Report

2022 State of the Threat Report

Cyber threats have taken over 2022 and they show no sign of stopping. In this report, we explore some of the most recent, hard-hitting cyberattacks.


In 2022, ransomware remained the most prevalent form of attack. In investigations by Secureworks incident responders, the median time between initial access and ransomware detonation dropped to 4.5 days in 2022, compared to 5 days in 2021. Meanwhile, nation-state dynamics like those observed in conflicts between Russia and Ukraine shifted rapidly.

And that’s just the tip of the iceberg.

With so many sophisticated threats developing, Secureworks is more committed than ever to providing the most up-to-date threat intelligence to its customers and to organizations looking to build long-term security maturity.

Secureworks Counter Threat Unit™ (CTU) researchers have noted a general trend: the size of organizations falling victim to these threats is growing smaller over time. Smaller organizations are likely to be less well-resourced, making them a softer target and one that is less likely to bring in specialist incident response services after the event.

This detection window is critical for network defenders to exploit. On numerous occasions, Secureworks Taegis™ XDR countermeasures have alerted customers to ransomware precursors in their environment, allowing them to isolate impacted hosts, block the command-and-control infrastructure, and reset compromised credentials before threat actors can capitalize on access.

However, ransomware is far from the only threat plaguing businesses. As companies work to solidify their defenses, adversaries do everything in their power to circumvent them.

Read our comprehensive report to understand key findings and recommendations your organization can take to counter threats.