On the Friday heading into Memorial Day weekend this year, it was meat-processing giant JBS. On the Friday before the Fourth of July, it was IT-management software company Kaseya and, by extension, over a thousand businesses of varying size. It remains to be seen whether Labor Day will see a high-profile ransomware meltdown as well, but one thing is clear: hackers love holidays.
Really, ransomware hackers love regular weekends, too. But a long one? When everyone’s off carousing with family and friends and studiously avoiding anything remotely office-related? That’s the good stuff. And while the trend isn’t new, a joint warning issued this week by the FBI and the Cybersecurity and Infrastructure Security Agency underscores how serious the threat has become.
The appeal to attackers is pretty straightforward. Ransomware can take time to propagate throughout a network, as hackers work to escalate privileges for maximum control over the most systems. The longer it takes for anyone to notice, the more damage they can do. “Generally speaking, the threat actors deploy their ransomware when there is less likelihood of people being around to start pulling plugs,” says Brett Callow, threat analyst at antivirus company Emsisoft. “The less chance of the attack being detected and interrupted.”