and the figures are still being calculated in their entirety, which means that costs will reach even higher figures before the case is resolved.

43. Atlanta has spent more than $5 million on rebuilding its computer infrastructure.

The city of Atlanta has spent huge sums to rebuild its computer network after the SamSam ransomware attack in 2018.

44. The average cost of a malware attack is $133,000 per 100 Americans.

As far as figures go, this figure may be considered a soft estimate, with actual hard stats coming in at least 1.5 more than the amount listed, perhaps even 2.2 more.

To Sum It All Up

As you can see from the malware statistics we’ve shared with you here, the subject matter is as problematic as it is far-reaching.

Costs related to malware are impacting large and small businesses, as well as individual users, and the costs are heavy to say the least.

In order to eliminate these costs, we must as a society invest more time and effort into understanding and defending ourselves against malware in all its forms.

Will it be easy to do so? No. Cybercriminals are an adaptable and persistent breed.

Is it possible? Absolutely. Despite everything, with the right measures and safeguards in place.