Ransomware Attacks on Holidays and Weekends Increase and Take a Greater Toll on Organizations

Ransomware Attacks HolidaysWith 97% of U.S. organizations experiencing a ransomware attack over a weekend or on a holiday, the impacts on response and recovery time are material, including loss of revenue.

As we shift into full gear of the holiday season, organizations are all planning how to address remaining paid time off and company holidays – with IT left attempting to ensure the security of the organization while everyone else is off. And it’s with good measure that IT is conscientious of this need, as Cybereason’s Organizations at Risk report subtitled Ransomware Attackers Don’t Take Holidays shows that ransomware threat actors are stepping up their attack game by targeting a timeframe when an organization is most vulnerable – on holidays and weekends.

According to the report, 88% of organizations worldwide have experienced a ransomware attack on a weekend or holiday. And during those “after hours” timeframes, 67% of organizations are understandably staffed with half of their IT staff or less.

And when comparing the impact of a weekend/holiday ransomware attack with that of one that occurs during the work week, the difference is noticeable:

  • 34% of organizations took longer to assemble their response team
  • 37% took longer to assess the scope of the attack
  • 37% took longer to stop the attack
  • 36% took longer to recover from the attack
  • 31% lost more money

The takeaway from this data is that organizations need to expect that attacks will occur over the holidays and on weekends, making it necessary to improve defenses – specifically around users interacting with phishing emails (the number of initial attack vector for ransomware attacks) who are even less vigilant because they are away from work. It’s necessary to teach these users through Security Awareness Training to scrutinize unexpected emails – especially on holidays and weekends – to address the risk potential of increased ransomware attacks.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews