The first timeline of February 2022 is out with 98 events. This number represents a 7% decrease with regards to the second timeline of January (105 events), but if compared with the first timeline of the previous month (91 events), shows a 7% increase. However the numbers are considerably lower than this same period one year ago when the peak of activity for 2021 was achieved.

Ransomware continues to dominate the threat landscape, mainly thanks to the BlackCat operation, characterizing 23 out of 98 events (23.4% vs 14.3% and 30.7% respectively for the first and the second timeline of January). Similarly, the exploitation of vulnerabilities continues to characterize this initial part of 2022: 10 out 98 events (10.2%) have been carried out exploiting vulnerabilities of any kind (it was respectively 6.5% and 14.3% for the first and second timeline of January 2022.

Massive hacks against companies operating in the fintech space continue: Wormhole suffered a huge $326M worth loss (but luckily the funds were recovered shortly after), unfortunately KLAYswap and were not so lucky loosing respectively the equivalent of $1.9M and$4.4M in cryptocurrencies.

Inevitably, the war in Ukraine has crossed the boundaries of cyber space. This country was targeted by multiple cyber attacks and influence campaigns allegedly orchestrated by Russia.

The cyber espionage front is also very rich and not only in Ukraine thanks to the Gamaredon group. Multiple well-known threat actors characterize this timeline including APT35 (AKA Phosphorus or Charming Kitten), TA402 (AKA Molerats), ot TA406 (AKA Kimsuky), and Arid Viper (AKA Desert Falcon, Two-tailed Scorpion, or APT C-23).

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.



The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • Q4 2023 Featured ImageQ4 2023 Cyber Attacks Statistics

    In Q4 2023, cyber attack events decreased by 7.1% to 1029 compared to the previous quarter. Cybercrime remains the primary motive, although slightly reduced, while malware tops attack techniques, increasing from the last quarter. Multiple industries and healthcare are the most targeted sectors. These statistics ...

  • close up view of system hacking16-31 January 2024 Cyber Attacks Timeline

    In the second timeline of January 2024 I collected 168 events (10.50 events/day), dominated by ransomware, ahead of malware and the exploitation of vulnerabilities. There were also several mega breaches, multiple operations against fintech organizations, and the usual wave of attacks motivated by cyber espionage.

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.

  • Q1 2023 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published in the first three months of 2023. In total...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.