Analysis of UK cyber threat landscape, October 2022

Analysis of trends observed in cyber-attacks against UK organisations and possible future threats for businesses to defend against

Share This Post

Analysis is based upon multiple open-sources and statistics on UK cyber incidents from the Information Commissioners Office which dates back to 2019

The most recent ICO incident statistics cover the quarter April to June 2022. During this quarter there were following key trends:

Cyber-attack trends

There were a record number of attacks against Transport & Leisure sector in the quarter, an almost 40% increase on the quarterly average

It’s believed this increase was partly due to Lockbit ransomware gang targeting the transport sector during the quarter.

The Healthcare sector also saw an increase in the number of cyber-attacks, although the cause of almost 80% of these incidents was reportedly ‘hardware or software misconfiguration’, so its possible the increase was mainly due to human error rather than direct attacks.

Retail and manufacturing were the most targeted sector in the quarter. This is consistent with every quarter since statistics began in 2019 for UK incidents.

One sector was there a significant decrease in incidents was in Finance, Insurance and Credit; the quarterly number of incidents was almost 50% down on the average number of quarterly incidents in this sector.

It’s difficult to say exactly why there was a large drop in cyber incidents in Finance, Insurance and Credit and the real reason is likely to be multifaceted, but could include:

  • Finance, Insurance and Credit is the sector that possibly has the most sophisticated cyber defences in place due to their attractiveness as a target to cyber criminals
  • Due to this, cyber criminals may be actively targeting other sectors and any attacks against financial targets are likely less effective due to these defences
Future threats

Many ransomware gangs operate so-called ‘double extortion’ attacks, where they:

  • Lockdown the network of the victim company so that they are unable to use their IT systems, and
  • Threaten to leak sensitive data stolen from the victim, the idea being to pressure them into paying to prevent reputational damage, especially if the victim has restored their network thanks to back-ups and other systems


The LockBit ransomware gang is aiming to introduce ‘triple extortion’ attacks:

  • Lockdown the network
  • Leak sensitive data
  • Conduct Distributed Denial of Service (DDoS) attacks. This would probably be against the victim’s website to further pressure them into paying especially if it took their website and associated services offline.


In summer 2022, a UK law firm suffered a ransomware attack. In early 2022 the same firm had posted on its website about achieving the National Cyber Security Centre (NCSC’s) ‘Cyber Essentials +’ certification.

By achieving CE+, the firm will have had an internal and external test of its network for potential vulnerabilities. A ransomware attack against a firm with CE+ shows that even organisations with sophisticated cyber defences can be exploited by cyber criminals.

In 2021 there was a large increase in ransomware attacks against UK organisations, with the peak being 219 ransomware attacks in quarter July to September 2021. Since then, ransomware incidents have decreased both in UK and the rest of the world, but attack numbers are still elevated when compared with pre-2020 statistics.

Over the past few quarters, including April to June 2022, ransomware has made up almost one third of all UK incidents. This shows ransomware remains a persistent threat despite there being a decrease in the number of attacks.

Request a call back from team 2tela

Fill in your details and we'll be in touch

More To Explore

Threats & Exploits

Cyber operations during conflict and war

Middle East tensions significantly increased following the UK designated terrorist group Hamas attacked Israel on 7th October. Cyber operations are increasing and is a growing threat to UK businesses.

Do You Want To Boost Your Business?

drop us a line and keep in touch

Please Login

First timer?

Learn how we help give businesses peace of mind and security

Fill in the form and we'll be in touch.