2022 was worst year ever for cyberattacks on UK businesses

Asset 35
Cyber Reports

2022 Cyber Threat Report

Malicious online activity surged between October and December 2022 to push the number of cyberattacks experienced by UK businesses in year past 2020 levels.

A surge in cyberattacks in the final three months of last year made 2022 the worst year on record for malicious online activity against UK businesses. On average, UK companies experienced 687,489 online attempts to breach their systems in 2022, the equivalent of one every 46 seconds. Prior to last year, the worst year on record was 2020, when businesses experienced 686,961 cyberattack attempts each.

October to December 2022 was also the busiest quarter for cyberattacks on UK businesses since Beaming began tracking malicious web activity in 2016. Companies experienced 177,228 cyberattacks each, on average, in the period. This was 11,295 (seven percent) more attacks than in the corresponding quarter of 2021 and 275 more than between April and June 2020, the previous busiest quarter on record.

Cyberattacks on UK businesses by quarter 2016 - 2022

Beaming identified almost 1.2 million IP addresses being used to launch cyberattacks on UK businesses in 2022 and traced more than a fifth (268,484) of them to locations in China. Beaming also identified large numbers of attacking IP addresses that appeared to be located in the USA (90,663), India (46,783), Brazil (46,783), Russia (35,842) and Taiwan (30,581).

Attacking IP addresses by origin Jan20 - Dec22

One in seven cyberattacks received by UK companies in 2022 sought to gain control of devices connected to the Internet of Things. Businesses also experienced more than 5,000 attempts each to breach their databases, file-sharing services, web applications and remote desktop systems in 2022.


Sonia Blizzard, Managing Director of Beaming, said: “Cyber attack levels leapt to an all time high when workers went home during Covid, and have remained elevated ever since. It’s encouraging to see attacks fall over the summer, but firms should continue to be vigilant.”

 “Business leaders must ensure they are doing everything they can to avoid exposing their people, assets, customers and business partners to greater risk. We are seeing more businesses investing in next generation firewalls, unified threat management devices and intrusion detection systems to improve their online resilience.”



What can businesses do to protect against cyberattacks?

There are several steps that almost every business can take to protect themselves against cyberattacks:

  • Use strong passwords and enable two-factor authentication on all accounts and devices.
  • Keep all software and devices up to date with the latest security patches and updates.
  • Use a business-grade firewall to protect your network and restrict access to authorised users.
  • Use antivirus and anti-malware software to detect and remove any malicious software.
  • Educate employees about cybersecurity and the importance of following safe practices when using the internet and company devices.
  • Back up important data regularly to protect against data loss in the event of an attack.
  • Use a Virtual Private Network when connecting to the internet over public Wi-Fi.
  • Consider purchasing cybersecurity insurance to help cover the costs of responding to and recovering from a cyberattack.
  • Work with your ISP or a trusted IT provider to help implement these and other security measures.

Beaming work with customers across the UK who trust us to keep their data safe and their systems secure. We don’t take that responsibility lightly. Contact us to find out more.

We also release quarterly cyber reports – find our latest one here


Beaming has analysed cyberattacks in real-time targeting thousands of UK-based businesses since the beginning of 2016 to understand their nature and origin better. From this, it can calculate the average number of attacks businesses receive and use the results of the analysis to help organisations improve their cyber security.