Skip to main content

2022 State of the Threat: A Year in Review

Secureworks Research Exposes the Stories Behind the Headlines

2022 Stateof the Threat

Want to hear more from Secureworks’ expert contributors? Watch on-demand recordings of the 2022 Global Threat Intelligence Summit for detailed insight on today’s most critical threats.

Start watching now

Key Findings from State of the Threat

  • This 40+ page report comprehensively examines cybersecurity events from the end of June 2021 through June 2022. These events have been heavily influenced by escalating tensions in eastern Europe and the Middle East, a steady stream of critical vulnerabilities, and public leaks exposing the inner workings of organized cybercriminal ransomware gangs.
  • Based on insights from customer telemetry, incident response, underground monitoring, proactive threat research and intelligence relationships, CTU™ researchers observed the following high-level trends across the threat landscape:
01

Ransomware remains the number one threat for most organizations

02

Lightweight, disposable malware loaders emerged in 2022

03

Infostealer malware contributed to the sale of over two million credentials in one marketplace

04

Exploitation of remote services replaced credential-based access as the most common initial access vector

05

Nation-state activity has developed a more regional focus

06

Defense evasion remains unsophisticated — providing valuable detection opportunities

How Secureworks Created State of the Threat

CTU researchers analyze trillions of security events every week, gathered from the Taegis XDR platform. Combined with data processed through Taegis VDR, proactive research, and insights gathered through Secureworks Incident Response engagements, this report represents one of the most comprehensive views of the threat landscape.

Download the report now for a detailed visualization of the threats the CTU team has come across, the intelligence gathered from these engagements, and advice on securing your most valuable business assets.

1,400+

proactive and reactive incident response engagements per year

470B+

events per day processed by Taegis

1,260

combined years of work experience in the CTU team

Want to Hear More From the Secureworks Counter Threat Unit Team?

Get expert intel on the latest in ransomware, supply-chain exploits, cloud vulnerabilities, and more.

2022 Global Threat Intelligence Summit recordings now available on-demand.

Browse on-demand sessions

Get the Report

All fields are required.
Close Modal
Close Modal