Out-of-hours ransomware attacks have a greater impact on revenue
Seven in ten security pros called in to handle attacks were intoxicated, report finds
Ransomware attacks at weekends and holidays are throwing victims into disarray, according to a study released by security company Cybereason.
The report, “Organizations at Risk: Ransomware Attackers Don’t Take Holidays,” surveyed security professionals whose organizations suffered a ransomware attack during a holiday or weekend in the last 12 months. It found 86% of them reported missing holiday or weekend activities with friends and family when responding to these attacks.
Of those surveyed, 60% take longer to assess the scope of an attack that happened over the weekend or on a holiday. Half said out-of-hours attacks led to a slower response overall.
One problem was assembling the right team, with just over a third reporting difficulties in getting the necessary people together. When those people do clock in unexpectedly, they might not be fully fit for duty. In fact, 70% were intoxicated when called in to address the attack, the report added.
Almost an eighth of the survey base said attacks on holidays or weekends cost their organizations more revenue than if they had happened during office hours.
The adverse effects of weekend and holiday attacks are well-understood. Almost nine in ten said they are concerned about an attack happening during these down periods. Yet over a third of organizations had no specific contingency plan in place to respond to the initial ransomware attack. One in four still hadn't developed such a plan following the first attack.
RELATED RESOURCE
The top three IT pains of the new reality and how to solve them
Driving more resiliency with unified operations and service management
The health care and manufacturing sectors were the least likely to be prepared for weekend and holiday attacks, Cybereason found. Companies with over 2,000 employees were also less prepared than average to deal with an attack when most people were out of the office.
Cybereason advised companies to carry out regular table-top exercises simulating a ransomware attack, and warned them to ensure team members can be reached at any time of day. They should also lock down critical accounts over holidays and weekends, it added.
Research from FireEye last year revealed three-quarters of ransomware attacks happen after hours or over a weekend when security teams are running on a skeleton crew or have gone home entirely.
-
Ransomware gangs are sharing virtual machines to wage cyber attacks on the cheap – but it could be their undoingNews Thousands of attacker servers all had the same autogenerated Windows hostnames, according to Sophos
-
Google issues warning over ShinyHunters-branded vishing campaignsNews Related groups are stealing data through voice phishing and fake credential harvesting websites
-
The FBI has seized the RAMP hacking forum, but will the takedown stick? History tells us otherwiseNews Billing itself as the “only place ransomware allowed", RAMP catered mainly for Russian-speaking cyber criminals
-
Everything we know so far about the Nike data breachNews Hackers behind the WorldLeaks ransomware group claim to have accessed sensitive corporate data
-
There’s a dangerous new ransomware variant on the block – and cyber experts warn it’s flying under the radarNews The new DeadLock ransomware family is taking off in the wild, researchers warn
-
Hacker offering US engineering firm data online after alleged breachNews Data relating to Tampa Electric Company, Duke Energy Florida, and American Electric Power was allegedly stolen
-
Cybersecurity experts face 20 years in prison following ransomware campaignTwo men used their tech expertise to carry out ALPHV BlackCat ransomware attacks
-
15-year-old revealed as key player in Scattered LAPSUS$ HuntersNews 'Rey' says he's trying to leave Scattered LAPSUS$ Hunters and is prepared to cooperate with law enforcement
