The second timeline of April 2022 is finally out (you can find the first one at this link.) In this fortnight I have collected 97 events, that is an average of 6.47 events/day, despite this corresponds to a noticeable drop compared to the 123 events of the previous timeline, the average level continues to be quite high and, easily predictable, an important part on this is played by the war in Ukraine that is inevitably having implications even in the cyber space.

A consolidated trend since the start of the Russian invasion, is the cyber war declared by the Anonymous collective and their affiliates against the Russian government: the hacktivists continue to leak data from Russian organizations. But this is not the only way the situation in Ukraine is affecting the cyber space: the country continues to be the target of multiple operations, especially DDoS attacks against local targets, and targeted cyber espionage operations.

Ransomware attacks continue to be relevant, with Conti, BlackCat, and Quantum, the new kid on the block, being the most active ransomware gangs The attacks to high-profile targets continue and the percentage of events related to ransomware is now 18.56% (up from 11.86% of the previous timeline.)  Similarly, 10.3% of the events were characterized by the exploitation of a vulnerability.

Massive attacks against fintech and decentralized finance companies continue. Even in this fortnight, at least three organizations were hit for a total loss of nearly a staggering $140M worth of crypto assets.

And we are used to see quite a complicated cyber espionage landscape. Similarly to the previous months, this timeline reports many well-known threat actors (and not necessarily related to the events in Ukraine) such as Mustang Panda, DarkSeoul, APT29, and the Lazarus Group.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.



The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...

  • August 2016 Cyber Attacks Statistics

    It's time to publish the statistics derived from the cyber attacks timelines of August (Part I and Part II), a month particularly active from an Information Security perspective, despite the Summer time. As always, let’s start from the Daily Trend Chart, which shows obviously an ...

  • February 2023 Cyber Attacks Statistics

    After the cyber attacks timelines, it’s time to publish the statistics of February 2023 where I have collected and analyzed...

  • Image by Gerd Altmann from Pixabay16-28 February 2023 Cyber Attacks Timeline

    The second cyber attacks timeline of February 2023 is out and with 10.62 events/day confirms...

  • Image by Gerd Altmann from Pixabay1-15 May 2022 Cyber Attacks Timeline

    The first timeline of May 2022 is out. In the first half of the month I collected 101 events, that is an average of 6.73 events/day. The level of activity, reflected by...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.