Companies more susceptible to cyberattacks on public holidays and weekends
Companies often experience cyberattacks at weekends and on public holidays in particular. This is the result of a survey.
(Image: BeeBright / Shutterstock.com)
Companies are particularly vulnerable to cyberattacks on public holidays and weekends, as security staff are often reduced during this time. This has now been confirmed by a new study on ransomware attacks by Semperis, a provider of identity-based cyber resilience. According to the study, an average of 86 percent of the companies surveyed in the USA, the UK, France and Germany were attacked on public holidays or at weekends.
According to the report, 75 percent of companies in this country reduce their security staff by up to 50 percent during these periods. In addition, 50 percent of respondents who were attacked were targeted during important corporate events such as mergers or takeovers. This also happened, for example, after the takeover of payment service provider Change Healthcare by UnitedHealth, whereupon cyber criminals managed to compromise the systems via a security gap in remote access.
Frequent attacks on Microsoft AD or Entra ID
In nine out of ten ransomware attacks, cybercriminals targeted and compromised a company's identity service, usually Microsoft Active Directory (AD) or Entra ID, as these are the most common. 35 percent of companies stated that they do not have sufficient budget to defend against attacks and 61 percent stated that they do not have appropriate backup systems for their identity services.
81 percent of respondents believe they have the necessary expertise to protect themselves from identity-related attacks. Nevertheless, 83 percent of respondents have suffered a successful ransomware attack in the last twelve months.
For the report, 900 IT and security experts from various sectors such as education, finance, healthcare, trade, IT and telecommunications were surveyed in the first half of the year.
Videos by heise
Cyber criminals like to use long weekends
The US cybersecurity authority CISA has already called for increased vigilance against ransomware attacks on weekends and public holidays. In the past, for example, the ransomware gang Clop took advantage of a long weekend to exploit a vulnerability in the data exchange software MOVEit. As a result, more than 130 companies in Germany also fell victim to blackmail attempts and a large amount of data was leaked.
(mack)
