INDIANAPOLIS (WISH) — There has been a spike in the number of ransomware attacks across the globe, according to cyber security experts at GuidePoint Security.

There has been a 65% increase in the number of publicly posted ransomware victims globally compared to this time last year.

“We’re already at almost 2,900 public victims of ransomware and that’s just public victims. We’re not seeing the victims that are getting hit with ransomware and then paying that ransom demand because they don’t ever get posted to a leak site,” Drew Schmitt, a cyber security expert, said.

Schmitt gave I-Team 8 a behind-the-scenes look at how a ransomware attack unfolds. Once a hacker gains access to a company, they typically make copies of the company’s data and encrypts it. They then send the company a message to start the extortion process.

More and more attacks are being done by individuals using ransomware created by bigger groups.

“It could be an individual that is in Russia, it could be somebody in the U.K. Maybe even somebody in the United States. They could be anywhere in the world, so it makes a lot of these groups a lot more distributed,” said Schmitt.

Once a company has been hit, hackers use real-time chats to negotiate the ransom with specific information about how much they think the company can pay.

Some hackers even threaten to post the stolen data online if the company does not pony up.

The most impacted industries, according to GuidePoint Security, are manufacturing, technology, banking and finance, education, and healthcare.

49% of all publicly posted ransomware victims are in the United States. Big cyber attacks like the MOVEit hack get publicity, but a lot of the victims are small and medium-sized businesses.

I-Team 8 asked Schmitt if the attacks can be stopped, or if they are just a fact of life.

Schmitt replied, “I don’t want to give up at this point and just say, ‘Hey, it’s a fact of life,’ because I don’t think it needs to be that way. It’s a difficult problem. It’s a complex problem, but I think that, again, if we focus on foundations and fundamentals of cyber security, we start sharing information at a larger scale and we really focus on improving processes and technologies. I think that we can really mitigate a lot of the risk that we’re seeing.”

GuidePoint Security says American companies are likely targeted the most often because they represent a better payday for ransomware hackers.