Ransomware attackers don't take holidays

Cyber threat actors are no different than any other type of criminal: they are largely opportunists, and will strike when their target has their guard down. In the cyber domain, that means holidays and weekends. According to a Cybereason survey, more than a third of respondents said it took their organization longer to remediate a weekend of holiday cyberattack.

Research from the report found that the surveyed companies decreased staffing during weekends or holidays, which impacts cyber incident detection, remediation, and recovery times. This consequently costs the companies more money, and largely left them unprepared for incidents such as a ransomware attack.

Frequently, the surveyed customers operate on a “skeleton crew” of just-enough employees to manage security operations (SOC). This increases worker burnout, and combined with a global cybersecurity worker shortage, is ripe target material for hackers.

Respondents in the United States and Italy were tied at 97% in agreement that they had missed celebrating a holiday or weekend event due to a ransomware attack. Overall surveyed respondents reported 88% affirmative.

Nearly half of surveyed companies report that only a third of security operations staff are present for holidays and weekends.

Half of the surveyed companies report spending nearly 50% of their time responding to ransomware attacks, followed closely by supply chain attacks at 46%.

Yet, when responding to their greatest threat of ransomware, 38% report that they are “implementing new detection capabilities specifically for ransomware”, while 31% report they are “augmenting staff so we can respond faster.”

Ransomware remains a top cyberattack vector globally. It is increasingly targeting all industry verticals—from healthcare, to military, to education.

So as we are all about to enjoy a Thanksgiving dinner in the United States and browsing for Black Friday deals, just remember, some poor SOC analyst is probably responding to a ransomware attack.


Discover more from Cybersecurity Careers Blog

Subscribe to get the latest posts sent to your email.