A new study has identified a 30% leap in the average number of attempted attacks globally over the holiday season.

malicious-code Ransomware attacks

The research, conducted by global cybersecurity and AI company, Darktrace, found the increase in every consecutive year from 2018 to 2020, compared to the monthly average.

The data also revealed a 70% average increase in attempted ransomware attacks in November and December compared to January and February. Following a record number of ransomware attacks this year, the company expects the spike to be higher over the 2021 holiday period.

During the nascent 2021 holiday season, Darktrace’s AI detected and autonomously stopped an in-progress, early-stage ransomware attack on a U.S. city before any data exfiltration or encryption could occur. The city’s security team had the foresight to deploy an AI solution to combat multi-stage ransomware attacks, enabling them to stop the attackers at the earliest stage.

Ransomware is often falsely considered an encryption problem. This misconception masks and undermines attackers’ determination and creativity to initially break into and then move around within an organization’s digital environment first to discover, then steal and encrypt data. The break-in is often through email, but that quickly evolves to targeting servers where the data lives. Therefore, a combination of email and network security is crucial to stop these attacks.

New technologies can develop an understanding of normal business operations for each organization, before autonomously interrupting in-progress attacks at every stage from the initial entry. Attacks from sophisticated spear-phishing emails to brute-forced remote desktop protocol (RDP), command-and-control, and lateral movement, can now all be stopped without business disruption.

Justin Fier, Director of Cyber Intelligence and Analytics at Darktrace, said:

“Based on what we’ve seen in previous years, holidays are consistent target periods for cyber-attackers. Interestingly, the largest rise in attempted ransomware attacks is between Christmas and New Year’s when attackers know there will be fewer eyeballs on screens defending against threats.

“Business leaders should know that there is available technology that can identify and respond to the initial warning signs of ransomware before attackers can hold critical systems hostage, even when human security teams are out of office,” Fier added.