Companies caught off guard by holiday and weekend ransomware attacks
Ransomware attackers are exploiting the fact that organizations have fewer security staff available at weekends and holiday times in order to launch more devastating attacks.
A new report from Cybereason shows 44 percent of companies reduce security staffing over holidays and weekends by as much as 70 percent compared to weekday levels. 21 percent reduce staff by as much as 90 percent.
The study, based on a survey of more than 1,200 cybersecurity professionals, finds that attacks occurring at weekends and during holidays result in higher costs and greater revenue losses for organizations than attacks that take place on weekdays. More than a third of respondents who experienced a ransomware attack on a weekend or holiday say their organizations lost more money as a result, a 19 percent increase over 2021. Clearly the attackers aren't as keen to take time off.
"Ransomware actors tend to strike on holidays and weekends because they know companies' human defenses often aren't as robust at those times. It allows them to evade detection, do more damage, and steal more data as security teams scramble to mobilize a response. Cybereason found that risk assessment is slower, it takes companies longer to assemble the team to fight the initial attack, which leads to slower remediation and recovery times," says Lior Div, Cybereason CEO and co-founder.
Of respondents whose organizations had been hit on a weekend or holiday 34 percent say it took them longer to assemble their incident response team. A little more than a third (37 percent) say it took them longer to assess the scope of the attack, and 36 percent say it took them longer to stop and recover from the attack. The numbers are even higher in the US, where 44 percent of respondents say it took them longer to assess and respond to a weekend/holiday ransomware attack.
The survey results highlight the fact that traditional Monday to Friday staffing models are out of step with cyberthreats and can leave organizations vulnerable. 88 percent of respondents have missed a holiday or weekend celebration due to a ransomware attack. In the financial services industry more than 90 percent of respondents say they have missed out on time with family.
"Disrupting cybersecurity professionals' well-earned downtime and interfering with their personal lives takes a toll on their wellbeing, leads to burnout and causes some people to leave the field altogether. The overall success cyber criminals have attacking on holidays and weekends leads to them more aggressively targeting companies during these times as a way to further fuel their criminal empires," adds Div.
You can read more on the Cybereason blog.