Ransomware Attacks on Holidays and Weekends Increase and Take a Greater Toll on Organizations

Stu Sjouwerman | Dec 2, 2022

Ransomware Attacks HolidaysWith 97% of U.S. organizations experiencing a ransomware attack over a weekend or on a holiday, the impacts on response and recovery time are material, including loss of revenue.

As we shift into full gear of the holiday season, organizations are all planning how to address remaining paid time off and company holidays – with IT left attempting to ensure the security of the organization while everyone else is off. And it’s with good measure that IT is conscientious of this need, as Cybereason’s Organizations at Risk report subtitled Ransomware Attackers Don’t Take Holidays shows that ransomware threat actors are stepping up their attack game by targeting a timeframe when an organization is most vulnerable – on holidays and weekends.

According to the report, 88% of organizations worldwide have experienced a ransomware attack on a weekend or holiday. And during those “after hours” timeframes, 67% of organizations are understandably staffed with half of their IT staff or less.

And when comparing the impact of a weekend/holiday ransomware attack with that of one that occurs during the work week, the difference is noticeable:

  • 34% of organizations took longer to assemble their response team
  • 37% took longer to assess the scope of the attack
  • 37% took longer to stop the attack
  • 36% took longer to recover from the attack
  • 31% lost more money

The takeaway from this data is that organizations need to expect that attacks will occur over the holidays and on weekends, making it necessary to improve defenses – specifically around users interacting with phishing emails (the number of initial attack vector for ransomware attacks) who are even less vigilant because they are away from work. It’s necessary to teach these users through Security Awareness Training to scrutinize unexpected emails – especially on holidays and weekends – to address the risk potential of increased ransomware attacks.

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.