2022 Threat Intelligence Report
Learn about the 2022 cybersecurity threats and trends in our Threat Intelligence Reports curated by our Threat Intelligence Experts.
What’s inside the Report
Insightful cybersecurity information gathered in Rewterz's Annual Threat Intelligence Report 2022 can help organizations improve their security posture and implement a higher degree of protection. These findings are based on an analysis and examination of hundreds of thousands of servers, protected endpoints, and SOCs that we manage. To combat the evolving techniques of cyber threat actors and safeguard organisations' Confidentiality, Integrity, and Availability (CIA), our SOC teams employ cutting-edge threat intelligence and manage real-time threat data via our Security Orchestration Automation and Response (SOAR) platform, SIRP.
This report provides readers with a thorough understanding of the nature of the threats organisations have confronted in 2022 while operating in the cyber realm. Based on data collected by our Threat Intelligence team, this report includes the following key findings:
- Throughout the Russian-Ukrainian cyber war outbreak, there was a global rise in cyberattacks compared to the previous year.
- The United States remains the biggest attacking country in 2022, similar to 2021. Russia ranked 3rd in 2021 and topped the list in 2020 has gone to 2nd place.
- Healthcare sector emerged as the most targeted sector this year, following Financial Services and Information Technology.
- Phishing is still the most dangerous threat to individuals and organizations. The financial sector has been most impacted by phishing attacks (24%) in 2022.
- Application-layer attacks are on the rise, as around 72% of the web application attacks were carried out using Cross-Site Scripting (XSS).
- 25% of the detected cyber attacks targeted Port 443.
- The leading virus detected by our Security Operations Centers (SOC) is Virus:Win32/Ramnit.A (71%), with most attacks originating from the USA.
- One of the factors influencing the evolution of APT is still geopolitics. Gamaredon APT is reported to be the most active and most malicious Advanced Persistent Threat
- Pakistan has seen a surge in APT group attacks this year with most of the cyberattacks carried out by Donot APT, SideWinder, Patchwork, and Bitter APT groups.
- Ransomware has increased exponentially during the pandemic and the Russian-Ukrainian cyber warfare and is expected to rise in 2023 as well.