Stunning surges seen in record year for global cyber attacks

Hackers are finding sophisticated ways to circumnavigate established cybersecurity defences, with increases seen in coordinated group attacks worldwide

There was a rise in coordinated group attacks on large organisations and critical infrastructure last year, and cybersecurity experts expect this to continue in 2023, with more attacks on consumer IoT devices also predicted.

The findings emerged in Nuspire’s Q4 and Year in Review 2022 Threat Report, published yesterday. The quarterly report provides a comprehensive analysis of the threat landscape, parsing malware, botnet and exploit data and breaks down the tactics, techniques and procedures (TTPs) favoured by cybercriminals.

Nuspire's latest report confirmed 2022 had the most threat activity in history. While Q4 saw dips across all three sectors Nuspire monitors - including malware, botnets and exploits - the combined sum for the year shows a marked increase, especially in the case of exploits, which nearly doubled.

"We saw some normal ebbs in threat activity over the year, but the surges were stunning, delivering a volume of attacks we've never seen before," says J.R. Cunningham, Chief Security Officer at Nuspire. "While many of the methods focused on securing quick wins, like phishing and exploiting unpatched vulnerabilities, we also saw a rise in more coordinated threat group attacks on large organisations and critical infrastructure. Expect 2023 to have more of this activity, as well as adversaries' increased attention toward attacking consumer IoT devices."

The report’s findings included:

  • Exploit activity grew by 105% in Q4 2022, with total 2022 exploits nearly doubling over 2021. Brute forcing was the most popular tactic, increasing by nearly 400% over Q3 2022.
  • Malware jumped nearly 35% in Q4, with its year-over-year increase reaching 6.85%. 
  • Botnets jumped by 30% in 2022, with banking trojan Torpig Mebroot comprising more than 40% of all botnet activity throughout the year.   

"If 2022 showed us anything, it's that threat actors are not only increasingly adept at finding ways to circumnavigate established cybersecurity defences, but also, they bring a level of agility that lets them quickly course correct when a vector loses viability," says Craig Robinson, Research VP for Security Services at IDC

"We've seen the emergence of new security technologies aimed at thwarting a more creative and sophisticated adversary population, but no specific technology can replace the value of targeted threat intelligence to understand what's out there, how they're doing it and what you can do to protect yourself."


Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI