Danny Weber
15:35 31-12-2025
© RusPhotoBank
RED Security reports a 4-5x surge in cyberattacks over New Year holidays, led by ransomware. Learn why reduced monitoring enables breaches and how SOCs help.
RED Security has warned of a sharp surge in cyberattacks over the New Year holidays. According to the company’s monitoring and incident response center, during long weekends malicious activity can jump four to five times compared with the annual average.
Experts note that the holiday period is most often used not for the initial breach, but for the final—and most destructive—stage of attacks. When many companies scale back operations and loosen oversight, intruders encrypt data, disable infrastructure, or steal money. The pattern is familiar: wait for vigilance to drop, then move in, which makes the New Year break one of the most convenient windows to inflict maximum damage on business.
RED Security SOC reports that in the first week of January 2024, the number of serious incident reports was four times higher than the monthly average. About 80% of those cases involved ransomware, and roughly a third stemmed from previously compromised IT contractors. With overall cybercriminal activity rising in 2025, the company’s experts expect an even sharper spike in threats.
Specialists emphasize that the greatest risk falls on organizations that do not maintain round-the-clock monitoring of security events. In such scenarios, companies often learn about a breach only after business processes have been paralyzed. It is during holiday periods that emergency requests for incident response and investigation climb steeply—a reminder of why proactive monitoring matters more than scrambling after the fact.