Malicious software, referred to as malware, is software that has been designed with the intent to harm, exploit, or cause disruption to devices, servers, and networks. Malware is hidden in links, emails, files, programs, apps, and software and has been planted by cybercriminals to take over devices, track user activity, delete files, spread additional malware, and even steal sensitive data to hold for a ransom. 

As the majority of users are unaware of how common and dangerous malware really is, we’re here to shed some light on the matter. By infecting your devices with malware, you can be spied on, have your devices destroyed, or even your finances stolen, so it is not something you should take lightly. Keep reading to learn 10 malware statistics that you should be aware of in 2022!

Malware on laptop
Want to learn more about malware? Find out the different types of malware in 2022 and discover how to detect and remove malware from your device!

Protect yourself from malware with NordVPN*!

Alarming malware statistics that are a must-know

Not sure how concerned you should be about malware? Take a look at these statistics to see the true state of malware in 2022 – 

  1. There are over 1.3 billion malware programs in the world

The AV-Test institute has recorded accumulated malware since 1984 and currently registers over 450,000 malware programs every single day. According to data collected by AV-Test, there is an average of 11 million malware programs detected every month in the past year.  

  1. There are almost 20 ransomware attempts every second 

Although some forms of malware are declining, ransomware is still on a worrying rise. According to the 2022 SonicWall Cyber Threat Report, ransomware has risen an outstanding 231.7% (up to over 623 million) since 2019, representing approximately 20 attack attempts every single second throughout the year. In fact, the first half of 2021 had more ransomware (over 304 million) than the entire year of 2020! 

  1.  The average ransom demanded through ransomware increased 144% in 2021

The 2022 Unit 42 Ransomware Threat Report revealed that ransomware attackers are becoming greedier than ever and with the average demand being approximately $2.2 million in the US in 2021, a significant increase from the average demand of $200,000 in 2020. Although this is an eye-watering sum, actual ransomware payouts are significantly less than the demand with the average payment being, on average, 42.41% of the initial ransom amount. 

  1. IoT malware attacks rose 700% during the pandemic

A report by Zscaler found that IoT malware attacks are also on the rise with smart TVs, routers, and smartwatches being among the devices that are at most risk. Zscaler analysed over 575 million device transactions and blocked over 300,00 IoT malware attacks during 2 weeks in December 2020 which resulted in a 700% increase when compared to pre-pandemic findings.

  1. Employees are clicking on 3x as many malicious emails as there were before the pandemic 

The pandemic has also led to an increase in malware-infected emails targeting companies. Employees that were deployed to work from home have become the prime target for phishing attacks through emails as their attention is likely diverted through various distractions at home. This leads to a significant increase in unsafe clicks and further confirms that employee naiveté about cybersecurity is one of the greatest vulnerabilities to companies.

Additionally, over two-thirds of respondents that Mimecast interviewed considered it likely, extremely likely, or even inevitable that a malicious email attack will damage their business at some point in 2021. 

  1. Trojans account for over 64% of all malware 

Trojans are a form of malware that is disguised as legitimate programs to seem safe, tricking users into installing them which then infects their devices. Trojans are usually hidden in apps, links, software patches, and email attachments, waiting to be unknowingly installed and used to steal sensitive information and spy on user activity. A Statista study revealed that Trojans are the most widely chosen form of malware for cybercriminals to inflate Windows systems. 

  1. 58% of adults are more worried than ever about becoming a victim of cybercrime 

A survey by Norton found that more than half of adults are concerned about being a victim of cybercrime and a similar proportion (53%) don’t know how to protect themselves from it. Norton also revealed that nearly 330 million (1 in 3) consumers have been a victim of cybercrime in the past year (across 10 countries). This has led to an average of 6.7 hours is spent resolving issues caused by cybercrime, equalling an estimated 2.7 billion hours lost in total. 

  1. 22% of consumers have detected malware on a computer, Wi-Fi network, smartphone, tablet, or other connected devices

Norton’s Cyber Safety Insights Report additionally discovered that nearly a quarter of consumers had detected malware. Perhaps the average user is becoming more aware of what signs to look out for in order to detect malware, potentially leading to less damage caused overall. 63% of respondents claimed that they have taken more precautions online due to their concerns about cybercrime and nearly all victims have reportedly taken reactive steps after detecting malware and unauthorised access such as changing passwords and purchasing security software.

  1. 66% of organisations are not fully confident in their ability to detect and block a malware/ransomware attack

The 2022 Ransomware/Malware Report Resecurity from Cybersecurity Insiders discovered that the majority of respondents are not fully confident that their organisation’s defences are capable of deleting and blocking malware or ransomware before it spreads and infects critical IT systems and files. Despite this lack of confidence, 72% respondents still claim that their organisation’s IT security can detect a ransomware/malware attack within hours.

  1. 1 in 6 mobile users who perform mobile transactions have malware-infected devices 

A Secure-D study used data from 840 million users to find that over 16% of mobile users that have performed mobile translations have infected their devices with malware. Secure-D also estimated that around 110 million Android devices worldwide are infected with malware as of 2021. Due to an increase in monitoring and authentication systems, the Google Play Store is the safest app store to download apps on Android, whilst cybercriminals are turning to other third-party stores to distribute malware-ridden apps.  

How to protect yourself against malware

Although malware can be highly damaging, there are several precautions you can take to avoid falling victim to this cyber threat. Here are a few things you can do to protect yourself against malware in 2022 –

  • Keep your software updated 

Malware can infect your device through outed systems and software vulnerabilities, so it’s crucial to ensure that your device’s software is updated to the latest versions. All software on your phone or PC including various tools, browsers, plugins, and applications will include new security features in addition to fixes to patch vulnerabilities in regular updates to ensure that they cannot be exploited by cybercriminals. Many operating systems including Windows, macOS, Android, iOS, and Linux have the option to turn on automatic updates which is advisable to ensure your device is fully up to date at all times. 

  • Avoid clicking on links

Links and attachments spread through texts, instant messages, and emails can contain malware that is triggered when downloaded, immediately infecting a victim’s device. As this is one of the most common and efficient ways malware can spread, you need to take extra precautions and refrain, whenever possible, from opening any links that are sent to you. If you’re sent an email containing a link by a company, rather than clicking on the link, type the sender’s URL in your browser and complete any necessary actions directly through their website.

Additionally, you should also look out for any tell-tale signs of malware in emails. For example, cybercriminals masking as companies are far more likely to address you as ‘customer’ rather than your name. Malware-ridden emails also often contain misspellings and grammatical errors, so be sure to look out for that when looking through your inbox.

The internet is also crawling with websites that are packed with malware hiding in links, pop-up ads, misleading buttons, and downloadable files. These websites are designed to look identical to a legitimate website that is impersonating, making them difficult to detect. Always check the URL of a website you’re visiting as they usually discreetly swap letters with numbers or deliberately misspell words. 

  • Get a VPN 

A VPN (Virtual Private Network) is a terrific way to increase your security and protect you from malware. As VPNs encrypt user traffic in an impenetrable, virtual tunnel,  hackers are unable to access networks to inject malware. Furthermore, most VPN services provide features that, when utilised, can significantly reduce your chances of falling victim to a malware attack. Even if you’re careful not to click on any ads that appear on a web page, pop-ups can appear or ads can be disguised as buttons, tricking you into accidentally clicking a malicious link or direct malware download. This is most commonly known as malvertising and can be avoided through ad-blocking technology. 

Several popular VPNs have built-in ad blockers that can help you avoid malvertising. For example, Surfshark’s* CyberSec feature is designed to block ads before they even load on a user’s browser. Not only does this speed up your page loading times and reduce bandwidth usage, but it also prevents you from mistakenly clicking on ads that are loaded with malware.

VPNs also provide other tools that are designed to defend against malware. For instance, NordVPN’s Threat Protection feature shields users by scanning all downloaded files and immediately deleting any that contain malware. This feature also stops users from entering any websites that have been blacklisted for hosting malicious software, further guarding them against malware. 

Overall, VPNs cannot block you from all malware. Many forms of malware including phishing attempts and trojans rely on human error to spread. A VPN cannot stop you from opening an email attachment that contains malware, but many have tools that can detect malware-ridden files and erase them before they can infect and damage your device. By blocking ads, a VPN also reduces your chances of accidentally installing malware, making them a worthwhile technology to have. If you want to find out more about how VPNs can protect you, check out the top five uses of a VPN and discover how to avoid phishing attempts using a VPN in 2022!