In 2022, global businesses, organizations, and governments were increasingly worried about cyber risks to critical infrastructure and supply chains, and their concerns were justified. Technological advancements increased threats, and malicious actors multiplied, including nation-states, criminal groups, and individual hackers. These cyberattacks had serious consequences, from ransomware and data breaches to operational disruptions and physical damage.
Top 5 Most-Attacked Sectors
Critical infrastructure and supply chains remain prime targets. Technology, manufacturing, and transportation/distribution, as vital components of daily life, consistently rank in the top 5 most attacked sectors. Notably, the Public Sector jumps to #4, influenced by the intensifying geopolitical situation.
- Technology, 25.90 %
- Manufacturing, 19.01 %
- Education, 11.37 %
- Public Sector, 9.10%
- Transport and Distribution, 8.12%
Cloud and Saas Attacks
Cloud and SaaS attacks continued to increase, with web-based and desktop applications accounting for 70% of incidents. In particular, content management systems (CMS) and utilities accounted for approximately 80% of web-hosted targets.
- 45.22% Web application attack
- 25.23 % Application specific attack
- 21.27% Reconnaissance
Web Applications Attacks
Globally, attacks were evenly distributed across CMS software, plugins and PHP web applications, with a significant focus on WordPress. WordPress was the most targeted CMS software with 36.10% in the Americas, 31.10% in APAC and 38.82% in EMEA. Rather than targeted campaigns, many attacks relied on exploits embedded in malware and botnets.
Banking Trojans and Cryptominers
Banking Trojans (48.97%) remained prominent but declined slightly from the previous year, while Cryptominers (15.48%) increased after a lull in 2021, despite the loss of value of many currencies. Such fluctuations are relatively common as industry partners, hosting providers and law enforcement work to disrupt and dismantle cyber threats and infrastructure – as well as resurgences of previously disrupted malware.
High-Impact & Top Targeted Vulnerabilities
Attackers have been targeting high-impact vulnerabilities, with nearly 75% having critical or high severity CVSSv3 scores. Despite being widely known and publicized, the most targeted vulnerabilities continue to be successful. In 2022, three of the top five targeted CVEs were listed in the US Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerability Catalog. This underscore existing gaps in vulnerability management, response, and visibility within organizations regarding their own attack surfaces.