Ransomware attacks that take place on weekends or holidays are often more damaging to businesses than those that occur on weekdays, according to cybersecurity researchers Cybereason.
Surveying more than 1200 cybersecurity professionals for the "Organizations at Risk 2022: Ransomware Attackers Don't Take Vacations" report, the company found that the majority of respondents said ransomware attacks on weekends (opens in a new tab) resulted in higher costs and greater lost revenue. .
In fact, more than a third of respondents who experienced such an incident over a weekend or holiday period said they lost more money, up from almost a fifth (19%) compared to last year. The travel and transportation industry, as well as the education sector, appear to bear the brunt.
personnel problems
The reason is pretty obvious: fewer staff means slower response time, and slower response time means threat actors have more time to wreak havoc.
Nearly half (44%) of those surveyed said their staff is reduced by up to 70% on weekends and holidays. A fifth (21%) operate a small team, with around a tenth of their full team logging in to work. Additionally, only 7% of respondents said that 80-100% of their cybersecurity team was working right now.
The main challenge for companies, even large ones with 2000+ employees, is building their incident response team. Compared to weekday attacks, a third (34%) naturally said it took longer than usual, while 36% said it took longer to stop and eventually recover. 37% said that assessing the scope of the attack also took too long.
Cybereason concludes that ransomware remains a major threat to businesses, accounting for nearly half (49%) of all incidents faced by SOC teams.