And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events, a 21% increase compared to the 2539 events collected over the course of 2021. The war in Ukraine had an impact in the cyberspace, but the effects were visible starting from the Spring and during the Summer until the end of the year.

Cyber crime continues to lead the Motivations chart with 76.8%, down from 84.1% of 2021. The impact of the war in Ukraine is visible in the percentage of Cyber Espionage, jumping at number two, exactly the same value of 2021 (10.4%), and even more in Hacktivism that soared to 7.1% from 1.3%. And obviously even the events motivated by Cyber Warfare doubled their percentage to 3.5% from 1.6% in 2021.

Malware continues to lead the Attack Techniques chart with 34.7%, apparently down from 39.4% of 2021. This apparent decrease is compensated by the growth of events with unknown origin (from 18.7% to 22.2%) and this has a clear explanation: in most cases  when a ransomware attack is experienced, the victim organization does not disclose clearly the reason of the attack, but mentions generically a network disruption that I track as “Unknown.” Phishing attacks moved Account Takeovers to 15.5% from 13% and the Targeted Attacks primarily against Ukraine, accounted for 8% from 6.3%, at expense of the exploitation of Vulnerabilities down to 7.8% from 10.7% during 2021. Finally, the operations carried out by the Hacktivists pushed the DDoS attacks to 3.8% from 1.7%.

Once again, multiple industries lead the Target Distribution chart with 22.3% from 20.7%. The Healthcare sector remains the preferred target of ransomware gangs, and this explains the second place, for two years in a row, with 12.5%, substantially in line with  11.9% recorded over the course of 2021. Governments jumped at number three with 11.8% from 10.4%.

The statistics are also available as an infographic, so enjoy the read and spread my work to raise awareness!

As always bear in mind that the sample refers exclusively to the attacks included in my timelines, available from public sources such as blogs and news sites. Obviously the sample cannot be complete, but only aims to provide an high level overview of the threat landscape.

The sample used for the statistics is available below:

Please support my work, sharing the content, and of course follow @paulsparrows on Twitter for the latest updates.

Support my work! Make a donation!

Popular Posts
  • August 2016 Cyber Attacks Statistics

    It's time to publish the statistics derived from the cyber attacks timelines of August (Part I and Part II), a month particularly active from an Information Security perspective, despite the Summer time. As always, let’s start from the Daily Trend Chart, which shows obviously an ...

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...

  • February 2023 Cyber Attacks Statistics

    After the cyber attacks timelines, it’s time to publish the statistics of February 2023 where I have collected and analyzed...

  • Image by Gerd Altmann from Pixabay16-28 February 2023 Cyber Attacks Timeline

    The second cyber attacks timeline of February 2023 is out and with 10.62 events/day confirms...

  • Image by Gerd Altmann from Pixabay1-15 May 2022 Cyber Attacks Timeline

    The first timeline of May 2022 is out. In the first half of the month I collected 101 events, that is an average of 6.73 events/day. The level of activity, reflected by...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.