Welcome to the last cyber attacks timeline of 2022! A timeline that marks a sharp decline in the number of recorded events after four consecutive increases: 117 events in comparison to nearly 150 collected in the previous timeline, it will be interesting to see if this is just a temporary effect (maybe less attacks surfaced given also the festive break) or the start of a new trend.

Less events, but a major influence by those characterized by ransomware, whose percentage is again beyond 30% and nearly ten points higher than the previous fortnight (35% vs. 25.8%, corresponding to 41 out of 117). In contrast, the exploitation of vulnerabilities characterized 5.9% of events (8 out of 141), almost half the value of the previous fortnight (10.2%).

The siege against crypto platforms continued also in these last days of 2022: the users of BitKeep suffered a cumulative loss of $8M worth in crypto assets through a trojanized app, and was hit by a cyber attack resulting in the loss of $3M worth.

The end of 2022 was also characterized by a few massive breaches: for sure the one hitting Twitter (the private data of 400 million users were put on sale overshadowed the rest), but there were also other examples (despite unconfirmed in some cases) in Malaysia (Maybank, Astro, and the Election Committee) and India (Railway Catering and Tourism Corporation – IRCTC.)

Not so many cyber espionage campaigns in this timeline. Of course at least one targeting Ukraine (carried out by a threat actor dubbed UAC-0142 and targeting the users of the ‘DELTA’ situational awareness program), and two more targeting foreign policy experts in South Korea, and members of the Indian government, launched respectively by the North Korean threat actor Kimsuky and from a threat actor allegedly originating from Pakistan.

With regards to cyber warfare, the timeline recorded a couple of operations of Coordinated Inauthentic Behavior carried out by a Russian troll farm (taken down by the Ukrainian law enforcement), and by the infamous group GhostWriter.

And of course the situation in Ukraine was behind several attacks launched by pro-Russian hacktivists, in particular Killnet and NoName057(16), even if in some cases it is really difficult to ascertain if the claims are true.

Even in this fortnight, the list is too long to be summarized in few words (this one in particular), so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map December H2 2022

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • April 2023 Cyber Attacks Timeline

    After the cyber attacks timelines, it’s time to publish the statistics of April 2023 where I collected...

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • March 2023 Cyber Attacks Statistics

    After the cyber attacks timelines (part I and part II), it’s time to publish the statistics of March 2023 where I have collected and analyzed 334 events, which...

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.