PRODUCT
Back to Newsroom

NEW Cybereason Study Reveals the Damage Caused by Ransomware Attacks Against Businesses on Holidays and Weekends

Nov 16, 2022

Cybereason, the XDR company, today published results from a global study of organizations that had suffered a ransomware attack on a holiday or weekend. The study highlights an ongoing disconnect between the increased risk organizations face from ransomware attacks that occur on holidays and weekends and their readiness to handle them, as year-over-year, ransomware attacks during these times take longer to assess and resolve. 

The higher assessment and remediation times stem from the fact that 44 % of companies reduce security staffing on holidays and weekends by as much as 70 % from weekday levels. Shockingly, 20 % of companies cut security staffing by 90 % from weekday levels. Conversely, only 7% of companies are at least 80 % staffed on holidays and weekends. 

Titled Organizations at Risk: Ransomware Attackers Don’t Take Holidays, the study of 1,203 cybersecurity professionals found that holiday and weekend ransomware attacks result in greater revenue losses than ransomware attacks on weekdays. One-third of respondents said their organization lost more money from a holiday/weekend ransomware attack, up from 13% of respondents in the 2021 study. In the education and transportation industries, the number of respondents reporting higher revenue losses jumped to 43% and 48%, respectively. 

“Ransomware actors tend to strike on holidays and weekends because they know companies’ human defenses often aren’t as robust at those times. It allows them to evade detection, do more damage, and steal more data as security teams scramble to mobilize a response. Cybereason found that risk assessment is slower, it takes companies longer to assemble the team to fight the initial attack, which leads to slower remediation and recovery times,” said Lior Div, Cybereason CEO and Co-founder. 

Financial losses aren’t the only thing businesses are concerned with when it comes to holiday and weekend ransomware attacks. In fact, ransomware attacks disrupt the lives of the security professionals defending businesses with 88 percent of respondents missing a holiday or weekend celebration due to a ransomware attack. These numbers were higher in the financial services industry, where more than 90% of respondents said they had missed out on time with family. 

“Disrupting cybersecurity professionals’ well-earned downtime and interfering with their personal lives takes a toll on their well being, leads to burnout and causes some people to leave the field altogether. The overall success cyber criminals have attacking on holidays and weekends leads to them more aggressively targeting companies during these times as a way to further fuel their criminal empires,” added Div.

Ransomware is preventable and many companies offer endpoint detection & response technologies that will stop the scourge. Implementing a security awareness program for employees, assuring operating systems and other software are regularly updated and patched is a step in the right direction. In addition, ensure clear isolation practices are in place to stop any further ingress on the network or spreading of the ransomware to other devices. And evaluate locking-down of critical accounts when possible. The path attackers often take in propagating ransomware across a network is to escalate privileges to the admin domain-level and then deploy the ransomware.

The full report can be obtained here: Organizations at Risk: Ransomware Attackers Don’t Take Holidays.

Survey Methodology                                                                                                                    The research was conducted by Censuswide in September of 2022 and a total of cybersecurity professionals took part in the survey—with participants from the United States, United Kingdom, France, Germany, Italy, South Africa, United Arab Emirates and Singapore. Major industry verticals covered in the research include the Technology, Manufacturing, Financial Services, Retail, Healthcare, Automotive, Legal and Government sectors.

About Cybereason                                                                                                                             Cybereason is the XDR company, partnering with Defenders to end attacks at the endpoint, in the cloud, and across the entire enterprise ecosystem. Only the AI-driven Cybereason Defense Platform provides predictive prevention, detection, and response that is undefeated against modern ransomware and advanced attack techniques. The Cybereason MalOp™ instantly delivers context-rich attack intelligence across every affected device, user, and system with unparalleled speed and accuracy. Cybereason turns threat data into actionable decisions at the speed of business. Cybereason is a privately held international company headquartered in Boston with customers in more than 40 countries.

Media Contact: 

Bill Keeler

Senior Director, Global Public Relations

Cybereason

bill.keeler@cybereason.com

(929) 259-3261