0
EVENTS
0
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY

After the corresponding cyber attacks timelines (part I and part II), it’s time to publish the statistics of May 2022 once again, unsurprisingly, characterized by the events that are happening in Ukraine. In May I have Ascollected 223 events, perfectly in line with the results of April (when the total was 222 events.)

As always, Cyber Crime leads the Motivations chart with 70.4%, an important increase compared to 65.5% of April. Despite the value is growing, it is still lower than the average (around 80%) normally recorded before the Russian invasion in Ukraine. In particular, during May, the campaigns motivated by Cyber Espionage played a very important role (13.5% essentially in line with the 13.6% of April), at the expenses of Hacktivism that fell to 9.9% from 15%. On the other hand, Cyber Warfare shows a small increase to 4,5% from 4.1% in April.)

Malware continues to lead the Attack Techniques chart with 29.1% (it was 28,2%  in April, changing for the first time, the declining trend of the last months. Once again, account takeovers rank at second place among the known attack techniques with 15.2% (it was 14.1% in April): the phishing attacks against NFT collectors seem to be fruitful. And, the opposite of what happened in April, targeted attacks confirm their value at 10.3% (it was 1o.5% in April), and swap their place with vulnerabilities that slide at rank number four (among the known attack vectors) with 7.6% (down from 10.9%.)

There is no surprise in the Target Distribution chart, since it is led, once again, by attacks against multiple targets with 25.1% (it was 22.7% in April) ahead of healthcare organizations (yes the ransomware attacks are back) with 13.5%, a value similar to April when it was 13.9%. Governments rank at number three with 12.6% (down from 13.6% of April) and individuals (10.8% vs. 12.3%).

Check out the interactive charts and the statistics, also available as an infographic.

As always bear in mind that the sample refers exclusively to the attacks included in my timelines, available from public sources such as blogs and news sites. Obviously the sample cannot be complete, but only aims to provide an high level overview of the threat landscape.

Geo Map May 2022

Finally, please support my work, sharing the content, and of course follow @paulsparrows on Twitter for the latest updates.

Support my work! Make a donation!

Popular Posts
  • Photo by Soumil Kumar from PexelsCloud-Native Threats in 2022

    This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected...

  • Photo by Tima Miroshnichenko from PexelsThe Biggest Data Breaches of 2022

    Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines...

  • 16-31 July 2022 Cyber Attacks Timeline

    The second cyber attacks timeline of July 2022 confirms the sustained level of activity. In this fortnight I have collected 139 entries, once again...

  • Leaky Buckets in 2022

    Similarly to what I have done in 2021, I am now collecting the incidents due to cloud misconfigurations and leading to the exposure of data.

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.

Twitter Timeline
April 2022 Infographic
Stats April 2022 Infographic

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.