EVENTS
0
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY

The first timeline of May 2022 is out. In the first half of the month I collected 101 events, that is an average of 6.73 events/day. The level of activity, reflected by the cyber events that find some space in the media outlets, continue to be quite sustained, once again, fueled by the war in Ukraine that is continuing to have repercussions in the cyber space.

The Anonymous collective and their affiliates continue their cyber war against the Russian government: even in this fortnight, the hacktivists continued to leak data from Russian organizations. And similarly to the previous weeks, Ukraine continued to be the target of multiple operations aimed to distribute malware and spy on multiple institutions.

But this situation is affecting Europe as a whole: multiple campaigns (even from Chinese gropus) were spotted, and interesting twist is also the retaliation of the Killnet pro-Russian collective with multiple DDoS attacks against countries, like Italy, accused to back Ukraine.

Ransomware attacks continue to play an important role, with the usual suspects, like Conti, who continue to hit multiple organizations. In this fortnight, 14.85% of events were characterized by ransomware (vs. 18.56% of the previous timeline.) On the other hand, the impact of attacks carried out exploiting vulnerabilities went down to 7.9% from 10.3% of the previous timeline.

Another trend that is characterizing 2022 is the occurrence of massive attacks against fintech and decentralized finance companies continue. Unfortunately the list of victims continues to grow and this fortnight was no exception.

Even threat actors motivated by cyber espionage were quite active during the first week of May. New threat actors such as UNC3524 and Moshen Dragon joined the party. Besides, as already mentioned, many well-known group, such as APT28, Turla, Ghostwriter, and Mustang Panda were involved in operations related to Ukraine. Without considering “generic” cyber espionage operations, such as the ones carried on by APT29 and APT41.

A special mention to the Pegasus spyware that continued to plague organizations and individuals worldwide, such as Spain’s Prime Minister Pedro Sanchez and Defense Minister Margarita Robles.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

SUPPORT MY WORK!

BREACHOMETER

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND
POPULAR POSTS
FOLLOW ME ON TWITTER

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.