Cyber Experts Are Restless Due to Night-Time Cyber Assaults
In the ever-evolving world of cybersecurity, a troubling trend has emerged: ransomware attacks are increasingly happening outside of regular business hours. According to several studies, including those from Darktrace, Arctic Wolf, and Semperis, a significant majority of ransomware attacks occur during non-business hours and weekends.
Darktrace's analysis reveals that 76% of ransomware attacks take place outside of business hours, a trend that echoes in Arctic Wolf's findings, which suggest that 76% of such attacks occur after hours or over the weekend. Last year, Semperis reported that a staggering 72% of ransomware victims were targeted during holiday periods.
One of the most high-profile examples of this trend is the ransomware attack on the Scottish Environmental Protection Agency (SEPA) on Christmas Eve in 2021. The attack, claimed by the notorious Conti ransomware group, resulted in the theft of thousands of SEPA files.
The Conti ransomware group is known for deploying ransomware to extort victims, making them a formidable cybercriminal organization. Hackers like Conti deliberately launch attacks outside of business hours and during holidays, capitalising on reduced staffing levels and the increased likelihood of success.
Staffing challenges and associated costs with overtime wages are key factors behind reduced staffing during holidays or weekends. This leaves security operations teams understaffed, forcing them to drop personal activities and respond to potential incidents due to alerts during non-business hours and weekends.
The study by Arctic Wolf also highlights a decline in the speed of detection and triage within an enterprise during non-business hours. This delay can lead to increased damage and recovery costs for the affected organizations.
The challenges faced by cybersecurity teams are further compounded by alert fatigue, a condition where the constant stream of alerts leads to a decrease in the team's ability to respond effectively to genuine threats. This is a problem that Arctic Wolf's study notes as a significant concern in today's threat landscape, which is defined by round-the-clock attacks that target identity, exploit timing, and drive alert fatigue.
In a statement, Dan Schiappa, Arctic Wolf's president of technology and services, noted that the study highlights the 24x7 nature of the cybersecurity profession and the challenges faced by teams. Among organizations with dedicated security operations centres (SOCs), around 85% reduce staffing levels by up to 50% during holidays or weekends.
As the war against cyber threats continues, it is crucial for organizations to be vigilant, particularly during non-business hours and holidays. Strengthening cybersecurity defences and ensuring adequate staffing during these periods can help mitigate the risks associated with ransomware attacks.
Read also:
- Web3 social arcade extends Pixelverse's tap-to-earn feature beyond Telegram to Base and Farcaster platforms.
- Navigating the Path to Tech Product Success: Expert Insights from Delasport, a Trailblazer in the Tech Industry
- Online Cyber Assaults May Deter Web Usage Among Younger Generations
- Navigating English for Common Tech and Devices Daily Use
