September confirmed the high level of activity in the cyber space. Despite the number of recorded events registered a light decrease, the overall amount continues to be quite high as shown in the 12 months trend chart.

As also quite high continues to be the impact of ransomware, stable at 27.7% (38 out of 137 events), a value substantially in line with the one experienced in the second half of August (27.2%). On the other hand, the impact of vulnerabilities played a role in the 10.9% of events, (15 out of 137 events) with a sharp increase compared to 6.9% of the previous timeline.

Unfortunately the hacks against fintech platform only experienced a break during the Summer, with three new organizations hit by attackers able to steal the equivalent of nearly $2M in cryptovalues.

The number of operations in cyber space linked to the conflict in Ukraine continue to decrease, however the Anonymous collective hit the headlines thanks to an alleged cyber attack that spread havoc in the Yandex Taxi app, creating a massive jam in Moscow. On the other hand the Gamaredon group continued to target entities in Ukraine, and interestingly threat actors from the infamous ransomware group Conti repurposed their malicious intentions against Ukraine in a new threat actor dubbed UAC-0098.

And unsurprisingly, the cyber espionage front is always rich of events with old acquaintances, such as the North Korean Lazarus Group, and the Iranian Charming Kitten, but also newcomers, such as Worok.

As usual the list is too long to be summarized in few words (this one in particular), so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map September H1 2022

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...

  • Leaky Buckets in 2022

    Similarly to what I have done in 2021, I am now collecting the incidents due to cloud misconfigurations and leading to the exposure of data.

  • Image by Gerd Altmann from Pixabay16-28 February 2023 Cyber Attacks Timeline

    The second cyber attacks timeline of February 2023 is out and with 10.62 events/day confirms...

  • Cloud-Native Threats in 2021

    I am starting a new project to track cloud-native threats, similarly to what I have done in 2020, with an interactive timeline. As soon as I collect more data I will start to generate some statistics.

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.