Out-of-hours ransomware attacks have a greater impact on revenue

Ransomware attacks at weekends and holidays are throwing victims into disarray, according to a study released by security company Cybereason. 

The report, “Organizations at Risk: Ransomware Attackers Don’t Take Holidays,” surveyed security professionals whose organizations suffered a ransomware attack during a holiday or weekend in the last 12 months. It found 86% of them reported missing holiday or weekend activities with friends and family when responding to these attacks. 

Of those surveyed, 60% take longer to assess the scope of an attack that happened over the weekend or on a holiday. Half said out-of-hours attacks led to a slower response overall. 

One problem was assembling the right team, with just over a third reporting difficulties in getting the necessary people together. When those people do clock in unexpectedly, they might not be fully fit for duty. In fact, 70% were intoxicated when called in to address the attack, the report added. 

Almost an eighth of the survey base said attacks on holidays or weekends cost their organizations more revenue than if they had happened during office hours. 

The adverse effects of weekend and holiday attacks are well-understood. Almost nine in ten said they are concerned about an attack happening during these down periods. Yet over a third of organizations had no specific contingency plan in place to respond to the initial ransomware attack. One in four still hadn't developed such a plan following the first attack. 

Related Resource

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Free download

The health care and manufacturing sectors were the least likely to be prepared for weekend and holiday attacks, Cybereason found. Companies with over 2,000 employees were also less prepared than average to deal with an attack when most people were out of the office. 

Cybereason advised companies to carry out regular table-top exercises simulating a ransomware attack, and warned them to ensure team members can be reached at any time of day. They should also lock down critical accounts over holidays and weekends, it added. 

Research from FireEye last year revealed three-quarters of ransomware attacks happen after hours or over a weekend when security teams are running on a skeleton crew or have gone home entirely.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download