June 2026 — Ransomware groups reportedly increased their revenue by nearly 40% in the first quarter of 2026, highlighting the continued growth of cyber extortion attacks against businesses and organizations.
According to a report cited by TechRadar, cybersecurity firm Rapid7 estimated that ransomware groups generated around $529.2 million in Q1 2026, representing a 39% increase compared with the same period in 2025.
The report said the increase is linked to the growing maturity of the ransomware ecosystem. Cybercriminal groups are increasingly using specialized services, including initial access brokers, who help attackers gain entry into target networks before ransomware is deployed.
Rapid7 reportedly noted that ransomware groups are becoming more organized and resilient, with some operations functioning in a way that resembles legitimate businesses. The report named groups such as Qilin and Gentlemanamong those generating significant revenue during the period.
The findings show that ransomware remains one of the most serious cybersecurity threats facing companies. Attackers often target organizations by stealing data, encrypting systems, and demanding payment in exchange for restoring access or not leaking stolen information.
Security experts continue to recommend that organizations strengthen backup strategies, patch systems regularly, limit remote access exposure, enable multi-factor authentication, monitor suspicious activity, and train employees to detect phishing attempts.
The rise in ransomware revenue also highlights the importance of incident response planning. Companies that prepare before an attack are usually in a better position to reduce downtime, protect data, and recover operations.