SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Disconnect between threat and preparedness in ransomware attacks
Wed, 24th Nov 2021
FYI, this story is more than a year old

There is a disconnect between the risk ransomware poses to organisations during off-hour periods and their preparedness to respond moving into the holiday season, according to new research.

Operation-centric attack protection company Cybereason has published a global study of 1,200+ security professionals at organisations that have previously suffered a successful ransomware attack on a holiday or weekend.

The report, titled Organisations at Risk: Ransomware Attackers Don't Take Holidays, found that most security professionals expressed high concern about imminent ransomware attacks. Yet, nearly half felt they did not have the right tools in place to manage it.

In addition, more than a quarter (35%) of Singapore respondents still do not have specific contingencies in place to assure a prompt response during weekend and holiday periods, despite having already been the victim of a ransomware attack.

Key findings include:

  • Longer response time – 1 in 2 (49%) local cybersecurity professionals took longer to assess the scope of attacks when it happened during the holidays, while 1 in 3 (35%) took longer to respond or stop attacks.
  • Compromised judgement – one-third of respondents (33%) admitted that it took longer to assemble a team to respond, possibly because more than half (55%) of the respondents were intoxicated while responding to a ransomware attack over the weekend or during a holiday.
  • Lack of cybersecurity solutions – 68% of previous attacks were successful due to a lack of security solutions or cybersecurity coverage implementation.
  • Increased awareness of attack occurrence – 59% of organisations have begun planning and increasing staff to reinforce security during the holidays.

Retail and Transportation: Industries at Risk

Other key findings from the report indicated that the retail and Transportation sectors are high-value targets for ransomware attackers. Singaporean respondents from both Retail (44%) and Transportation (50%), previously victims of ransomware attacks, also cited not having the right security solutions. Due to the potential for disruption and lost revenue, victims are likely to be incentivised to pay higher ransom demands for business continuity.

"Ransomware attackers don't take time off for holidays. The most disruptive ransomware attacks in 2021 have occurred over weekends and in a lead up to major holidays," says Cybereason general manager for APAC, Eric Nagel.

"The attacks in Singapore on a major insurer and a healthcare operator in the second half of this year reaffirms the shift in the attackers' approach, knowing they have the advantage over targeted organisations," he says.

Leslie Wong, regional vice president for APAC at Cybereason, adds, "This research proves that organisations are not adequately prepared.

"As attackers grow increasingly sophisticated in their approach, it's crucial that organisations take additional steps to assure they have the right people, processes and technologies in place," says Wong.

"By adopting a prevention-first strategy, organisations can mitigate the risk of attacks and minimise the disruption of ransomware attacks to protect their critical assets."