Expel Quarterly Threat Report – Q1 2022

Cybersecurity data, trends, and recommendations from the Expel Security Operations Center (SOC)

Welcome to the first-ever Expel Quarterly Threat Report! Since July 2021, we’ve brought you monthly attack vector reports that dug into the biggest threats we saw across the incidents we investigated for our customers.

Now, we’re changing things up to bring you these reports on a quarterly basis. The report surfaces the most significant data we’re seeing in our threat detection and response efforts, curates that data into trends that can impact your cybersecurity posture, and offers resilience recommendations to protect your organization. Think: Great eXpeltations annual report, but for the quarter.

This Q1 report delivers intelligence on some of the most active attack vectors our SOC leadership team observed, including:

  • Business email compromise (BEC)
  • Business application compromise (BAC)
  • Pre-ransomware
  • Commodity malware
  • Cloud infrastructure
  • Phishing

We looked for patterns and trends to help guide strategic decision-making and operational processes for your team. We used a combination of time series analysis, statistics, customer input, and analyst instinct to identify these key insights.

By sharing how attackers got in, and how we stopped them, we’ll translate the security events we detect into security strategy for your org.

What’s inside the Expel Quarterly Threat Report

  • Observations from our SOC for attack trends this quarter
  • How these attack trends impacted individual industries
  • Top attack methods and tactics
  • A look ahead to potential vectors to watch in Q2