The latest malware statistics show that 10% of all computers were attacked by malicious programs in the first half of 2021.
Cyberattacks are an everyday thing now, and we are all slowly getting used to the idea that there are dangers around us. But somehow, we still don’t act accordingly.
Installing an antivirus is not enough—we have to combine it with proper computer hygiene.
What does that mean?
Take a look at the statistics we have collected here, and you will get the idea. In this article, you will find some incredible stories about how a simple oversight can cause billions in damages and how the losses could have been prevented.
Important Malware Facts – Editor’s Choice
- 75% of all malware in the first half of 2021 had been delivered by email
- 52% of businesses reported a growing volume of cyberattacks in 2021
- New malware is discovered every 0.2 seconds
- More than 83% of new malware is targeting Windows systems
- The global endpoint security market size in 2021 was worth $9.51 billion
- Viruses make around 15% of all malware
- Two thirds of cybersecurity professionals report shortages of dedicated cybersecurity staff
- 59% of financial companies have more than 500 passwords that never expire
Most Common Types of Malware and Their Impact
Malware is any piece of software that is created to harm electronic devices such as computers, smartphones, etc. The motives are mainly financial gains but could also be cyber warfare, and these two are often intertwined. There are many forms of malware out there, but the most common ones are worms, viruses, botnets, trojans, spyware, and phishing attempts.
1. New malware is discovered every 0.2 seconds on average.
(AV-Test)
The German AV-Test institute registers new malware every 0.2 seconds, which amounts to almost 432,000 pieces of malware every day. The malware analysis showed that nearly 95% is designed for Windows, 3,2% is for Android, and 0,11% is for macOS.
The macOS structure makes it unpopular amongst hackers because it is compartmentalized and doesn’t allow viruses to run freely across the sectors. But, of course, if you are a Mac user, this doesn’t mean you should stop being careful. Even though they are less likely to become a computer virus victim, MacOS users are still susceptible to phishing and brute force attacks.
2. The malware infection statistics show that 75% of all malware in the first half of 2021 had been delivered by email.
(HP Wolf Security)
Emails are still the most popular way of distributing malware. Around 49% of phishing emails used invoices and other business transactions as bait, while another 15% were created as replies to intercepted company or personal emails. This method is called email thread hijacking, and new employees are one of the most susceptible categories since they are still learning about company structure and other employees.
3. 52% of the ransomware victims pay the ransom.
(Mimecast)
Unfortunately, the malware attack statistics show that 34% of individuals and organizations who paid the ransom never got control of their data back. On average, ransomware incidents cause six days of downtime, but 37% of the companies reported more than a week.
4. More than 3 million new pieces of mobile malware were detected in the last quarter of 2020.
(McAfee)
This is a significant increase from the previous quarter when more than a million and a half were discovered. A large percentage of this malware was related to Covid vaccination. According to McAfee’s mobile malware statistics, more than 90% of all pandemic-related malware are trojans. They take complete control of the device, access the user’s data, and transfer additional malware.
5. An average company using Windows RDP (Remote Desktop Protocol) receives more than 600 failed login attempts.
(Sophos)
Due to the pandemic, many companies had to turn to remote work, and Windrows RDP was one of the preferred methods. This, in turn, led to an increase in brute force login attempts. This is one of the most common types of unsophisticated cyberattacks.
Hackers use a vast number of username and password combinations to gain access to the company’s RDP. Hacking statistics show that the most commonly used usernames are administrator, admin, user, ssm-user, and test.
6. 40% of large companies have more than 10,000 ghost users.
(Varonis)
Furthermore, 59% of financial companies have more than 500 passwords that never expire. These numbers are every hacker’s wildest dream. Ghost (inactive) users are an easy way for them to gain access to the company’s servers, especially if they are combined with passwords that never expire.
It all comes down to the fact that the hackers are only as good as we allow them to be. Bad computer hygiene has led to some of the most famous data breaches, Colonial Pipeline being the latest.
Interesting Antivirus Statistics
7. Norton LifeLock is the most commonly used antivirus program, with more than 13% market share.
(Statista), (Security.org)
Around 12.7% of users prefer Avast, and the percentage of ESET users is not much lower – 11.65%. McAfee, the first antivirus program ever released, is in sixth place, with around 7.5% of the market share. According to studies, more than 30% of antivirus users have free versions.
8. The global endpoint security market size in 2021 was worth $9.51 billion.
(Statista)
The market will continue to grow and is expected to reach $15.6 billion by 2024. Endpoint security is made up of firewalls, antivirus, intrusion detection, and other tools that protect from different types of malware attacks. With the evolution of cyber threats, antiviruses have evolved as well. As a result, the best antivirus software brands now offer much broader protection and can be considered to be endpoint security software.
9. Banking Trojan activity has spiked in the second half of 2020, with a 141% increase.
(McAfee)
The notorious Cerberus source code and BRATA trojan are two of the main contributors to this increase. Thanks to their unique obfuscation features and processes, the hackers managed to slip them through Google’s screening. Android malware statistics show that McAfee found five apps containing this malware on Google Play in 2020.
10. Android’s incorporated malware protection offers limited safety, as it detected only 82% of threats during an independent test.
(AV-Comparatives)
Tests conducted by an independent organization showed that built-in malware protection is not enough to protect Android users. With just under 82% detection rate, Android ranked at the bottom of the list. Antiviruses like Bitdefender, Avira, G Data, and Kaspersky have a 100% detection rate, some of which even with their free versions.
11. Smartphone malware statistics show that more than 57% of new mobile malware in 2020 was adware.
(Statista)
New Android malware appears at a rate of almost half a million per month, and adware is the most common type. It is designed to automatically show or download advertising material when you are online. The most common examples are banners or pop-ups.
12. More than 98% of mobile banking attacks target Android devices.
(Kaspersky)
When it comes to the eternal battle — iOS vs. Android — the malware statistics show that iOS is slightly more secure. This is probably due to its closed architecture. For instance, the software and the hardware are developed together and closely intertwined, unlike Android.
Furthermore, the apps featured in the store are examined in detail and approved by Apple, and iOS doesn’t allow users to side-load software. Android is open-source software, which has its advantages but makes it more vulnerable.
Computer Viruses: Statistics
13. ILOVEYOU (LoveBug) was the first major virus in the world, and it had infected more than 10% of all computers at the time.
(Forbes)
The worm first appeared in 2000 in the Philippines. Even though its creator didn’t have any supervillain intentions (just wanted to steal some passwords to access the internet for free), it caused massive worldwide problems. The malware detection statistics show that it affected every tenth computer in the world.
The worm would infect a computer and then send ILOVEYOU emails to all contacts in the address book. The infection spread very fast, clogging the network with emails. At some point, even the Pentagon, the CIA, and the UK Parliament all shut down their email systems to protect them from the surge. Cybercrime statistics show that the overall damage is assessed to be around $10 billion.
14. Viruses make around 15% of all malware.
(Statista)
When we compare computer virus vs. malware numbers, we can see that viruses are not the most common form of malware. They are in second place on the list, far behind trojans that take up more than 64% of all malware in cyberspace. Worms are in third place, with little under 8%.
15. Mydoom is the most destructive virus so far, with $52.2 billion in damages.
(HP)
Also known as Novarg, this worm appeared in 2004 and caused a massive shake across the internet. The global malware statistics show that, at one point, it was responsible for 25% of all emails sent. Computer worms are a type of virus that is self-contained – it has everything it needs to function. Once it lands in a new device, it starts replicating and infects other connected devices.
In this case, the worm’s objective was to send infected emails to all email addresses it could scrape from the infected device. Even though it was created 17 years ago, Mydoom is still around and generates 1% of all phishing emails.
16. Malware stats show that almost 10% of all computers connected to the internet encountered malware in the second quarter of 2021.
(Securelist)
According to Kaspersky, the global average of computers that come into contact with malware is 9.43%. However, the average numbers are just one part of the story. In countries like Belarus and Mauritania, the percentages are much higher, 23.65% and 19.04%, respectively.
They are followed by Moldova and Ukraine, both with over 18%. The US and Canada are much better, with just 6.24% and 8.86%, respectively.
17. More than 83% of new malware is developed to target Windows systems.
(Malwarebytes), (AV-Test)
A recent study analyzing malware statistics by operating system shows that the percentage of Windows malware is gradually increasing, from 78% in 2019 to 83% in 2020. This is hardly surprising since Windows is the most popular OS in the world. However, there are fluctuations in the percentages over the years, with high spikes or drops.
This is because whenever an effective malware tool appears, it leads to an increase in cyberattacks. For instance, cybersecurity statistics show that macOS had a significant threat increase of over 400% in 2019. In that year, it had almost two times more detections per endpoint than Windows.
Malware Trends and Forecasts
18. Almost 70% of cybersecurity professionals had under a week to set up security when companies turned to remote work during the pandemic.
(ISC)
Furthermore, 22% of cybersecurity professionals state that they had less than a day. It is evident that that’s not enough to set up security protocols and educate the workforce. Only 16% had more than a week to finish these crucial tasks. They were not given more time because 67% of businesses had just under a week to move their operations online. The cybersecurity experts just had to follow clients’ demands.
19. 34% of all security incidents that organizations have experienced in 2020 involved malware.
(SOPHOS)
According to Sophos’s 2021 study, around a third of all cybersecurity incidents involved malware. Malware statistics further show that exposed data and ransomware were involved in 29% and 28% of cases, respectively.
With the organizations forced to use cloud infrastructure due to the pandemic and remote work, there are much more tempting targets for the hackers. As a result, around 70% of IT professionals state that the cloud infrastructure they support has suffered a breach in the last year.
20. 66% of cybersecurity professionals report shortages of dedicated cybersecurity staff in their organizations.
(ISC)
A lack of workers may be the reason behind the grim internet security statistics. But even though there is a shortage of qualified cybersecurity staff, the global workforce gap is actually decreasing. It fell from 4 million to 3.1 million in 2020. 66% of that gap is reported in the Asia-Pacific region, and 12% in the US. Europe contributes to the overall numbers with just 5%.
21. 52% of businesses reported a growing volume of cyberattacks in 2021.
(Mimecast)
Furthermore, 60% reported that the attacks and malware are becoming more sophisticated, which is more worrying. When it comes to malware, quality is more important than quality. The malware statistics lead us to conclude that the vast majority of cyberattacks are low-quality, and they can be spotted easily. But the sophisticated attacks are much more dangerous, especially when distributed to new and inexperienced employees.
22. Even though the overall number of ransomware detections declined by 40% in 2020, ransomware attacks are more dangerous than ever.
(Securelist)
The statistics show that 1.49% of all malware detected in 2019 was ransomware. If we compare ransomware vs. malware total numbers, we can see that the percentage dropped to 1.08% in 2020. These figures would make you think that the situation is improving, but unfortunately, it’s not the case.
Ransomware statistics indicate that the hackers just shifted from conducting mass attacks to highly sophisticated and targeted attacks on large and important organizations because they bring more money. For instance, CNA Financial allegedly paid hackers $40 million to get control of its systems back from the hackers.
Conclusion
The latest malware facts and data show that the digital world is more dangerous than the real world. But, in a way, we are to blame. Most of us don’t take computer hygiene and cybersecurity very seriously. We look both ways before crossing the street but fail to change our passwords occasionally, even though we are more likely to be a victim of malware than a hit and run victim.
The bottom line is that if we were more persistent in maintaining proper computer hygiene, cybercriminals would have a harder time achieving their goals. As long as they view it as easy money with no possibility of getting caught, they will keep developing and marketing new malware.
People Also Ask
The global average of computers that come into contact with any kind of malware is around 9.43%. The percentage is much higher in Belarus and Mauritania, 23.65% and 19.04%, respectively. They are followed by Moldova and Ukraine, both more than 18%. The US and Canada have much lower percentages of computers that come into contact with malware, 6.24% and 8.86%, respectively.
There are more than 450,000 new pieces of malware registered every day. The total malware number recorded by the AV-Test facility from Germany by September 2021 is around 1.27 billion. With the current increase rate, the end-of-year total will probably surpass 1.31 billion. Most malware is designed to attack Windows and Android platforms, as they are most widely used.
Malware is a very important global issue. It is mostly used by cybercriminals for illegal financial gains. And, so far, it has proved to be very lucrative for them. Cybercrime is predicted to cause $6 trillion in damages in 2021. If it was a country, it would be the third-largest economy in the world. It even spawned industries like cybercrime-as-a-service and malware-as-a-service. The experts predict that cybercrime will be more profitable than the illegal drug trade.
Every day, cybersecurity companies discover 450,000 new pieces of malware. The main reason that the number is increasing is that cybercrime is very lucrative. It’s projected to become more profitable than the drug trade. The second reason is that the possibility of getting arrested and convicted is very low. Many high-level attacks are conducted from overseas and are often state-sponsored.
Depending on the malware quality and setup, it could take more than six months or even a year to discover and contain malware. For instance, AIDS Trojan, the first ransomware, was programmed to start after the infected system was turned on 90 times.
A high-quality malware can have long-term consequences. The best proof is Mydoom, a worm that first appeared in 2004. At some point, it was responsible for 25% of all emails sent worldwide. Even now, 17 years later, it still generates around 1% of all phishing emails.
A virus is a specific type of malware that spreads by attaching itself to legitimate files and programs. It is activated when the victim opens the infected application or file. Once activated, it can delete or encrypt files, disable functions, modify applications, etc. The most intriguing type is the polymorphic virus. It can modify its own code to evade detection by antivirus programs. The malware statistics show that 97% of all viruses in 2020 had polymorphic abilities.