Expect ransomware to grow more aggressive in the coming years, including higher ransom payments and attempts to go beyond attacking data — by shutting down entire computer systems to utilities or factories.

“I see no reason for ransomware to stop,” said Neil Jenkins, an official with the U.S. Department of Homeland Security. “It’s shown to be effective.”

On Monday at the RSA cybersecurity conference, experts gave a grim outlook on the future of ransomware, which they fear will spread. Through the attacks, cybercriminals have already managed to rake in $1 billion last year, according to .

The work by first targeting the victim’s data, and encrypting it. The ransomware will then threaten to delete the data, unless a payment, usually in bitcoin, is made.

hit with ransomware that took out its keycard system for the hotel doors. Future ransomware attacks might try to lockdown control systems for a water utility, threatening its operations, Jenkins said.

“I worry that’s going to be the next step,” he said.

Too many important computer systems are also connected to the internet when they shouldn’t be, said Gal Shpantzer, CEO of Security Outliers. Small businesses are also failing to properly segregate their computers from other processes, like a factory assembly line, he said. When a ransomware infection hits, it has the potential to shut down the entire operation.

their data and test to those backups to make sure they work. Security vendors have also that can free computers from some ransomware infections.

When an attack hits, victims may be tempted to pay the hackers the ransom. But Gibbons warned that one out of four times, the hackers still declined to decrypt the victim’s data, despite receiving payment.