A recent report from Malwarebytes highlights a concerning trend in ransomware attacks, revealing that the majority of incidents now occur between 1 AM and 5 AM. This timing aims to catch cybersecurity teams off guard when staffing levels are typically low. The findings are based on threat intelligence gathered by Malwarebytes and its ThreatDown detection and response unit, which indicates that attackers strategically launch operations during the early hours and weekends to limit IT personnel’s ability to respond effectively. This shift in attack timing presents a significant challenge for organizations as they struggle to defend against such stealthy tactics.
The report further indicates a dramatic reduction in the time required to complete the entire ransomware attack chain, which now takes mere hours rather than the weeks it once did. The efficiency of the attack process has increased due to the adoption of “living-off-the-land” techniques, which enable cybercriminals to utilize existing tools and systems within the target environment to evade detection. Chris Kissel, an IDC research vice president, emphasizes the necessity for organizations to implement 24/7 managed detection and response capabilities to ensure comprehensive coverage against potential attacks, particularly during vulnerable hours.
Malwarebytes’ findings also reveal alarming statistics regarding the geographical distribution of ransomware victims. The United States and the United Kingdom report the highest percentages of attacks, with 63% and 67% of organizations affected, respectively. These countries have experienced double-digit annual increases in ransomware incidents. Additionally, the report indicates a rise in attacks carried out by gangs outside the top 15, highlighting that ransomware has become increasingly accessible to a broader range of cybercriminals, thereby intensifying the threat landscape.
Sector-specific data show that the services and manufacturing industries are the most targeted by ransomware attacks, with the manufacturing sector alone experiencing a staggering 71% increase in incidents over the past year. As cybercriminals refine their strategies and expand their reach, organizations must remain vigilant and proactive in enhancing their cybersecurity measures. The report underscores the urgent need for businesses to adapt their security postures to counter these evolving threats effectively and protect their sensitive data from potential breaches.
Reference:
