‘Tis The Season For Ransomware: New Report Shows Spikes During Holidays

Organizations may experience security staffing challenges outside traditional business hours.

Bah humbug. A new report released by identity cyber resilience company Semperis revealed a significant uptick in ransomware attacks against organizations during the holiday season.

Semperis’ “2024 Ransomware Holiday Risk Report” found that 86 percent of organizations surveyed in the U.S., UK, France and Germany, were targeted by ransomware on a holiday or weekend.

One reason the report suggests is that security staffing is reduced during those periods. Among U.S. organizations surveyed for the report, 90 percent said they reduced security staff by as much as 50 percent during the holiday season and weekends.

“It is human nature for services not to be as strong on the weekends, as many [organizations maintain] the mindset of the workweek. ... And when staffing levels decrease, naturally the fallout could be systems that are more vulnerable to breach,” said Ciaran Martin, CB, managing director at Paladin Capital Group and founding executive of the UK’s National Cyber Security Centre, in the report.

There are other takeaways from the report, which surveyed 900 IT and security leaders across the globe.

One highlight from the report is the revelation that ransomware attacks increase when an organization has a major business event like an IPO, merger/acquisition or workforce restructuring. Semperis’ researchers refer to these events as “useful distractions” for attackers to strike. Sixty-three percent of organizations surveyed experienced a ransomware attack during one of these events.

There also seems to be a disconnect from how organizations perceive their security defenses and reality. Eighty-one percent of respondents said they have the necessary expertise to protect their organizations against attacks—in particular, identity-related attacks—but 83 percent suffered a ransomware attack in the past year.

The sectors that suffered the biggest onslaught of ransomware attacks during holidays and weekend include education, finance, manufacturing, health care, travel/transportation and IT/telecom, according to the report.

Nearly 5 percent of respondents said they had no security operations center staff scheduled during holidays and weekends, the report revealed.

Semperis researchers outlined some steps IT and security leaders can take to shore up their security around the clock:

Read the full Semperis 2024 Ransomware Holiday Report.