Almost two-fifths of businesses in the U.S., Canada, the U.K., and Germany have been hit in the last year by a ransomware attack, according to a survey by security firm Malwarebytes.
Even bearing in mind that Malwarebytes is not coming at this from a neutral standpoint—it sells defenses against ransomware—the results of its survey are startling. The company found that nearly 80% of U.S. companies suffered a cyberattack of some kind in the last year, with 47% experiencing a “ransomware incident.”
Ransomware is a particularly nasty strain of cybercrime where criminals break into the victim’s computers and encrypt files or whole drives, then usually demand payment to give people access to their data. Victims range from individuals and businesses to universities and, disgracefully, healthcare providers.
Get Data Sheet, Fortune’s technology newsletter.
Malwarebytes’ survey, conducted by Osterman Research, took in the experiences of 540 IT directors and managers, chief information officers, and chief information security officers from companies with an average of 5,400 employees.
The U.S. seems to be the hardest-hit country, with 22% of American firms reporting over 20 cyberattacks of some kind during the past year. For the other surveyed countries, that number ranged between 8-10%.
Specifically regarding ransomware attacks, almost half came from employees clicking on something they shouldn’t have in emails—this was a particularly successful tactic in the U.S. and Germany. The targets were mid-level managers or higher approximately 80% of the time.
Two-fifths of the time, the attackers encrypted data on more than one computer. In nearly 60% of cases, the attackers demanded over $1,000 to decrypt the data. In 1% of cases, they wanted over $150,000.
Of course, paying up doesn’t guarantee that all-important decryption. More than 40% of victims paid up.
Healthcare and financial services firms were particularly heavily targeted, and 3.5% of respondents to the survey said lives had been at stake. More than 60% of the attacks took a whole business day to clean up, and more than a third of victims lost revenue as a result of the attacks.
For more on cybersecurity, watch our video.
“Over the last four years, ransomware has evolved into one of the biggest cybersecurity threats in the wild, with instances of ransomware in exploit kits increasing 259% in the last five months alone,” said Malwarebytes senior security researcher Nathan Scott in a statement.
It’s no surprise that ransomware attacks are on the increase—they make millions for the criminals behind them.
Cybersecurity company PhishMe also released a report this week that confirmed ransomware is, for now, here to stay.
“Barely a year ago, ransomware was a concerning trend on the rise,” said PhishMe CEO Rohyt Belani. “Now, ransomware is a fully established business model and a reliable profit engine for cybercriminals, as threat actors involved treat it as a legitimate industry by selling information, tools and resources to peers based all around the world.”
