Latest Cybersecurity Infographics-Facts, Figures & Statistics (2022)

Nov 2, 2022

Cybersecurity for me site logo

11 Useful Cybersecurity Statistics and Facts (Infographic)

11 Useful Cybersecurity Statistics and Facts

Cybersecurity Industry Trends in 2022

Cybersecurity Industry Trends in 2022

Cybersecurity Market Statistics (Infographics)

The 10 Biggest Ransomware Attacks of 2021 (Infographic)

12 Strategic Technology Trends for 2022 According To Gartner (Infographic)

14 Alarming Cybersecurity Statistics That You Must Know (Infographic)

List of Sectors Which Suffered The Most Security Breaches (% Wise) – Infographic

Biggest Data Breaches of Organizations Reported in 2021 (Infographic)

  • 7 Top Trends in Cybersecurity For 2022 According To Gartner (Infographic)

10 Cybersecurity Predictions For 2022 (Infographic)

Types of Network Security Attacks (Infographic)

Top 10 Ransomware Attacks By Revenue in 2021 (Infographic)

Historical Hacking Statistics (Infographic)

Statistics For The Cost of Cyber Crime (Infographic)

Statistics For Security Spending and Costs (Infographic)

Latest Cybersecurity Job Statistics (Infographic)

Covid-19 Cybersecurity Statistics (Infographic)

GDPR Cybersecurity Statistics (Infographic)

Historical Data Breaches Statistics (Infographic)

  1. During the year 2020, well-known social platforms like Twitter were hacked due to which about 130 accounts including some celebrities like Elon Musk and former presidents were compromised. As a result, the attackers carried out over 300 transactions in which $121,000 in Bitcoin was defrauded. (CNBC)
  2. According to a report, in the year 2020, Marriott disclosed security breaches and data impacts on more than 5.2 million hotel guests. (Marriott)
  3. As a result of the MGM data breach in 2019, some hackers leaked records of approximately 142 million hotel guests, including their personal information as well as banking information. (CPO Magazine)
  4. More than 500 million users dating back to 2014 had their information compromised in a Marriott-Starwood data breach made public in 2018. (CSO Online)
  5. In 2018, Under Armor, itself reported that “My Fitness Pal” was hacked, during which about 150 million users were affected. (Under Armour)
  6.  In the year 2017, about 147.9 million users were affected by the Equifax breach. (Equifax)
  7. The Equifax breach proved to be very costly for the company, and it lost about $4 billion. (Time magazine)
  8. In the year 2017, a site called Friendfinder was also a victim of hacking, in which about 412 million user accounts were stolen. (Wall Street Journal)
  9. Once again in the year 2017, a virus named WannaCry troubled everyone and infected about 100,000 groups and more than 400,000 machines in at least 150 countries, causing a huge loss which was about $ 4 billion. (Technology Inquiry)
  10. In the year 2016, hackers hacked the popular company Uber and stole the information of more than 57 million riders and drivers. Uber itself disclosed this thing. (Uber)
  11. Uber Company likely tried to pay hackers so that they could delete the stolen data of 57 million users, due to the possibility of more damage by this hack. (Bloomberg)
  12. If we talk about the biggest breaches of all time, then in the year 2013, more than 3 billion Yahoo accounts were hacked by hackers (New York Times)

Statistics of Phishing Attacks (Infographic)

Statistics of Ransomware and Malware Attacks (Infographic)

Statistics of IoT, DDOS, and Other Attacks (Infographic)

Statistics of Cybersecurity Compliance and Governance (Infographic)

6 Common Crimes And Risks Online According To the FBI (Infographic)

Global Cyber Strategies Index (Infographic)

Cyber Attack Lifecycle Stages Involved in a Breach (Infographic)

The Threat Intelligence Lifecycle (Inforgraphic)

Types of Data Breaches (Infographic)

Cybersecurity Essentials According To CISA (Infographic)

Cyber Attack Incidents According To CSIS From (2020-2022*) – Timeline

Year 2022

Iranian hackers targeted Albanian computer systems, forcing Albanian officials to temporarily shut down the Total Information Management System, a service used to track individuals entering and exiting Albania.
This attack closely followed Albania’s decision to sever diplomatic ties with Iran as well as the American sanctions and NATO’s condemnation of an Iranian cyberattack against Albania in July.

September 2022

Hackers targeted Montenegro’s government networks, rendering Montenegro’s main state websites and government information platforms inaccessible. Montenegrin officials blamed Russia for the attack.

September 2022

Hackers targeted the state-level parliamentary website of Bosnia and Herzegovina, rendering the sites and servers inaccessible for multiple weeks.

September 2022

The group Anonymous took responsibility for a series of cyberattacks against the Iranian government that took down two main Iranian government websites and the websites of several state media organizations.

September 2022

A Russian-based hacking group targeted the website of the United Kingdom’s intelligence agency MI5 with a DDoS attack that temporarily took the site offline.

September 2022

Hackers used a DDoS attack to temporarily take down the website of Taiwan’s presidential office. The Taiwanese government attributed the attack to foreign hackers and stated normal operations of the website resumed after 20 minutes.
Taiwan’s Foreign Ministry also noted hackers targeted their website and the main portal website for Taiwan’s government.

August 2022

August 2022. Hackers targeted the Finnish Parliament with a DDoS attack that rendered the Parliamentary website inaccessible. A Russian group claimed responsibility for the attack on Telegram.

August 2022. Hackers targeted the website of Ukraine’s state energy agency responsible for the oversight of Ukraine’s nuclear power plants. The agency stated that Russian hackers carried out the attack.

August 2022. Hackers targeted the website of the Latvian Parliament with a DDoS attack that temporarily paralyzed the website’s server. A Russian hacking group claimed responsibility for the attack on Telegram.

August 2022. A Russian group claimed responsibility for breaching a privately owned UK water supply company South Staffordshire Water and leaking files in an extortion attempt.

August 2022. Hackers targeted Montenegro’s government institutions, breaching the computer systems of several state bodies. Montenegro’s Defense Minister stated there was sufficient evidence to suspect Russia was behind the attack.

August 2022. A DDoS campaign targeted the websites of both government and private Estonian institutions. Estonia stated that the attack was largely repelled, and the impact was limited.

August 2022. Hackers used phishing emails to deploy malware in government institutions and defense firms throughout Eastern Europe in January 2022. A report by Russian-based company Kaspersky linked the campaign to a Chinese hacking group.

July 2022. Belgium’s Foreign Ministry accused China of a cyberespionage campaign against Belgian targets, including Belgium’s Ministries of Interior and Defense. A spokesperson for the Chinese Embassy in Belgium denied the accusations.

July 2022. Hackers targeted social media accounts owned by the British Royal Army. The attack included the takeover of the British Army’s Twitter and YouTube accounts.

July 2022. Hackers targeted Lithuania’s state-owned energy provider in a DDoS attack. Killnet, which Lithuanian officials link to Russia, claimed responsibility for the attack.

July 2022. Hackers temporarily took down websites belonging to the Albanian Prime Minister’s Office and the Parliament, and the e-Albania portal used to access public services.

July 2022. Hackers breached a Ukrainian media company to broadcast on multiple radio stations that Ukrainian President Volodymyr Zelenskyy was in critical condition. Zelenskyy refuted the claims and blamed Russia for the attack.

June 2022. Hackers targeted Lithuania’s state railway, airports, media companies, and government ministries with DDoS attacks. A Russian-backed hacking group claimed responsibility for the attack.

June 2022. The FBI, National Security Agency (NSA) and CISA announced that Chinese state-sponsored hackers targeted and breached major telecommunications companies and network service providers since at least 2020.

June 2022. Hackers targeted former Israeli officials, military personnel, and a former U.S. Ambassador to Israel. An Israeli cybersecurity firm stated that Iranian-linked actors used a phishing campaign to gain access to the targets’ inboxes, personally identifiable information, and identity documents.

June 2022. Hackers targeted three Iranian steel companies, forcing the country’s state-owned plant to halt production.

June 2022. Hackers leaked files and photos known as “The Xinjiang Police Files” displaying human rights abuses committed by the Chinese government against the Uyghur population.

June 2022. An attack targeted users of Australia’s largest Chinese-language platform, Media Today. The hackers made over 20 million attempts to reset user passwords in the platform’s registration system.

June 2022. Hackers targeted municipal public address systems in Jerusalem and Eliat, triggering the air raid siren systems throughout both cities. An Israeli industrial cybersecurity firm attributed the attack to Iran.

June 2022. A Chinese-linked disinformation campaign targeted Australian mining company Lynas Rare Earths. The campaign included spreading disinformation on social media platforms and websites regarding Lynas Rare Earths’ alleged environmental record.

June 2022. A phishing campaign targeted U.S. organizations in the military, software, supply chain, healthcare, and pharmaceutical sectors to compromise Microsoft Office 365 and Outlook accounts.

June 2022. Hackers compromised accounts belonging to officials in Germany’s Greens party, including ones used previously by Annalena Baerbock and Robert Habeck, who now serve as Minister for Foreign Affairs and Minister for Economic Affairs and Climate Action.

June 2022. Hackers targeted Norwegian public institutions with DDoS attacks, disrupting government websites. The Norwegian NSM security authority attributed the attack to pro-Russian hackers.

May 2022. A DDoS attack targeted the Port of London Authority, forcing its website to go offline. A group linked to Iran took responsibility for the hack.

May 2022. A phishing campaign targeted the Jordan Ministry of Foreign Affairs. Researchers attributed the attack to an Iranian cyber espionage actor.

May 2022. The Ethiopian Information Network Security Agency (INSA) stated hackers targeted the Grand Ethiopian Renaissance Dam (GERD). Ethiopia’s communications security agency thwarted the attacks before hackers could gain access to the networks.

May 2022. A Chinese hacking group stole intellectual property assets from U.S and European companies in 2019 and went largely undetected. Researchers believe the group is backed by the Chinese government.

May 2022. State-sponsored hackers took down RuTube, the Russian version of YouTube, according to the company.

May 2022. Russian hackers hit Italian websites with a DDoS attack, including the Senate, the Ministry of Defence and the National Health Institute. The group states its goal was to target NATO countries and Ukraine.

April 2022. The Romanian National Directorate of Cyber Security said that multiple public and private sector websites were hit with DDoS attacks. The victims included the ministry of defense, border police, the national railway company, and the OTP Bank. A group claiming credit for the attack said on Telegram that it hacked the websites because Romania supported Ukraine since the Russian invasion of the country.

April 2022. Cybersecurity researchers identified a new campaign by Russian-linked hackers that started in January and targeted diplomats and embassy officials from France, Poland, Portugal, and other countries. The hacks started with a phishing email to deliver a malware-laden file to the target.

April 2022. Iranian state television claimed that the government foiled cyber intrusions that targeted more than 100 public sector agencies. They provided no further information on the incident.

April 2022. Hackers targeted members of the European Commission with spyware developed by NSO Group. An Apple notification from November to thousands of iPhone users stating they were targeted by state-sponsored actors alerted the Commission of this spyware use.

April 2022. A North Korea-linked hacking campaign using phishing emails sent from fake job recruiters targeted chemical companies in South Korea.

April 2022. A Citizen Lab study discovered actors used NSO Group spyware to target at least 65 Catalonian activists and political figures.

April 2022. The U.S. Treasury Department’s Office of Foreign Assets Control attributed the March 29 hack of Ronin Network to a North Korean hacking group and announced sanctions against the hackers. The group stole over $540 million in Ethereum and USDC.

April 2022. Hackers launched DDoS attacks against websites belonging to the Finnish Ministries of Defence and Foreign Affairs. The attack’s botnet used over 350 IP addresses from around the world and the denial of service was sustained for four hours.

April 2022. Hamas-linked cyber actors used a network of fake Facebook and Twitter profiles to surveil members of the Israeli security establishment. The actors also used WhatsApp to grow trust with their targets, then requested them to download an app with malware.

April 2022. Hackers targeted the Telegram accounts of Ukrainian government officials with a phishing attack in an attempt to gain access to the accounts.

April 2022. Cybersecurity researchers observed hackers penetrating the networks of at least 7 Indian State Load Dispatch Centres (SLDCs) which oversee operations for electrical grid control. The SLDCs manage SCADA systems and researchers suggested that PLA-linked hackers may be involved.

April 2022. A social media platform disrupted two Iranian-linked cyber espionage campaigns that targeted activists, academics, and private companies. The campaign targeted businesses in the energy, semiconductor, and telecom sectors in countries including the U.S., Israel, Russia, and Canada by using phishing and other social engineering techniques.

April 2022. A group targeted several Ukrainian media organizations in an attempt to gain long-term access to their networks and collect sensitive information, according to researchers. The group has connections to the Russian GRU.

April 2022. The United States removed Russian malware from computer networks around the world, a move made public by Attorney General Merrick B. Garland. While it is unclear what the malware’s intention was, authorities noted it could be used for anything from surveillance to destructive attacks. The malware created a botnet controlled by the Russian GRU.

April 2022. Hackers targeted a Ukrainian energy facility, but CERT-UA and private sector assistance largely thwarted attempts to shut down electrical substations in Ukraine. Researchers believe the attack came from the same group with ties to the Russian GRU that targeted Ukraine’s power grid in 2016, using an updated form of the same malware.

April 2022: Hackers targeted Ukraine’s National Post Office with a DDoS attack, days after releasing a new stamp honoring a Ukrainian border guard. The attack affected the agency’s ability to run its online store.

March 2022. Hackers used a DDoS attack to shut down the National Telecommunications Authority of the Marshall Islands. The attack disrupted internet services on the Islands for over a week.

March 2022. Pakistani government-linked hackers targeted Indian government employees in an espionage operation. The group also created fake government and military websites to deliver malware to their targets.

March 2022. An attack on a satellite broadband service run by the American company Viasat disrupted internet services across Europe, including Ukrainian military communications at the start of the Russian invasion. The attackers hacked satellite modems belonging to thousands of Europeans to disrupt the company’s service.

March 2022. Hackers penetrated the websites belonging to multiple Russian agencies including the Energy Ministry, the Federal State Statistics Service, the Federal Penitentiary Service, and the Federal Bailiff Service. The websites displayed several anti-government and anti-invasion images and messages before the agencies were able to expel the attackers.

March 2022. Hackers targeted Greenland’s parliamentary authority in an apparent espionage operation, forcing the parliament to cancel meetings and slowing social benefit payments.

March 2022. The National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC) stated that hackers from the United States targeted Chinese computers to carry out attacks on Russia, Ukraine, and Belarus.

March 2022. The U.S. Department of Justice charged four Russian government employees involved in hacking campaigns that took place between 2012 and 2018. The hacks targeted critical infrastructure companies and organizations largely in the energy sector. The hackers sought to install backdoors and deploy malware in the operational technology of their targets.

March 2022. Hackers defaced and disrupted several Russian government and state media websites, according to the Russian Ministry of Digital Development and Communications. The Emergency Situations Ministry website was hacked, and the attackers wrote messages encouraging Russian soldiers to defect. Tass, a state-run news agency, was also penetrated and hackers displayed a call for people to “take to the streets against the war.”

March 2022. The National Research Council, Canada’s biggest state-funded research agency, shared that hackers penetrated its networks. An announcement on the Council’s website explained that parts of its online presence were taken offline as a result of this incident.

March 2022. Hackers linked to the Chinese government penetrated the networks belonging to government agencies of at least 6 different U.S. states in an espionage operation. Hackers took advantage of the Log4j vulnerability to access the networks, in addition to several other vulnerable internet-facing web applications.

March 2022. Hackers used a DDoS attack to target a major Israeli telecommunication provider. As a result, multiple Israeli government websites were taken offline.

February 2022. Researchers identified campaigns by two North Korean government-backed groups targeting employees across numerous media, fintech, and software companies. The hackers used phishing emails advertising fake job opportunities and exploited a vulnerability in Google Chrome to compromise the companies’ websites and spread malware.

February 2022. The websites of the Ukrainian Cabinet of Ministers and Ministries of Foreign Affairs, Infrastructure, and Education were disrupted in the days before Russian troops invaded Ukraine. Wiper malware was also used to penetrate the networks of one Ukrainian financial institution and two government contractors.

February 2022. A Beijing-based cybersecurity company accused the U.S. National Security Agency of engineering a backdoor to monitor companies and governments in over 45 countries around the world. A Foreign Ministry spokesman said that operations like this may threaten the security of China’s critical infrastructure and compromise trade secrets.

February 2022. On February 15, a DDoS attack knocked websites belonging to the Ukrainian Defense Ministry and two of the country’s largest banks offline. The U.S. and the UK attributed the attack to the Russian GRU. The Ukrainian Cyber Police claimed that the attack was connected to another “information attack” where Ukrainian citizens received spam text messages claiming that ATMs were not working.

February 2022. A Beijing-based cybersecurity company accused the U.S. National Security Agency of engineering a back door to monitor companies and governments in over 45 countries around the world. A Foreign Ministry spokesman said that operations like this may threaten the security of China’s critical infrastructure and compromise trade secrets.

February 2022. A Pakistani group deployed a remote access trojan to conduct espionage against Indian military and diplomatic targets. The group generally uses social engineering and/or USB- based worms to penetrate a network.

February 2022. An Iranian-linked group conducted espionage and other malicious cyber operations against a range of private companies and local and federal governments.

February 2022. Multiple oil terminals in some of Europe’s biggest ports across Belgium and Germany fell victim to a cyberattack, rendering them unable to process incoming barges. A ransomware strain associated with a Russian-speaking hacking group was used to disrupt the ability of energy companies to process payments.

February 2022. Since October 2021, a hacking group targeted Palestinian individuals and organizations with malware. Researchers suggest that the operation could be connected to a broader campaign by a hacking group commonly attributed to the cyber arm of Hamas that started in 2017.

February 2022. A U.N. report claimed that North Korean hackers stole more than $50 million between 2020 and mid-2021 from three cryptocurrency exchanges. The report also added that in 2021 that amount likely increased, as the DPRK launched 7 attacks on cryptocurrency platforms to help fund their nuclear program in the face of a significant sanctions regime.

February 2022. The networks of the U.K. Foreign Office were penetrated by hackers. All details of the incident remain confidential.

January 2022. A Chinese hacking group breached several German pharma and tech firms. According to the German government, the hack into the networks of service providers and companies was primarily an attempt to steal intellectual property.

January 2022. Hackers shut down internet traffic to and from North Korea twice in two weeks from what researchers say was likely a series of DDoS attacks. The second attack came just after North Korea’s 5th missile test of the month.

January 2022. Hackers breached the Canadian Foreign Ministry, hampering some of the Ministry’s internet-connected services. The hack came a day after the government issued a warning to bolster network security in anticipation of Russia-based cyberattacks on critical infrastructure.

January 2022. A series of DDoS attacks targeted a high-stakes Minecraft tournament and ended up impacting Andorra Telecom, the country’s only internet service provider. The attack disrupted 4G and internet services for customers.

January 2022. The Informatic Directorate of the Greek Parliament identified an attempt to hack into 60 parliamentary email accounts. In response, authorities temporarily shut down the mailing system in the legislature.

January 2022. An Australian spokesman accused WeChat of taking down Prime Minister Scott Morrison’s account and redirecting users to a website that provides information for Chinese expatriates. The Government claims that they first encountered problems posting to the Prime Minister’s account in mid-2021.

January 2022. A cyberattack targeted the Ukrainian government, hitting 90 websites and deploying malicious software masquerading as ransomware to damage dozens of computers in government agencies.

January 2022. Hackers attacked several Israeli media outlets, including Maariv and the Jerusalem Post, posting threatening messages on their websites. One message stated “we are close to you where you do not think about it” in English and Hebrew.

January 2022. A DRPK-affiliated group targeted multiple Russian diplomats with malware. The diplomats received an email disguised as a New Year greetings screensaver but which, after being opened, installed a remote access trojan.