• Follow us:

Call us: 08000 248 900


UK Cybersecurity Report 2022

Key Insights from the analysis of the 200 most significant cyber attacks in the UK between 2006-2022.
Main Text
Date published: 9th January 2023
The UK Cybersecurity Report 2022 analyses the UK cyber landscape with a particular focus on the most hazardous​ cyber attacks that businesses encountered since 2006.

Every organisation, regardless of size, is exposed to a cyber attack due to the critical amount of client information they hold.​ ​Malicious attackers continue exploiting such databases as people and organisations rely on internet-connected devices.​ Businesses need to be highly vigilant about the consequences of different threats, including ransomware attacks, data breaches and phishing email attacks spreading across the UK. ​​​According to the Department for Digital, Culture, Media & Sport, four out of ten firms (39%) had experienced cyber security breaches or attacks in 2021.

What’s inside the UK Cybersecurity report 2022


> Introduction
> Key findings of the UK Cybersecurity Report 2022
> Top cyber attacks in the UK
> Ransomware attacks in the UK
> Most affected sectors in the UK
> Size of UK companies affected
> Governmental vs. non-governmental organisations
> Profit vs. nonprofit
> B2B vs. B2C
> The most exposed type of UK data
> Distribution of cyber attacks in the UK by year
> Distribution of cyber attacks in the UK by month
> Inside vs. outside cyber attacks
> Passive vs. active cyber attacks
> Motives of different cyber attacks
> Additional results
> Methodology
> Conclusion
> Get a free cybersecurity training



Video: The TWC UK Cybersecurity Report 2022 in less than 3 minutes

Methodology of the UK Cybersecurity Report 2022

TWC IT Solutions investigated the 200 most significant cyber attacks in the UK using publicly available data provided by organisations. TWC also obtained information on over 500 prominent global cyber attacks in order to achieve a holistic approach.
The data processing was completed in two stages.​ The first step of the research generated 13 different graphs and metrics detailing the UK cyber landscape. The second phase focused on the collected data, allowing us to examine the specific characteristics of each industry and the type of cyber attack that took place.​
The analysis took into account the followings​:

> Governmental or non-governmental organisation

> Size of the company

> Type of industry

> Was it a B2B or a B2C organisation?​

> Profit or not-for-profit

> Year of the cyber attack​

> Month of the cyber attack​

> Country of the cyber attack​

> Type of cyber attack​

> Was it an insider or an outsider attack?​

> Type of motive

> Was it an active or a passive attack?​

> Number of accounts affected

> Type of information stolen

> Duration of the cyber attack

> Has a data breach taken place or not?​

Some of the key findings of the UK Cybersecurity Report 2022​​

Key Finding #1: Malware (49.14%), system vulnerabilities (22.41%) and phishing attacks (9.48%) are the most frequent cyber attacks

According to the UK Cybersecurity Report 2022, malware attacks are the most common type of attack targeting industries, followed by system vulnerabilities and phishing attacks. However, despite this data, TWC also concluded that not all organisations were able to provide further information about the scale or type of the attack, partially for legal reasons.

Additional Insight: Phishing attacks (11% of all cyber attacks) were the third most common type of cyber attack against B2C organisations.

Key Finding #2: The travel, education, transportation and financial sectors are the most severely impacted industries by malware in the UK​

The UK cybersecurity report 2022 also discovered that seven out of the ten biggest malware attacks reported in the United Kingdom were ransomware attacks. After ransomware, supply chain attacks (12%) and email phishing attacks (5%) turned out to be the two most dominant malware types targeting businesses. ​

Additional Insight: ​The web (SaaS, Web & Mobile Applications, Online businesses), healthcare and gaming industries are the UK’s most vulnerable industries to phishing attacks.​

Key Finding #3: The retail, finance and healthcare industries are most affected sectors according to the UK cybersecurity report 2022

During the data analysis, TWC also found that 76.9% of ransomware attacks targeted B2C businesses and the industries impacted by cyber attacks the most were the services and the retail sector. The paper also considered different types of ransomware cases and learned that trojan assaults, system vulnerabilities and DDoS attacks made up 10% of all malware cases.

Additional Insight: The service, retail and healthcare sectors are the Top 3 most heavily affected industries by the cyber attacks that targeted medium-sized businesses in the United Kingdom

Key Finding #4: Over the past 16 years, the greatest malware attacks affected an average of 25,190,714 users in the UK

The UK cybersecurity report 2022 revealed that full names (10.51%​) and physical addresses (10.17%) were exposed in this study’s 200 major UK cases.​ Email addresses are the third most commonly exposed type of data (9.49%). Cybercriminals who steal sensitive information frequently sell them on the dark web. For instance, 500,000 stolen credentials were offered for sale on dark web criminal forums in the 2020 Zoom data breach case.​

Additional Insight: In 2.37% of the UK cases examined, health records, an extremely sensitive personal data, have been compromised. Despite being a relatively small percentage, healthcare data is quite valuable. As opposed to a single piece of information that could be obtained in a financial breach, healthcare data frequently includes all of the person’s identifying information, making it lucrative on the black market. As such, the most valuable information on the black market is medical data.​​

Key Finding #5: 41% of the UK’s biggest cyber attacks of all times were recorded during 2022

There was an alarming level of cyber attacks in 2020 and 2021, accelerated by the digital transformation brought on by the Covid-19 pandemic.​ The cyber attacks in 2019 (3.09%) tripled in 2020 (9.79%). We have also observed that the number of cyber attacks increased in 2017​.

Additional Insight: The WannaCry ransomware attack in 2017 was one of the worst cyber attacks in history. It is estimated that more than 300,000 computers were affected during this attack across 150 countries, with total damages ranging from hundreds of millions to billions of dollars.​

Key Finding #6: Historically, the first quarter has been the most dangerous period of a fiscal year in terms of hacking activity

​​Within a year, March, July and May became the prime months for cyber attacks. The data of the UK cybersecurity report 2022 also highlights that retailers are strongly encouraged to be on the lookout for cyber attacks between March and July as it is a peak period for cybercriminals to target organisations.​

Additional Insight: 6.7% of the investigated cases lasted longer than a month.​

Key Finding #7: 42% of the cyber attacks affected UK companies with up to 250 employees.

Given that the examined cases are the most significant cyber attacks in the UK over the last 15 years, the fact that 22% of the total attacks occurred against small businesses can lead to the conclusion that no business is truly safe from cybercrime.

Additional Insight: ​In 64.3% of the cases, an outside source was responsible for the attack against B2B organisations.​

For more key findings, download the full UK Cybersecurity Report 2022

Build your cybersecurity strategy with the help of an expert

The rapid growth of the Internet has resulted in a significant increase in cyber attacks, many of which have severe and disastrous consequences. Malware is the most commonly used attack employed to carry out malicious intent in the cyberspace​ by exploiting existing vulnerabilities or unique characteristics of emerging technologies. It is now more important than ever to secure businesses by clarifying the dangers of cyber attacks and the methods we have to avoid them. Every size of business, regardless of its industry, is vulnerable to cyber attacks and the only way to reduce cybersecurity risks is to raise awareness among employees.​

TWC IT Solutions has been included among the top Cybersecurity Consulting companies in the UK for 2022 by Clutch, Goodfirms and Tech Reviewer.

Reach out to us at 08000 248 900.

Boglárka Chamer

Social Media Executive, TWC IT Solutions

Curated with love by TWC IT Solutions.
Main Text
Diablo Cody

Diablo Cody


IT Awards and Distinctions

Nine  distinctions in two years.

Footer Section

Los Angeles
New Jersey

Hong Kong, China

Dubai, UAE

Image is not available
Image is not available
Image is not available

32-34 Station Close
Potters Bar

Image is not available
Footer Base
TwitterTwitter - MO
LinkedInLinkedIn - MO
YouTubeYouTube - MO
MailMail - MO
Live ChatLive Chat - MO
© 2024 TWC IT Solutions