Despite having suffered a ransomware attack during a weekend or holiday in the past, many organizations are still unprepared for further incidents, with lack of contingencies and software solutions resulting in longer response and recovery times.
A report by Cybereason surveying more than 1,200 security professionals around the world found almost half don’t have the right tools to handle such an incident.
Symptomatically enough, 49% of the respondents also said the ransomware attack (opens in new tab) was successful because they didn’t have the right tools. These would include a next-gen antivirus solution deployed at the time of the attack, traditional signature-based antivirus (opens in new tab), or endpoint detection and response solutions (opens in new tab) (EDR).
Drunk texting ransomware operators
The paper, titled “Organizations at risk: Ransomware attackers don’t take holidays”, further claims how nearly a quarter (24%) still lack proper contingencies to ensure a swift response during off-days or hours.
As a result, these businesses are too slow to respond. Almost two-thirds (60%) took too long to assess the scope of an attack, while half (50%) said they needed more time to respond to the attack. A third took longer to fully recover.
Employees are then forced to miss holidays and weekend activities, which oftentimes result in burnout. In many cases (70%), employees were intoxicated while responding to a weekend assault.
As the holiday season approaches, ransomware operators will be as active as ever. Cybereason warns that businesses in retail and transportation industries are high-value targets, given the potential for disruption and lost revenue.
Despite being aware of the target painted across their backs, organizations in these industries aren’t readying themselves for the holidays. Almost a quarter (24%) of organizations in both industries, who suffered a ransomware attack already, said they still didn’t have a specific contingency plan.
“Ransomware attackers don’t take time off for holidays. The most disruptive ransomware attacks in 2021 have occurred over weekends and during major holidays when attackers know they have the advantage over targeted organizations,” said Chief Executive Officer and Co-founder of Cybereason, Lior Div.
“This research proves out the fact that organizations are not adequately prepared and need to take additional steps to assure they have the right people, processes and technologies in place so they can effectively respond to ransomware attacks and protect their critical assets.”