A global study by Cybereason revealed that ransomware attacks during holidays and weekends result in greater revenue losses.
In a survey of more than 1,200 cybersecurity professionals, a third said their organisation lost more money during holidays and weekends. Alarmingly, 27% of respondents said they had set up crypto wallets to pay attackers and are learning to negotiate with ransomware actors.
“Ransomware actors tend to strike on holidays and weekends because they know companies’ human defenses often aren’t as robust at those times. It allows them to evade detection, do more damage, and steal more data as security teams scramble to mobilize a response,” said Lior Div, Cybereason CEO and Co-founder.
A total of 44% of companies reduced security staffing during these periods by as much as 70% compared to weekday levels, and an alarming 20% cut staffing by 90%.
“Cybereason found that risk assessment is slower, it takes companies longer to assemble the team to fight the initial attack, which leads to slower remediation and recovery times,” added Div.
As the holiday season approaches, cybersecurity professionals may not have much time to celebrate, as 88% of respondents said they missed holidays and weekends due to ransomware attacks. This number increased to 90% for respondents working in financial services who missed time with family.
“Disrupting cybersecurity professionals’ well-earned downtime and interfering with their personal lives takes a toll on their wellbeing, leads to burnout and causes some people to leave the field altogether,” said Div.
Once attacks occur, more than 30% of respondents said it took them longer to assess the scope, stop and recover from the attack.
“The overall success cybercriminals have attacking on holidays and weekends leads to them more aggressively targeting companies during these times as a way to further fuel their criminal empires,” warned Div.
It’s not all doom and gloom. Ransomware can be prevented. Cybereason encouraged organisations to consider shifting staff, implementing security awareness programmes for employees, moving to managed detection and response strategies, locking down privileged accounts on weekends and holidays, and switching to behavior-based technologies.