Of the 500 UK security professionals included in the survey, 37% admitted their organization does not have specific contingency plans in place to mount a prompt response to a ransomware attack during weekend and holiday periods. This is despite all the respondents being at organizations that had previously suffered a successful ransomware attack.
This lack of preparedness has a significant impact on the capabilities of security teams. For example, over two-fifths (43%) of respondents said they required more time to mount an effective response, and close to a third (31%) indicated they need more time to fully recover from an attack over weekend and holiday periods. This is despite 89% confirming they are concerned about attacks taking place during these times.
In another worrying finding from the report, 71% of security professionals surveyed admitted they have been intoxicated while responding to a ransomware attack on a weekend or holiday. Additionally, over nine in 10 (91%) reported missing a holiday or weekend activity because of a ransomware attack.
Having insufficient security tools and solutions were also blamed for successful ransomware attacks by 43% of respondents. The study found that just 69% of organizations had a next-generation antivirus (NGAV) solution deployed at the time of attack, 42% had a traditional signature-based antivirus (AV) in place and only 36% had an endpoint detection and response (EDR) solution.
Lior Div, chief executive officer and co-founder of Cybereason, commented: “Ransomware attackers don’t take time off for holidays. The most disruptive ransomware attacks in 2021 have occurred over weekends and during major holidays when attackers know they have the advantage over targeted organizations.
“This research proves out the fact that organizations are not adequately prepared and need to take additional steps to assure they have the right people, processes and technologies in place so they can effectively respond to ransomware attacks and protect their critical assets.”
The findings provide further credence to the theory that organizations are significantly more susceptible to cyber-attacks on weekends and holidays. Ahead of Labor Day in the US this year, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that ransomware attacks are more likely to be successful over the periods, as IT incident responders will not be at their desks.