Ransomware attacks at weekends and holidays are throwing victims into disarray, according to a study released by security company Cybereason.
The report, “Organizations at Risk: Ransomware Attackers Don’t Take Holidays,” surveyed security professionals whose organizations suffered a ransomware attack during a holiday or weekend in the last 12 months. It found 86% of them reported missing holiday or weekend activities with friends and family when responding to these attacks.
Of those surveyed, 60% take longer to assess the scope of an attack that happened over the weekend or on a holiday. Half said out-of-hours attacks led to a slower response overall.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
One problem was assembling the right team, with just over a third reporting difficulties in getting the necessary people together. When those people do clock in unexpectedly, they might not be fully fit for duty. In fact, 70% were intoxicated when called in to address the attack, the report added.
Almost an eighth of the survey base said attacks on holidays or weekends cost their organizations more revenue than if they had happened during office hours.
The adverse effects of weekend and holiday attacks are well-understood. Almost nine in ten said they are concerned about an attack happening during these down periods. Yet over a third of organizations had no specific contingency plan in place to respond to the initial ransomware attack. One in four still hadn’t developed such a plan following the first attack.
The health care and manufacturing sectors were the least likely to be prepared for weekend and holiday attacks, Cybereason found. Companies with over 2,000 employees were also less prepared than average to deal with an attack when most people were out of the office.
Cybereason advised companies to carry out regular table-top exercises simulating a ransomware attack, and warned them to ensure team members can be reached at any time of day. They should also lock down critical accounts over holidays and weekends, it added.
Research from FireEye last year revealed three-quarters of ransomware attacks happen after hours or over a weekend when security teams are running on a skeleton crew or have gone home entirely.
Some parts of this article are sourced from:
www.itpro.co.uk