The 138 events recorded in this timeline represent a new 12 months high. This is one of the effect of the Russian invasion in Ukraine that is having obvious implications in the cyber space as well. Hacktivists have been very busy (15 out of 138 events, corresponding to nearly 11% are related to hacktivism), and similarly 11 out of 138 (8%) are somehow related to cybewarfare operations.

But the effects do not end up here: the war is also undoubtedly characterizing the cyber espionage front, with 21 events (roughly 15% of the sample) directly or indirectly related to Ukraine. UAC-0026 (AKA Scarab), Ghostwriter, Armageddon, Curious Gorge, and COLDRIVER are just some of the threat actors that targeted entities in Ukraine.  In total, nearly 19.7% of events (27 out of 138) involve Ukraine, and this explains simply the high number observed in the second half of March.

Looking at the treat landscape in general, ransomware attacks characterized nearly 16% of events (23 out of 138), doubling the percentage of the first half of the month. However the cyber crime has been characterized by the actions of the Lapsus$ collective that added more high-profile victims to their list.

The exploitation of vulnerabilities continue to be an important trend of this first quarter, and even in this timeline, 12.3% of the events (17 out of 138 events) occurred because a vulnerability was exploited (and new nightmares are ready to spoil the sleep of sysadmins worldwide thanks to the ‘Spring4Shell’ (CVE-2022-22963 and CVE-2022-22965) vulnerabilities, and similarly attacks against fintech companies continue relentlessly: the $624M stolen from Ronin Network represent the highest amount observed so far.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.



The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • Image by Pete Linforth from Pixabay1-15 May 2023 Cyber Attacks Timeline

    In the first half of May 2023 I collected 173 events (corresponding to 11.53 events/day), a value that confirms the sustained trend characterizing this year from an information security perspective.

  • Image by wastedgeneration from Pixabay1-15 December 2023 Cyber Attacks Timeline

    In early December 2023, event recordings decreased significantly to 135, with ransomware dominating 35.5% of incidents. The period saw a notable data breach at ESO Solutions, affecting 2.7 million patients, and a $2.7 million crypto theft at OKX. Geopolitical tensions spurred active cyber espionage, with ...

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • November 2023 MotivationsNovember 2023 Cyber Attacks Statistics

    November 2023 saw a rise to 39 events, with Cyber Crime remaining dominant at 78.7%. Cyber Espionage increased to 9.7%, while Hacktivism fell to 5.4%. Malware was the leading attack technique at 42.1%, and Multiple Organizations were the most targeted at 17.7%.

  • 2021 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2021 from the cyber attacks timelines. In the past year I have collected 2539 events, meaning...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.