25 Small Business Ransomware Statistics That Will Shock You

Ransomware is one of the most common ways cybercriminals attack. Basically, they steal data from companies or individuals and demand payment for it.

Many entrepreneurs know about viruses and malware, but they’re unaware of this threat. Taking a look at the most important small business ransomware statistics is a step in the right direction.

So, if you’re running a small business and you’re worried about security, these numbers will give you a clear picture. Let’s jump right in!


Concerning small business ransomware statistics

First, let’s look at some of the most eye-opening stats to get you started:

  • 20% of small businesses have suffered a ransomware attack at some point.
  • A business falls victim to this cyber attack every 11 seconds, 
  • 73% of all ransomware attacks that took place in 2020 were successful.
  • The average ransom for a small business is $5,900.
  • These companies experience 15 to 23 days of downtime after this type of breach.
  • Only 4% of the victims get all of their data back.

General small business ransomware statistics

Now, we’ll take a look at some of the general numbers when it comes to this form of hacker attack:

1. 1 in 5 small businesses has experienced a ransomware attack.

(Source: Datto)

On average, 1 out of 5 small businesses has fallen victim to this crime. The same report suggests those who don’t outsource their IT services are more likely to suffer an attack.

2. 26% of small and medium businesses in the UK have experienced a ransomware attack in 2022.

(Source: Technology Magazine)

Interestingly, a quarter of small and medium businesses in the UK were attacked. In addition, almost half of them (47%) have decided to pay the fee to get their data back.

3. In 2021, a ransomware attack took place every 11 seconds.

(Source: CISA)

Small businesses have to be aware of this threat. Not only that, but hackers are orchestrating such attacks more and more. There was one every 11 seconds in 2021. Additionally, two years prior, there was one every 39 seconds.

4. 73% of all ransomware attacks in 2020 were successful.

(Source: NordPass)

This percentage proves how important cybersecurity is. With 73% of hackers succeeding in their intentions, you’ll have to rethink your defenses.

5. Ransomware is present in 70% of all data breaches.

(Source: Verizon)

Ransomware has become one of the most common ways for hackers to steal money. According to the 2022 data breach report by Verizon, ransomware is present in 70% of them.

6. Ransomware is the sixth biggest cybersecurity threat to small businesses.

(Source: QuickBooks)

Small businesses face all kinds of cyber attacks. According to a 2022 survey, ransomware attacks are the sixth biggest threat they face. They account for 10% of all breaches. Moreover, malware (18%) and phishing (17%) are at the top of the list.

7. 82% of ransomware attacks target companies with 1,000 employees or less.

(Source: ACA International)

Cybercriminals see small businesses as low-hanging fruit. Since their budgets are nowhere near those of large companies, they’re a much easier target. So, those with fewer than 1,000 employees account for a vast majority of such attempts.

8. 84% of managed service providers say small businesses should be concerned with ransomware attacks.

(Source: Datto)

A Datto report from 2020 suggests most MSPs believe ransomware presents a big risk. Other small business ransomware stats suggest the same. 

9. 30% of small businesses say they are very worried about ransomware attacks.

(Source: Datto)

Small businesses are aware of this threat. 30% of them say they are very concerned about it, while 32% are moderately concerned.

Small business ransomware financial facts

Next, we’ll look at how costly these attacks are:

10. 51% of companies that suffer a ransomware attack pay the fee.

(Source: StrongDM)

Slightly more than half of the businesses targeted end up paying the ransom. It’s just that their data and resources are too important to take any risks. Also, giving in to the criminal’s demands is the easiest and cheapest way to continue to operate as usual.

11. The average ransom asked for a small business is $5,900.

(Source: Astra)

When hackers infiltrate a company’s system, they encrypt its files and demand a ransom payment in exchange for decryption. On average, the sum they ask for is $5,900.

12. 24% of all businesses have paid the ransom fee from their pocket at some point.

(Source: CNBC)

Nearly a quarter of all businesses had to give in to their attacker’s demands. That was the only way for them to continue operating. Furthermore, 27% of businesses said their cyber insurance covered it.

13. In one of the most significant ransomware attacks ever, a US insurance company paid a $40 million fee.

(Source: Business Insider)

CNA Financial experienced one of the biggest ransomware attacks ever in 2021. Hackers found their way into its network and stole its data. Both experts and police were involved in the case, but the company ended up paying the $40 million fee.

Small business ransomware security statistics

It’s time to take a look at how these companies protect their data from hackers who are after their money:

14. 30% of small businesses don’t have an incident response plan for ransomware.

(Source: CyberCatch)

A good incident response plan can mitigate the risks and help with the recovery from incidents like this. It’s also important to improvise and adapt it according to the organization’s specific needs. However, 30% of small businesses don’t do this.

15. 35% of businesses with an incident response plan for a ransomware attack never test it.

(Source: CyberCatch)

Just knowing what to do in case of a ransomware attack isn’t enough for most companies. To deal with an incident like this effectively, every business needs to identify any flaws in its plan. Also, every employee has to know their role in it.

16. 21% of businesses don’t store backups offline which could allow them to continue operating after an attack.

(Source: CyberCatch)

Whether or not a business can survive a ransomware attack depends on its data backups. If a company has copies of everything somewhere offline, it could continue to work even while negotiating with the hackers. Still, 21% don’t keep any backups of their data.

17. Essential cyber hygiene can protect businesses from 70% of techniques associated with ransomware.

(Source: Security and Technology)

Even basic cyber hygiene can make a huge difference. However, whether or not the efforts are effective depends on how the company implements them.

18. Small businesses are increasing their cybersecurity budgets, averaging $1.1 million.

(Source: Cisco)

Cisco has reported that companies with 250-499 employees have recently doubled their privacy budgets, reaching $1.6 million on average. Additionally, small businesses with 50-249 workers now spend $1.1 million on average.

Small business ransomware recovery stats

In this section, we’ll look at how these companies recover after suffering a ransomware attack:

19. Downtime after a ransomware attack takes between 15 and 23 days.

(Source: Statista)

Recovering from a ransomware attack can be lengthy. According to data from 2020 and 2021, businesses face a downtime of 15-23 days following an attack. Moreover, downtime is defined as any type of interruption that hinders productivity.

20. 75% of businesses would only survive 3 to 7 days after a ransomware attack.

(Source: CyberCatch)

Ransomware poses a huge threat to uninterrupted business operations. The majority of businesses can’t survive more than 3 to 7 days from falling victim to hackers. What’s worse, 47% wouldn’t last more than 3 days.

21. 99% of all affected companies in 2021 managed to recover at least some of their data.

(Source: Sophos)

Companies are now more likely to retrieve their info after suffering a ransomware attack. In 2021, 99% of those affected managed to recover at least something. This is slightly up from 96% in 2020.

22. Only 4% of those who paid the ransom got their data back in its entirety.

(Source: Sophos)

However, very few companies get everything back. According to data from Sophos, only 4% of small businesses manage to do this.

Small business ransomware facts by industry

Lastly, we’ll look at how companies in specific fields deal with this problem:

23. Nearly 25% of targets are manufacturing companies.

(Source: Security Intelligence)

Manufacturing companies are at the highest risk of suffering a ransomware attack. They account for nearly a quarter of all reported incidents. In addition, professional services follow with 17%. Next in line are government organizations with 13%.

24. 84% of insurance companies would have to close within 3 to 7 days following a ransomware attack.

(Source: CyberCatch)

Companies in the insurance business are least likely to make it past day 7 of a ransomware attack. Due to how much they rely on their data, their only option is to pay the ransom.

25. 31% of accounting firms don’t keep data backups offline.

(Source: CyberCatch)

We mentioned how important backups are. However, 31% of companies in the accounting field don’t do it. Furthermore, 28% of non-profit organizations and 23% of law firms have the same problem.

Wrap up

Now that we’ve looked at the most vital small business ransomware stats, it’s obvious how dangerous these attacks can be. Companies in all fields should take this seriously and do everything they can to keep internet wrongdoers at bay.


What is the most common cyber attack on small businesses?

Malware attacks are the most common tricks hackers choose to pull on their victims. According to small business ransomware statistics, malware (18%) and phishing (17%) are at the top of the list.

What percentage of companies have been hit by ransomware?

20% of all small businesses have suffered a ransomware attack at some point. Data has shown that internet criminals tend to target them more than large enterprises.

What is the average cost of a ransomware attack on a small business?

Small business ransomware statistics show that these companies pay an average of $5,900. Moreover, 51% of them decide to do this as they view their data to be too valuable.


  1. Datto
  2. Technology Magazine
  3. CISA
  4. NordPass
  5. Verizon
  6. Quickbooks
  7. ACA International
  8. Datto
  9. Datto
  10. StrongDM
  11. Astra
  12. CNBC
  13. Business Insider
  14. CyberCatch
  15. Security and Technology
  16. CyberCatch
  17. CyberCatch
  18. Cisco
  19. Statista
  20. CyberCatch
  21. Sophos
  22. Sophos
  23. Security Intelligence
  24. CyberCatch
  25. CyberCatch