I have been working in the information security arena for the last 20 years. After Lastline (now VMWare), and Cisco (through the acquisition of OpenDNS), I am now a Senior Sales Engineer and a Cyber Intelligence Principal in Netskope.
I started this project in 2011, when every day started with a new attack by the anonymous. I was inspired by a Thomson Reuters chart, which is no longer available, but can still be found in my original post of that time.
Ever since I am patiently collecting the main cyber attacks (according to my personal judgement) in timelines published on a bi-weekly basis (sometime I am not able to publish them in a timely manner, but for me this is just a very time-consuming hobby). I have been changing the format of the timelines over the years to make them consumable in a better fashion, while storing the raw data for the historical memory.
Yes the raw data, since 2011, it is available for any requester. Just drop me an email at ppasseri@gmail.com and I will be happy to share it! You can use the data as you need, and I ask only you the favor to quote the source (and please don’t do like some Italian folks in the past who did publications without quoting the source).
Also I would appreciate if you can share the blog across the community, and if you want to connect, my social profiles are below:
Stay safe!
Follow @paulsparrows
Hi Paolo,
Very nice website, and I like the monthly update on cyber attacks. I have one important question however. In the field ‘Attack Techniques’, most of which are understandable as the methods with which attackers broke the security (eg, SQL for data leakage, MITM to hack communications), you list ‘Defacement’ as an attack technique. Perhaps I am missing something, but although this may have been the purpose of an attack, I can’t see it as the technique for the attack itself. Although the purpose of the attack is important to know, you seem to cover these in another of your analyses (Motivations behind attacks). I wonder if you could explain, is there a reason to include ‘Defacement’ as a category here?
Keep up the hard work. Thanks,
Mustafa
Mustafa, your are right. Unfortunately it is an approximation, since in many case the source does not provide the underlying reason but just the effect. If you have any idea is well accepted.
Paolo, thanks for replying. My opinion is that if the effect is unknown, it should be categorised under ‘unknown’. This is to maintain consistency in all categories, since you already have motivations in other data you produce, and the current method mixes the technique and effect together. But that is just my opinion, I still think its a great resource.
Thanks,
Mustafa
Hello Paulo,
I admire your work and assess it very high. I am a PhD student at the University of Shumen and deal with the problems of computer security. As many other colleagues, I would like to ask whether it is possible to using your data for my dissertation and use your raw data? I would be very grateful and will be happy if I can and I can help with something.
Hi Paolo,
Thank you very much for your time and dedication to security. If possible, I would like to request the raw data. I am a doctoral student focused on data breaches and cyber attacks, and this would be very helpful for my research. Thanks in advance.
Best,
Bill
Hi Paolo, i am very appreciate for your working… Could you send me the raw data of cyber attacks so that I can filter for a specific attack category? If you do, I will be very appreciate.
Regards,
Summer Tong
Paolo,
Could you please send me the raw data of cyber attacks? This definitely pertains to my field and it may greatly assist my team!
Excellent ressources! Is there a way to search cyber attacks for a specific country ?
I can give you access to the repository containing the raw data in XLS format. From there is much easier to look for attacks targeting a specific country.
Dear Paolo,
Amazing and super fascinating work! Thank you, so much for publishing this. I’m working on a project trying to understand the shift in the type of cyber attacks over time. If you could share the link to the raw historical data in .csv or similar format, that would be very much appreciated. My email is timpj(at)stanford[dot]com.
Thanks!
Best regards,
Tim
Pingback: November Events Summary | LBD
Dear Paolo,
You have done great job, absolutely outstanding! Thank you very much. I just want to download your data in spreadsheet like in csv format or any format for analysis purposes. I’m a PhD student at Sheffield Hallam universtiy in cyber security. I would appreciate if can get access to your raw data. Again thanks for your amazing work.
Best wishes.
Sina.
Sina,
apologies for my delay. I have replied you separately. I just noticed I have your gmail address. I will give you immediate access.
Regards.
Paolo.
Was looking for a way to contact you offline, but change the date on your last entry… it’s still 2014.
Hello Paolo,
Your work is really really interesting! Would it be possible to have a look at your raw data for my theses please? I sent you an email at ppasseri@gmail.com.
Apologies for the Delay, I sent you the raw data
Thanks you!
Dear Paolo
Thank you so much for sharing those impressive information.
Ali
Dear Paolo,
Excellent work!
I am interested in analyzing the raw data.
Would it be possible to get a link to the raw data?
Thanks!
–Theodoor
Of course it is, please send me an email to ppasseri@gmail.com with the email address you want to receive the link in.
Hi! I am working on an undergraduate thesis and am having an incredibly hard time finding statistics that show cyberattack trends over the last couple of years. Your site is very helpful however i was wondering how you acquire your statistics? Would love to use you as a source but i am not sure i can. Also do you think there is a lack of information released regarding state sponsored cyber attacks? Or lack of information regarding successful breaches in government systems? If you could maybe point me to some useful sources that would be awesome. My thesis is due tomorrow so i am really trying to beef up my statistics as that is the part i am noticeably lacking in
Dear Marissa, the stats are taken from the timelines that I publish (almost) on a bi-weekly basis. On the bottom of each timelines the source are reported. I collect each month the most remarkable attacks according to me. However you could try to have a look to datalossdb.org and hacksufer.com.
Good Luck!
Nice work man!
Hi Paolo,
I am putting an internal slide deck with a slide on web attacks and I really like your monthly graphics. I would like to use your data for the last few years to show the trend. I will add you as source for people to come to your site. Can you give me access to the raw data?
Thanks!
Emilio.
First of all many many thanks for your work.
Then a request š
Have you got or can you point me to statistical data about cybercrime in Italy (es Polizia Postale data on ransomware, identity theft and so on)?
I’ve searched on italian law enforcement sites with no success š
Try to have a look the yearly report of Clusit. You can request a copy from Clusit website (www.clusit.it).
Paolo:
We are publishing a report on defense and security trends and would like to cite you as a source on cyber attacks. I was hoping to get the source data for 2012 and 2013 in whatever format you have available. Basically our report breaks down countries into four categories so I would like to do the same with your data. Please see my email in the details of this post. I am happy to provide you with a copy of last year’s report. Of course, your data would be properly sourced to you and this website.
Please let me know if I can get a copy. Feel free to email me with any questions!
Regards,
Bud Roth
Apologies for my delay. I just sent you the link of the repository with the raw data.
Paolo.
Great site. As a researcher, I found your timeline fantastic. If I could offer one suggestion, would it be possible to make searches based upon suspected country of origin/country attacked, victim/suspected attacker? I tried to use the search bar, but, alas, I must not be that clever.
Keep up the outstanding work.
Thanks! If you want I can give the raw data from where you can easily query the countries.
Hello Paolo, I would like to join those who very much appreciate your work. I have the same wish like many others – is it possible to get data in a spredsheet ? And the rest of the last year Sep – Dec 2013 ? I would like to make analyses of attacks to special business sector. Looking forward to your answer to my email.
Hi Jirina,
data for Sep-Dec have been published. Just go to http://hackmageddon.com/category/security/cyber-attacks-timeline/
I will send you the link with the timelines at your email address.
Paolo.