Are Companies Unprepared For Ransomware Attacks On Weekends And Holidays

BACKGROUND:

In response to reports that a new study produced by Cybereason found that organizations are significantly more vulnerable to ransomware attacks during weekends and holidays, Information Security Expert offers the following comment.

Experts Comments

November 18, 2021
Javvad Malik
Security Awareness Advocate
KnowBe4

Ransomware and other cyber attacks over the holidays are major concern for many organisations, but as criminals apparently evolve and update their tactics on a frequent basis, it can become overwhelming as to how organisations can or should protect themselves.

Organisations should review external sources of threat intelligence as well as internal incident logs to determine accurately what tactics criminals use and where they have gaps in their posture. In many cases, criminals are successful in

.....Read More

Ransomware and other cyber attacks over the holidays are major concern for many organisations, but as criminals apparently evolve and update their tactics on a frequent basis, it can become overwhelming as to how organisations can or should protect themselves.

Organisations should review external sources of threat intelligence as well as internal incident logs to determine accurately what tactics criminals use and where they have gaps in their posture. In many cases, criminals are successful in attacking organisations either through social engineering attacks, by exploiting weak credentials, or unpatched vulnerable systems. 

By focussing on these key areas, particularly raising security awareness among staff, partners, and customers, can help reduce the risk greatly and help organisations take time off during the holidays and sleep better at night.

  Read Less
November 18, 2021
Chris Clements
VP
Cerberus Sentinel

Ransomware gangs often time the “impossible not to notice” final part of their extortion campaigns for holidays and weekends to minimize the possibility of detection. Cybercriminals understand that most organizations operate with skeleton crews of mostly junior staff or even purely on call during these periods that can give them several hours to inflict maximal damage even if detected by an antivirus or monitoring system. The crucial thing to realize is that no one tool is a silver bullet

.....Read More

Ransomware gangs often time the “impossible not to notice” final part of their extortion campaigns for holidays and weekends to minimize the possibility of detection. Cybercriminals understand that most organizations operate with skeleton crews of mostly junior staff or even purely on call during these periods that can give them several hours to inflict maximal damage even if detected by an antivirus or monitoring system. The crucial thing to realize is that no one tool is a silver bullet for preventing or responding to a cyberattack. Rather, it requires a cultural approach to security for an organization to defend against modern threat actors. It requires a holistic approach including skills and awareness training, a review of all areas of the organization that could lead to security vulnerability and layered defenses that assumes one or more primary security controls has failed or been bypassed by the attacker in forming a protective strategy.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.