Semperis, a pioneer in identity-driven cyber resilience, today published the results of its 2024 Ransomware Holiday Risk Report focusing on the Australia and New Zealand region. The report found 69% of ANZ organisations are attacked on holidays and weekends when employee distraction is high. Despite this increased risk, 78% of surveyed companies admit to reducing security staffing by as much as 50% during these periods, exposing them to a greater risk of attack especially during the upcoming holiday season.
“Companies should not lower their guard against cyberattacks during holidays and weekends. Instead, they should bolster their defenses against ransomware attacks during these times. The most effective protection against threats during the holidays is maintaining awareness and having a robust backup and recovery plan ready to deploy when needed,” said Malcolm Turnbull, Semperis Strategic Advisor, former Australian Prime Minister.
In addition, the report found 50% of respondents attacked were targeted during a major corporate event such as a merger, acquisition, or IPO, with the IT/Telecom industry being the most affected (54%) by this tactic.
“Cyberattacks, including ransomware, often happen in the cracks—during mergers, acquisitions, layoffs, and in the seams of supplier-vendor relationships. To combat never-ending ransomware attacks, organisations should focus on building resilience into networks,” said Kemba Walden, Paladin Global Institute President, and former Acting U.S. National Cyber Director.
Previous research demonstrates that in nine-out-of-ten ransomware attacks, hackers compromise an organisation’s identity system (most often Microsoft Active Directory (AD) or Entra ID). In a positive trend, organisations in ANZ seem to be placing increasing priority on securing this area, with 83% reporting they have budget specifically for the defense of core identity systems like Active Directory.
“Seeing how vulnerable AD is, corporate leaders should reevaluate risk from an operational resilience perspective to better understand the exposure of their IT infrastructure,” said Mickey Bresman, CEO, Semperis. “Every corporate board should ask their CISO what their level of risk is and which systems, if taken out, would completely cripple their business. You will find that AD compromises take down entire networks, leaving most organisations scrambling to recover.”
83% of surveyed organisations in Australia and New Zealand say that they have an identity recovery plan in place, yet 83% still experienced a successful ransomware attack within the past 12 months, highlighting a disconnect between planning and outcomes.
The full report, which includes breakdowns of responses by vertical market, is available to view here.
