IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Out-of-hours ransomware attacks have a greater impact on revenue

Seven in ten security pros called in to handle attacks were intoxicated, report finds

"Ransomware" text within binary code

Ransomware attacks at weekends and holidays are throwing victims into disarray, according to a study released by security company Cybereason. 

The report, “Organizations at Risk: Ransomware Attackers Don’t Take Holidays,” surveyed security professionals whose organizations suffered a ransomware attack during a holiday or weekend in the last 12 months. It found 86% of them reported missing holiday or weekend activities with friends and family when responding to these attacks. 

Of those surveyed, 60% take longer to assess the scope of an attack that happened over the weekend or on a holiday. Half said out-of-hours attacks led to a slower response overall. 

One problem was assembling the right team, with just over a third reporting difficulties in getting the necessary people together. When those people do clock in unexpectedly, they might not be fully fit for duty. In fact, 70% were intoxicated when called in to address the attack, the report added. 

Almost an eighth of the survey base said attacks on holidays or weekends cost their organizations more revenue than if they had happened during office hours. 

The adverse effects of weekend and holiday attacks are well-understood. Almost nine in ten said they are concerned about an attack happening during these down periods. Yet over a third of organizations had no specific contingency plan in place to respond to the initial ransomware attack. One in four still hadn't developed such a plan following the first attack. 

Related Resource

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Man at his computer next to title card - whitepaper from ServiceNowFree download

The health care and manufacturing sectors were the least likely to be prepared for weekend and holiday attacks, Cybereason found. Companies with over 2,000 employees were also less prepared than average to deal with an attack when most people were out of the office. 

Cybereason advised companies to carry out regular table-top exercises simulating a ransomware attack, and warned them to ensure team members can be reached at any time of day. They should also lock down critical accounts over holidays and weekends, it added. 

Research from FireEye last year revealed three-quarters of ransomware attacks happen after hours or over a weekend when security teams are running on a skeleton crew or have gone home entirely.

Featured Resources

What 2023 will mean for the industry

What do most IT decision makers really think will be the important trends and challenges in the coming year?

Free Download

2022 Magic quadrant for Security Information and Event Management (SIEM)

SIEM is evolving into a security platform with multiple features and deployment models

Free Download

IDC MarketScape: Worldwide unified endpoint management services

2022 vendor assessment

Free Download

Magic quadrant for application performance monitoring and observability

Enabling continuous updating of diverse & dynamic application environments

View Now

Recommended

Threat hunting for MSPs
Whitepaper

Threat hunting for MSPs

10 Jan 2023
IBM LinuxONE for dummies
Whitepaper

IBM LinuxONE for dummies

4 Jan 2023
Six myths of SIEM
Whitepaper

Six myths of SIEM

3 Jan 2023
Storage's role in addressing the challenges of ensuring cyber resilience
Whitepaper

Storage's role in addressing the challenges of ensuring cyber resilience

3 Jan 2023

Most Popular

Dutch hacker steals data from virtually entire population of Austria
data breaches

Dutch hacker steals data from virtually entire population of Austria

26 Jan 2023
GTA V vulnerability exposes PC users to partial remote code execution attacks
vulnerability

GTA V vulnerability exposes PC users to partial remote code execution attacks

23 Jan 2023
European partners expect growth this year, here are three ways they will achieve it
Sponsored

European partners expect growth this year, here are three ways they will achieve it

17 Jan 2023