2022 State of the Threat: A Year in Review

Secureworks Research Exposes the Stories Behind the Headlines

2022 Stateof the Threat

Get the Report

All fields are required.

Key Findings from State of the Threat

  • This 40+ page report comprehensively examines cybersecurity events from the end of June 2021 through June 2022. These events have been heavily influenced by escalating tensions in eastern Europe and the Middle East, a steady stream of critical vulnerabilities, and public leaks exposing the inner workings of organized cybercriminal ransomware gangs.
  • Based on insights from customer telemetry, incident response, underground monitoring, proactive threat research and intelligence relationships, CTU™ researchers observed the following high-level trends across the threat landscape:

Ransomware remains the number one threat for most organizations


Lightweight, disposable malware loaders emerged in 2022


Infostealer malware contributed to the sale of over two million credentials in one marketplace


Exploitation of remote services replaced credential-based access as the most common initial access vector


Nation-state activity has developed a more regional focus


Defense evasion remains unsophisticated — providing valuable detection opportunities

How Secureworks Created State of the Threat

CTU researchers analyze trillions of security events every week, gathered from the Taegis XDR platform. Combined with data processed through Taegis VDR, proactive research, and insights gathered through Secureworks Incident Response engagements, this report represents one of the most comprehensive views of the threat landscape.

Download the report now for a detailed visualization of the threats the CTU team has come across, the intelligence gathered from these engagements, and advice on securing your most valuable business assets.


proactive and reactive incident response engagements per year


events per day processed by Taegis


combined years of work experience in the CTU team