The second timeline of April 2022 is finally out (you can find the first one at this link.) In this fortnight I have collected 97 events, that is an average of 6.47 events/day, despite this corresponds to a noticeable drop compared to the 123 events of the previous timeline, the average level continues to be quite high and, easily predictable, an important part on this is played by the war in Ukraine that is inevitably having implications even in the cyber space.

A consolidated trend since the start of the Russian invasion, is the cyber war declared by the Anonymous collective and their affiliates against the Russian government: the hacktivists continue to leak data from Russian organizations. But this is not the only way the situation in Ukraine is affecting the cyber space: the country continues to be the target of multiple operations, especially DDoS attacks against local targets, and targeted cyber espionage operations.

Ransomware attacks continue to be relevant, with Conti, BlackCat, and Quantum, the new kid on the block, being the most active ransomware gangs The attacks to high-profile targets continue and the percentage of events related to ransomware is now 18.56% (up from 11.86% of the previous timeline.)  Similarly, 10.3% of the events were characterized by the exploitation of a vulnerability.

Massive attacks against fintech and decentralized finance companies continue. Even in this fortnight, at least three organizations were hit for a total loss of nearly a staggering $140M worth of crypto assets.

And we are used to see quite a complicated cyber espionage landscape. Similarly to the previous months, this timeline reports many well-known threat actors (and not necessarily related to the events in Ukraine) such as Mustang Panda, DarkSeoul, APT29, and the Lazarus Group.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.



The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • Cyber Attacks Stats July 2000 Front ImageJuly 2022 Cyber Attack Statistics

    After the corresponding cyber attacks timelines, it’s time to publish the statistics of July 2022 where I have collected and analyzed...

  • 16-31 July 2022 Cyber Attacks Timeline

    The second cyber attacks timeline of July 2022 confirms the sustained level of activity. In this fortnight I have collected 139 entries, once again...

  • Photo by Tima Miroshnichenko from PexelsThe Biggest Data Breaches of 2022

    Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines...

  • Leaky Buckets in 2022

    Similarly to what I have done in 2021, I am now collecting the incidents due to cloud misconfigurations and leading to the exposure of data.

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.