The Active Adversary Playbook 2022
Cyberattacker behaviors, tactics and tools seen on the frontline of incident response during 2021
The Active Adversary Playbook 2022 details the main adversaries, tools, and attack behaviors seen in the wild during 2021 by Sophos’ frontline incident responders. You’ll learn:
- The anatomy of active attacks including root causes and main attack types
- The toolsets adversaries have been employing to facilitate attacks
- The main ransomware adversaries observed
Armed with these insights, you’ll better understand what adversaries do during attacks and how to spot and defend against such activity on your network.
Incident Response Demographics 2021
The report is based on 144 incidents targeting organizations of all sizes, in a wide range of industry sectors, and located in the U.S., Canada, the U.K., Germany, Italy, Spain, France, Switzerland, Belgium, Netherlands, Austria, the United Arab Emirates, Saudi Arabia, the Philippines, the Bahamas, Angola, and Japan.
The most represented sectors are manufacturing (17% of incident response cases were in this sector) followed by retail (14%), healthcare (13%), IT (9%), construction (8%), and education (6%). Additional profile information can be found in the data tables at the end of this report.