Shortly after the Cyber Attacks Timelines of May (part I and part II), it’s time to publish the corresponding statistics. In May, I have collected 177 significant events, a consistent drop compared to the 240 of April; of course, as I have already pointed out, the numbers don’t tell all the story and despite the numbers continue to decrease, the impact remains high.
Unsurprisingly, cyber crime leads the Motivations chart with 88.7% (a value very close to 88.3% of April.) Similarly, malware continues to lead the Attack Techniques chart and, for the second month in a row, accounts for nearly 50% of attacks (48.6% vs 48.3% in April). I won’t stress enough the concept that the real value could be even higher since some malware-based attacks are filed as “Unknown” as the victims do not disclose enough information.) Attacks carried out via the exploitation of vulnerabilities still play an important role, ranking at number three among the known techniques, with a value similar to April (10.2% vs. 10.8%.)
And finally multiple industries retain the leadership of the Target Distribution chart with 15.8% (it was 18.8% in April), ahead of public administrations that have taken over individuals at number two.
The statistics are also available as an infographic.

May 2022 Cyber Attack Statistics
After the corresponding cyber attacks timelines, it’s time to publish the statistics of May 2022 once again, unsurprisingly, characterized by…

16-31 May 2022 Cyber Attacks Timeline
The second timeline of May 2022 is out. In the second half of the month I collected 120 events, corresponding to an average of 7.50 events/day, an important…

1-15 May 2022 Cyber Attacks Timeline
The first timeline of May 2022 is out. In the first half of the month I collected 101 events, that is an average of 6.73 events/day. The level of activity, reflected by…

April 2022 Cyber Attacks Statistics
After the cyber attacks timelines, it’s time to publish the statistics of April 2022, once again characterized…

16-30 April 2022 Cyber Attacks Timeline
The second timeline of April 2022 is finally out. In this fortnight I have collected 97 events that corresponds to an average of 6.47 events/day, despite…

1-15 April 2022 Cyber Attacks Timeline
After the peak of March (in the meantime I have added more records to the previous timeline bringing the total to 150), the level of activity continues to be…

Leaky Buckets in 2022
Similarly to what I have done in 2021, I am now collecting the incidents due to cloud misconfigurations and leading to the exposure of data.

Cloud-Native Threats in 2022
This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected…

The Biggest Data Breaches of 2022
Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines…

April 2021 Cyber Attacks Statistics
It’s time to publish the statistics derived from the Cyber Attacks Timelines of April, where I have collected 240 significant events, 36 less than the record of March. Ransomware attacks…
As always bear in mind that the sample refers exclusively to the attacks included in my timelines, available from public sources such as blogs and news sites. Obviously the sample cannot be complete, but only aims to provide an high level overview of the threat landscape.
Finally, please support my work, sharing the content, and of course follow @paulsparrows on Twitter for the latest updates.

May 2022 Cyber Attack Statistics
After the corresponding cyber attacks timelines, it’s time to publish the statistics of May 2022 once again, unsurprisingly, characterized by…

16-31 May 2022 Cyber Attacks Timeline
The second timeline of May 2022 is out. In the second half of the month I collected 120 events, corresponding to an average of 7.50 events/day, an important…

1-15 May 2022 Cyber Attacks Timeline
The first timeline of May 2022 is out. In the first half of the month I collected 101 events, that is an average of 6.73 events/day. The level of activity, reflected by…

April 2022 Cyber Attacks Statistics
After the cyber attacks timelines, it’s time to publish the statistics of April 2022, once again characterized…

16-30 April 2022 Cyber Attacks Timeline
The second timeline of April 2022 is finally out. In this fortnight I have collected 97 events that corresponds to an average of 6.47 events/day, despite…

1-15 April 2022 Cyber Attacks Timeline
After the peak of March (in the meantime I have added more records to the previous timeline bringing the total to 150), the level of activity continues to be…

Leaky Buckets in 2022
Similarly to what I have done in 2021, I am now collecting the incidents due to cloud misconfigurations and leading to the exposure of data.

Cloud-Native Threats in 2022
This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected…

The Biggest Data Breaches of 2022
Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines…

16-31 May 2021 Cyber Attacks Timeline
The second timeline of May is finally out confirming the decreasing trend (at least in terms of recorded events) that we have seen in the last few months. In fact, in this timeline I have collected…

May 2022 Cyber Attack Statistics
After the corresponding cyber attacks timelines, it’s time to publish the statistics of May 2022 once again, unsurprisingly, characterized by…

16-31 May 2022 Cyber Attacks Timeline
The second timeline of May 2022 is out. In the second half of the month I collected 120 events, corresponding to an average of 7.50 events/day, an important…

1-15 May 2022 Cyber Attacks Timeline
The first timeline of May 2022 is out. In the first half of the month I collected 101 events, that is an average of 6.73 events/day. The level of activity, reflected by…

April 2022 Cyber Attacks Statistics
After the cyber attacks timelines, it’s time to publish the statistics of April 2022, once again characterized…

16-30 April 2022 Cyber Attacks Timeline
The second timeline of April 2022 is finally out. In this fortnight I have collected 97 events that corresponds to an average of 6.47 events/day, despite…

1-15 April 2022 Cyber Attacks Timeline
After the peak of March (in the meantime I have added more records to the previous timeline bringing the total to 150), the level of activity continues to be…

Leaky Buckets in 2022
Similarly to what I have done in 2021, I am now collecting the incidents due to cloud misconfigurations and leading to the exposure of data.

Cloud-Native Threats in 2022
This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected…

The Biggest Data Breaches of 2022
Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines…

1-15 May 2021 Cyber Attacks Timeline
The first timeline of May is out! In this timeline I have collected 89 events, with an average rate of 5.9 events per day, that’s…
May 2022 Cyber Attack Statistics
After the corresponding cyber attacks timelines, it’s time to publish the statistics of May 2022 once again, unsurprisingly, characterized by...
Q1 2022 Cyber Attacks Statistics
I have aggregated the statistics created from the cyber attacks timelines published in the first three months of 2022. In total I have collected...
16-31 May 2022 Cyber Attacks Timeline
The second timeline of May 2022 is out. In the second half of the month I collected 120 events, corresponding to an average of 7.50 events/day, an important...
The Biggest Data Breaches of 2021
With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.
TCP Split Handshake Attack Explained
Update May 12: TCP Split Handshake: Why Cisco ASA is not susceptible Update May 11: The Never Ending Story Update April 21: Other Considerations on TCP Split Handshake Few days ago, independent security research and testing NSS Labs, issued a comparative report among six network security technologies. The controversial ...
