Ransomware attacks that take place over the weekend, or during holidays, are usually more damaging to businesses than weekday ones, according to cybersecurity researchers Cybereason.
Surveying more than 1,200 cybersecurity professionals for the “Organizations at risk 2022: Ransomware attackers don’t take holidays” report, the company found that most respondents claimed weekend ransomware (opens in new tab) attacks result in higher costs and greater revenue losses.
In fact, more than a third of respondents who suffered such an incident over a weekend or holiday period said they lost more money, up by almost a fifth (19%) from last year. The travel and transportation industry, as well as the education sector, appeared to be the most affected.
The reason is quite obvious : fewer staff means a slower response time, and a slower response time means threat actors have longer to wreak havoc.
Almost half (44%) of the respondents said their staff drops by as much as 70% on weekends and holidays. A fifth (21%) operate a skeleton crew, as roughly one tenth of their full team signs in for work. Furthermore, just 7% of the respondents said that between 80-100% of their cybersecurity team work during these periods.
The main challenge for businesses – even for large ones with 2,000+ employees – is to assemble their incident response team. Compared to weekday attacks, a third (34%) naturally said this took longer than usual, while 36% said it took longer to stop them and ultimately recover. 37% claimed that assessing the scope of the attack took too long as well.
Cybereason concludes that ransomware continues to be a major threat for business, accounting for almost half (49%) of all incidents SOC teams have to deal with.