Cyber experts find nighttime cyber assaults a source of significant worry
In today's digital landscape, cyber threats are no longer confined to traditional working hours. A growing number of cybercriminals are exploiting the weaker defenses that come with off-hours and weekends, leaving security teams scrambling to respond.
According to a study by Arctic Wolf, a staggering 76% of ransomware attacks occur either after hours or over the weekend. This trend was also observed in Semperis' analysis, which showed that 72% of ransomware victims were attacked outside of working hours, such as during holiday periods. Darktrace's analysis corroborates these findings, reporting that 76% of ransomware attacks take place during off-peak times.
The hackers behind these attacks are modern cybercriminals who use automated, global methods to launch attacks especially at night, weekends, or holidays when defenses are weaker. The Scottish Environmental Protection Agency (SEPA) was a recent victim of such an attack, targeted on Christmas Eve in 2021. Thousands of SEPA files were stolen as a result of the attack, and the Conti ransomware group claimed responsibility.
Security workers are forced to drop personal activities and respond to potential incidents due to alerts taking place outside of business hours and on weekends. Among organizations with dedicated security operations centers (SOCs), around 85% reduce staffing levels by up to 50% during holidays or weekends. This staffing reduction, coupled with the increased number of alerts during these times, contributes to alert fatigue among defenders, making it difficult for them to navigate increasingly complex tactics.
Staffing challenges and associated costs with overtime wages are a key factor behind reduced staffing levels during holidays or weekends. However, these reductions leave organizations vulnerable to cyberattacks during these periods. Threat actors aim to maximize their chances of success by launching attacks during times when skeleton crews are holding the fort.
Dan Schiappa, Arctic Wolf's president of technology and services, stated that the study highlights the 24x7 nature of the cybersecurity profession and gives a glimpse into the challenges faced by teams. The study found that more than half (51%) of alerts recorded by security operations teams are recorded after the majority of the business has clocked out. Around 15% of all alerts take place on weekends.
In conclusion, the threat landscape is defined by round-the-clock attacks that target identity, exploit timing, and drive alert fatigue. As cybercriminals continue to adapt their tactics to exploit off-hours and weekends, organizations must adapt their security measures to meet these challenges and ensure continuous protection.
Read also:
- Strengthening Defense against Multi-faceted menaces in the Age of Authority-driven Technology
- Industries Under Jeopardy Due to Multi-Accounting: Prevention Strategies Revealed in 2024
- Web3 Esports undergoes transformation as Aylab and CreataChain collaborate for a radical change
- Latest Tech Highlights: Top Gadgets of March 2025
