During September 2021, I have collected 206 events (here and here) that I am finally aggregating into statistics in this blog post, nearly a 20% increase compared to the 173 events collected in August. After the Summer break, the general trend is rising again.
As usual, cyber crime leads the Motivations chart, but its percentage drops to 78.2% from 87.6% back to the values of August). This is probably a consequence of the high number of cyber espionage campaigns (jumping to 14.8% from 8.2%). Similarly, Malware continues to dominate the Attack Techniques chart with 38,3%, down from 43.5% in August. The impact of account takeovers (13.1% vs. 11.8% in August) and vulnerabilities (12.1% vs. 10.8% in August) continue to be quite important and to characterize the current threat landscape. Interestingly, also targeted attacks rise to 9.2% from 6.5% of August.
Once again, multiple targets lead the Target Distribution chart, but their percentage goes down to 17.5% from 25.9% in August and, similarly to the previous month, ahead of healthcare (13.6% vs. 15.3%) and public administration (12.6% vs. 11.2) targets.
Check out the interactive charts and the statistics, also available as an infographic.
As always bear in mind that the sample refers exclusively to the attacks included in my timelines, available from public sources such as blogs and news sites. Obviously the sample cannot be complete, but only aims to provide an high level overview of the threat landscape.

Cloud-Native Threats in 2023
Similarly to what I have done in 2022, 2021, and 2020, I am listing those cyber attacks…

The Biggest Data Breaches of 2023
Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches…

16-31 December 2022 Cyber Attack Timeline
Welcome to the last cyber attacks timeline of 2022! A timeline that marks a sharp decline in the number of recorded events after four consecutive increases…

1-15 December 2022 Cyber Attack Timeline
In the first timeline of December, I have collected 147 events (corresponding to 9.8 events/day), a result slightly…

Cloud-Native Threats in 2022
This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected…

The Biggest Data Breaches of 2022
Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines…

August 2021 Cyber Attacks Statistics
During August 2021, I have collected 170 events that I can finally aggregate into (hopefully useful) statistics. This number represents a 10% decrease in comparison to the
Finally, please support my work, sharing the content, and of course follow @paulsparrows on Twitter for the latest updates.
Support my work! Make a donation!

Cloud-Native Threats in 2023
Similarly to what I have done in 2022, 2021, and 2020, I am listing those cyber attacks…

The Biggest Data Breaches of 2023
Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches…

16-31 December 2022 Cyber Attack Timeline
Welcome to the last cyber attacks timeline of 2022! A timeline that marks a sharp decline in the number of recorded events after four consecutive increases…

1-15 December 2022 Cyber Attack Timeline
In the first timeline of December, I have collected 147 events (corresponding to 9.8 events/day), a result slightly…

Cloud-Native Threats in 2022
This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected…

The Biggest Data Breaches of 2022
Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines…

16-30 September 2021 Cyber Attacks Timeline
The second timeline of September 2021 is here and is confirming us the growing trend that is characterizing the last period. In this timeline I have collected 106 events, up from…

Cloud-Native Threats in 2023
Similarly to what I have done in 2022, 2021, and 2020, I am listing those cyber attacks…

The Biggest Data Breaches of 2023
Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches…

16-31 December 2022 Cyber Attack Timeline
Welcome to the last cyber attacks timeline of 2022! A timeline that marks a sharp decline in the number of recorded events after four consecutive increases…

1-15 December 2022 Cyber Attack Timeline
In the first timeline of December, I have collected 147 events (corresponding to 9.8 events/day), a result slightly…

Cloud-Native Threats in 2022
This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected…

The Biggest Data Breaches of 2022
Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines…

1-15 September 2021 Cyber Attacks Timeline
The Autumn has begun, and I can finally publish the first timeline of September 2021. Despite we are still far from the highest peaks of activity of this year, in this timeline…
2022 Cyber Attacks Statistics
And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...
The Biggest Data Breaches of 2023
Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...
TCP Split Handshake Attack Explained
Update May 12: TCP Split Handshake: Why Cisco ASA is not susceptible Update May 11: The Never Ending Story Update April 21: Other Considerations on TCP Split Handshake Few days ago, independent security research and testing NSS Labs, issued a comparative report among six network security ...
January 2022 Cyber Attacks Statistics
After the cyber attacks timelines of January 2022, I can finally publish the corresponding statistics. In the two timelines...
February 2018 Cyber Attacks Statistics
Time flies, and finally I have found the time to publish the statistics derived from the cyber attacks timelines of February (part I and part II). Before drilling down into the statistics, let me say that many readers keep on asking how I derive the ...
