PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Ransomware Attacks on Businesses Are Skyrocketing

The ransomware attacks are also largely targeting machines in the US, which accounted for 53 percent of Malwarebytes's ransomware detections. The good news is that ransomware attacks on consumers have gone down.

Michael Kan
 & Michael Kan Principal Reporter

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

(Rob Engelaar/AFP/Getty Images)

There's good news and bad news on the ransomware front: Attacks on consumers are down, but assaults on businesses have been skyrocketing, according to antivirus firm Malwarebytes.

In the second quarter, the company noticed a 363 percent year-over-year increase on ransomware attacks targeting clients running its business software. "Cybercriminals are searching for higher returns on their investment, and they can reap serious benefits from ransoming organizations over individuals," the antivirus firm said in a Thursday report.

Indeed, ransomware incidents have been grabbing headlines for shutting down IT systems at schools and city governments by encrypting data inside a computer and holding it hostage unless victims pay up.

Malwarebytes Ransomware

Ransomware that targets consumers will usually only be able to encrypt a single machine. Hit the IT systems of an organization, however, and the malware can lock a whole fleets of computers. Recently, two Florida cities hit with ransomware decided to pay off the attackers about $500,000 and $600,000, respectively, rather than risk losing municipal data.

"Encrypting business-critical files on any number of (computer) endpoints can supply huge benefits to cybercriminals, including much larger ransom demands and an exponentially higher chance of getting paid," the antivirus firm said.

Ransomware attacks against Malwarebytes' consumer software dropped 12 percent year-over-year in Q2. A year ago, consumer machines made up the bulk of all ransomware targets, but attacks are now going after consumers and businesses almost equally.

Malwarebytes Ransomware 2

The ransomware attacks are largely targeting machines in the US, which accounted for 53 percent of Malwarebytes's ransomware detections. Canada came in second at 10 percent.

Coveware, a separate security firm, has also noticed that hackers behind the attacks have been demanding higher ransom amounts. "In Q2 of 2019, the average ransom payment increased by 184 pecent to $36,295, as compared to $12,762 in Q1 of 2019," the company said in a report last month.

According to Coveware, many of the attacks targeting businesses involve delivering the ransomware by exploiting unprotected Windows systems with the Remote Desktop Protocol (RDP) activated. The hackers also like to use phishing emails that try to trick the victim into installing the ransomware.

The FBI and cybersecurity experts generally advise against victims paying the ransom. Doing so incentivizes the hackers to strike again, and there's no guarantee the encrypted data will be restored. Victims should also check whether free decryption software can release their data from the particular ransomware strain that hit their computer.

About Our Expert

Michael Kan

Michael Kan

Principal Reporter

My Experience

I've been a journalist for over 15 years. I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017, where I cover satellite internet services, cybersecurity, PC hardware, and more. I'm currently based in San Francisco, but previously spent over five years in China, covering the country's technology sector.

Since 2020, I've covered the launch and explosive growth of SpaceX's Starlink satellite internet service, writing 600+ stories on availability and feature launches, but also the regulatory battles over the expansion of satellite constellations, fights with rival providers like AST SpaceMobile and Amazon, and the effort to expand into satellite-based mobile service. I've combed through FCC filings for the latest news and driven to remote corners of California to test Starlink's cellular service.

I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. In 2024 and 2025, the FTC forced Avast to pay consumers $16.5 million for secretly harvesting and selling their personal information to third-party clients, as revealed in my joint investigation with Motherboard.

I also cover the PC graphics card market. Pandemic-era shortages led me to camp out in front of a Best Buy to get an RTX 3000. I'm now following how the AI-driven memory shortage is impacting the entire consumer electronics market. I'm always eager to learn more, so please jump in the comments with feedback and send me tips.

The Best Tech I've Had:

  • My first video game console: a Nintendo Famicom
  • I loved my Sega Saturn despite PlayStation's popularity.
  • The iPod Video I received as a gift in college
  • Xbox 360 FTW
  • The Galaxy Nexus was the first smartphone I was proud to own.
  • The PC desktop I built in 2013, which still works to this day.

Read the latest from Michael Kan

Read full bio