Cybereason released the results of a global survey of over 1,200 security professionals from companies that had previously experienced a successful ransomware attack over the weekend or on holiday. The research reveals a gap between organizational risk and readiness.
“Ransomware attackers don’t take time off for holidays. The most disruptive ransomware attacks in 2021 have occurred over weekends and during major holidays when attackers know they have the advantage over targeted organizations,” said Chief Executive Officer and Co-founder of Cybereason, Lior Div.
He added, “This research proves out the fact that organizations are not adequately prepared and need to take additional steps to assure they have the right people, processes, and technologies in place so they can effectively respond to ransomware attacks and protect their critical assets.”
The survey, titled Organizations at Risk: Ransomware Attackers Don’t Take Vacations, discovered that the vast majority of security professionals in the UAE (93 percent) are extremely concerned about upcoming ransomware assaults. Despite this concern, there appears to be a gap between the threat that ransomware poses to enterprises during these off-hours periods and their readiness to respond — both in terms of manpower and technology — as we approach the holiday season.
The previous successful holiday ransomware attack in the UAE was ascribed by 39 percent of respondents to not having the correct cybersecurity coverage plan or because the organization was only functioning with a skeleton team, indicating a discrepancy between anticipated risk and preparation.
Unfortunately, this has meant that many cybersecurity professionals have had to postpone personal engagements and weekend plans in order to respond to the attacks – 90% of UAE respondents said they have missed a holiday or weekend activity due to a ransomware assault.
In terms of technology, a ransomware assault on their firm was successful for 65 percent of UAE respondents (16 percent more than the global average) because they did not have the proper security solutions in place. The fact that only 44% of respondents said they have an Endpoint Detection and Response (EDR) solution in place was particularly alarming. This is particularly concerning because EDR is a critical component of a strong cybersecurity posture.
This lack of preparedness for ransomware attacks on weekends and holidays has a significant impact on victim organizations, with 60% of UAE respondents stating that it took longer to assess the scope of an attack, 58 percent stating that it took longer to mount an effective response, and 46% stating that it took longer to fully recover from the attack.
Surprisingly, 23% of UAE respondents (double the global average) said their companies had suffered direct revenue losses as a result. This study backs up the notion that assessing, mitigating, remediating, and recovering from a ransomware assault takes longer on a holiday or weekend.
According to the findings of the study, UAE businesses have recognized the need to beef up their cybersecurity defenses and ensure they have the right technology, resources, and strategy in place to avoid being targeted by an attack during the upcoming holiday season. Over the holidays, 77% of respondents said their companies would add new technology, 60% said they would establish a more comprehensive contingency plan, and 50% said they would increase cybersecurity employee coverage.