Ransomware sees biggest spike in five years

A major cyber security report has found that the past year saw a massive jump in ransomware attacks over the past five years.

26 May 2022

According to the Verizon Business 2022 Data Breach Investigations Report (2022 DBIR), it has been an "unprecedented year" in cyber security. The annual report has identified that an increase of 13% in ransomware breaches over the past 12 months is an "alarming rise" in that space of time, in comparison to previous data that the DBIR had collected in the past five years combined. 

According to Hans Vestberg, CEO and chairman of Verizon, the pandemic has exposed a number of critical issues that businesses have been forced to navigate in real time over the past few years.

"Nowhere is the need to adapt more compelling than in the world of cyber security.

"As we continue to accelerate toward an increasingly digitised world, effective technological solutions, strong security frameworks, and an increased focus on education will all play their part in ensuring that businesses remain secure, and customers protected," Vestberg said.

According to the 2022 DBIR researchers, heightened geopolitical tensions are key drivers of increased sophistication, visibility, and awareness around state-backed cyber attacks. While cybercriminals have been increasingly leveraging sophisticated forms of malware, ransomware continues to be the preferred method of exploiting and monetising illegal access to private information. 

Organised crime has had a continued presence as the 2022 DBIR found that four in five breaches can be attributed to organised crime, according to the data, with external actors about four times more likely to cause breaches in an organisation than internal actors.  

Commenting on this year’s report findings, Dave Hylender, lead author of the DBIR, believes that assessing the many cyber security threats that organisations continue to face sheds light on some of the leading issues affecting the international cyber security landscape. 


Explore our cyber training and resources to defend against online threats to your business. Plans start from only $10/month.

"While the report has evolved, the fundamentals of security remain the same.

"Assess your exposure, mitigate your risk, and take appropriate action.

"As is often the case, getting the basics right is the single most important factor in determining success," Hylender said. 

The past year has also been dominated by supply chain issues, which is a major concern for many businesses. The 2022 DBIR researchers noted that 62% of system intrusion incidents came via an organisation’s partner, a trend reflected across the cyber security landscape.

"Compromising the right partner is a force multiplier for cybercriminals and highlights the difficulties that many organisations face in securing their supply chain," the 2022 DBIR researchers wrote.

Finally, the weakest link in an organisation’s cyber security defences is still people. The 2022 DBIR lists 25% of total breaches in 2022 were from social engineering attacks, human errors and misuse of privilege. The human element accounts for a total of 82% of analysed breaches over the past year.

The 2022 DBIR analysed 5,212 confirmed breaches out of 23,896 security incidents. The data was sourced from 87 domestic and international contributors ranging from government agencies from several countries, law enforcement agencies, CERTs and ISACs to forensic and law firms.


Train your staff to be the frontline of your defence against cyber attacks with plans starting from $10/month

Found this useful?

Subscribe to our newsletter and receive the best business tips and articles straight to your inbox.

Thank you for signing up to our newsletter. You're one step closer to receiving more insightful information to help better your business.

We take your privacy seriously and by subscribing to our newsletter you agree to the terms of our Privacy Policy available below.