In 2022, around four in ten internet users worldwide have ever experienced cybercrime. Based on a survey conducted between November and December 2022, internet users in India were most likely to have fallen victim to cybercrime, as nearly 70 percent of respondents claimed to have ever experienced cybercrime. The United States ranked second, with almost half of the respondents, 49 percent, saying they had experienced internet crime.

India Cyber Crime: IPC Section: Number of Cases Registered data was reported at 33,798.000 Unit in 2022. This records an increase from the previous number of 25,384.000 Unit for 2021. India Cyber Crime: IPC Section: Number of Cases Registered data is updated yearly, averaging 738.000 Unit from Dec 2002 (Median) to 2022, with 21 observations. The data reached an all-time high of 33,798.000 Unit in 2022 and a record low of 176.000 Unit in 2008. India Cyber Crime: IPC Section: Number of Cases Registered data remains active status in CEIC and is reported by National Crime Records Bureau. The data is categorized under India Premium Database’s Crime – Table IN.CRA001: Crime Statistics.

The global indicator 'Estimated Cost of Cybercrime' in the cybersecurity market was forecast to continuously increase between 2024 and 2029 by in total *** trillion U.S. dollars (+***** percent). After the eleventh consecutive increasing year, the indicator is estimated to reach ***** trillion U.S. dollars and therefore a new peak in 2029. Notably, the indicator 'Estimated Cost of Cybercrime' of the cybersecurity market was continuously increasing over the past years. Ransomware and manufacturing industry Cyberattacks remain a significant challenge for organizations worldwide, sectors such as manufacturing, finance, and insurance were the most affected by these attacks. Among the various types of cyber threats, ransomware was the most frequently detected, accounting for around ** percent of all incidents. The manufacturing industry, in particular, faced the highest number of ransomware attacks, making it the most targeted sector globally. Cybersecurity awareness and investments Organizations worldwide became increasingly aware of the dangers posed by cyberattacks, approximately ** percent of internet users became familiar terms such as with "ransomware." In response to these threats, companies invested more in cybersecurity. In 2024, the average annual increase in IT security budgets was expected to reach *** percent. In fact, for companies worldwide, enhancing the cyber resilience of their cybersecurity teams was the top spending priority in 2023.

In early 2025, a small biotech firm in California found itself locked out of its systems overnight. The attackers demanded a ransom in cryptocurrency, exploiting a vulnerability in a forgotten server. The breach didn’t just compromise proprietary research, it crippled investor confidence and cost millions in lost opportunities. This story...

The dataset contains the following columns , each described below :

Attack Type: Randomly selected from a broad set of attack types (e.g., phishing, DDoS, malware, etc.). Target System: Corporate IT systems such as servers, databases, user accounts, APIs, and more. Outcome: Whether the attack succeeded or failed. Timestamp: Time of the attack, randomly distributed over the past year. Attacker IP Address: Simulated attacker IP addresses. Target IP Address: Random IP addresses representing internal or external targets. Data Compromised: Amount of data compromised (in gigabytes) if the attack succeeded. Attack Duration: Time the attack lasted (in minutes). Security Tools Used: Various defense mechanisms like firewalls, IDS, antivirus, etc. User Role: The role of the user impacted by the attack (admin, employee, or external user). Location: Country or region where the attack originated or targeted. Attack Severity: Numerical indicator of the severity level (e.g., scale from 1-10). Industry: Type of industry targeted, such as healthcare, finance, government, etc. Response Time: Time taken by the security team to respond (in minutes). Mitigation Method: Steps taken to mitigate the attack (patching, containment, etc.)

Acknowledgement This dataset is a synthetic creation, generated using ChatGPT to simulate realistic cybersecurity incidents. It is designed to serve as a learning tool for beginners and data enthusiasts, offering a platform for practice and exploration in cybersecurity data analysis. By reflecting real-world cybercrime scenarios, this dataset encourages experimentation and deeper insights into various attack vectors, system vulnerabilities, and defense mechanisms. Its purpose is to promote hands-on learning in a controlled environment, enabling users to enhance their understanding of cybersecurity threats, analysis, and mitigation strategies.

In 2024, the monetary damage caused by cybercrime reported to the United States' Internet Crime Complaint Center (IC3) saw a year-over-year increase, amounting to a historical peak of **** billion U.S. dollars. Overview of cybercrime in the U.S. Cybercrime continues to be one of the biggest challenges for governments around the world. In the United States, ****************** and ********* were among the most reported categories of cybercrime in 2024, with over ******* individuals falling victim to phishing attacks. Additionally, data breaches cost the U.S. organizations over ************ U.S. dollars on average as of February 2024. Fraud involving elderly Along with other reported internet crimes, online fraud is continuously growing. Targeting one of the most vulnerable groups, the elderly, cybercriminals show notorious skills in ************************************************************. Furthermore, individuals aged 60 and older, reported falling victims of extortion and personal data breach in 2024.

In 2024, the most common type of cybercrime reported to the United States internet Crime Complaint Center was phishing, with its variation, spoofing, affecting approximately 193,000 individuals. In addition, over 86,000 cases of extortion were reported to the IC3 during that year. Dynamic of phishing attacks Over the past few years, phishing attacks have increased significantly. In 2024, over 193,000 individuals fell victim to such attacks. The highest number of phishing scam victims since 2018 was recorded in 2021, approximately 324 thousand.Phishing attacks can take many shapes. Bulk phishing, smishing, and business e-mail compromise (BEC) are the most common types. With the recent development of generative AI, it has become easier to craft a believable phishing e-mail. This is currently among the top concerns of organizations leaders. Impact of phishing attacks Among the most targeted industries by cybercriminals are healthcare, financial, manufacturing, and education institutions. An observation carried out in the fourth quarter of 2024 found that software-as-a-service (SaaS) and webmail was most likely to encounter phishing attacks. According to the reports, almost a quarter of them stated being targeted by a phishing scam in the measured period.

📂

The Global Cybersecurity Threats Dataset (2015-2024) provides extensive data on cyberattacks, malware types, targeted industries, and affected countries. It is designed for threat intelligence analysis, cybersecurity trend forecasting, and machine learning model development to enhance global digital security.

📊 Column Descriptions

In 2024, over 15 million cybercrime incidents were registered worldwide, a slight decrease from the year prior. This figure spiked in 2021, reaching 19.23 million.

The largest reported data leakage as of January 2025 was the Cam4 data breach in March 2020, which exposed more than 10 billion data records. The second-largest data breach in history so far, the Yahoo data breach, occurred in 2013. The company initially reported about one billion exposed data records, but after an investigation, the company updated the number, revealing that three billion accounts were affected. The National Public Data Breach was announced in August 2024. The incident became public when personally identifiable information of individuals became available for sale on the dark web. Overall, the security professionals estimate the leakage of nearly three billion personal records. The next significant data leakage was the March 2018 security breach of India's national ID database, Aadhaar, with over 1.1 billion records exposed. This included biometric information such as identification numbers and fingerprint scans, which could be used to open bank accounts and receive financial aid, among other government services.

Cybercrime - the dark side of digitalization As the world continues its journey into the digital age, corporations and governments across the globe have been increasing their reliance on technology to collect, analyze and store personal data. This, in turn, has led to a rise in the number of cyber crimes, ranging from minor breaches to global-scale attacks impacting billions of users – such as in the case of Yahoo. Within the U.S. alone, 1802 cases of data compromise were reported in 2022. This was a marked increase from the 447 cases reported a decade prior. The high price of data protection As of 2022, the average cost of a single data breach across all industries worldwide stood at around 4.35 million U.S. dollars. This was found to be most costly in the healthcare sector, with each leak reported to have cost the affected party a hefty 10.1 million U.S. dollars. The financial segment followed closely behind. Here, each breach resulted in a loss of approximately 6 million U.S. dollars - 1.5 million more than the global average.

India Cyber Crime: IT Act, 2000: Number of Cases Registered data was reported at 31,908.000 Unit in 2022. This records an increase from the previous number of 27,427.000 Unit for 2021. India Cyber Crime: IT Act, 2000: Number of Cases Registered data is updated yearly, averaging 2,876.000 Unit from Dec 2002 (Median) to 2022, with 21 observations. The data reached an all-time high of 31,908.000 Unit in 2022 and a record low of 60.000 Unit in 2003. India Cyber Crime: IT Act, 2000: Number of Cases Registered data remains active status in CEIC and is reported by National Crime Records Bureau. The data is categorized under India Premium Database’s Crime – Table IN.CRA001: Crime Statistics.

India Cyber Crime: IPC Section: Number of Persons Arrested data was reported at 33,798.000 Person in 2022. This records an increase from the previous number of 25,384.000 Person for 2021. India Cyber Crime: IPC Section: Number of Persons Arrested data is updated yearly, averaging 1,148.000 Person from Dec 2002 (Median) to 2022, with 21 observations. The data reached an all-time high of 33,798.000 Person in 2022 and a record low of 195.000 Person in 2008. India Cyber Crime: IPC Section: Number of Persons Arrested data remains active status in CEIC and is reported by National Crime Records Bureau. The data is categorized under India Premium Database’s Crime – Table IN.CRA001: Crime Statistics.

The Dataset "Cyber Security Indexes" includes four indicators which illustrate the current cyber security situation around the world. The data is provided on 193 countries and territories, grouped by five geographical regions - Africa, North America, South America, Europe and Asia-Pasific.

The Cybersecurity Exposure Index (CEI) defines the level of exposure to cybercrime by country from 0 to 1; the higher the score, the higher the exposure (provided by 10guard). The indicator was last updated in 2020.

The Global Cyber Security Index (GCI) is a trusted reference that measures the commitment of countries to cybersecurity at a global level – to raise awareness of the importance and different dimensions of the issue (provided by the International Telecommunication Union - ITU). The indicator was last updated in 2021.

The National Cyber Security Index (NCSI) measures a country's readiness to address cyber threats and manage cyber incidents. It is composed of categories, capacities, and indicators (provided by NCSI). The indicator was last updated in January 2023.

The Digital Development Level (DDL) defines the average percentage the country received from the maximum value of both indices (provided by NCSI). The indicator was last updated in January 2023.

The dataset can be used for practising data cleaning, data visualization (on maps and round/bar charts), finding correlations between the indexes and predicting the missing data.

The data was used in the analytical article research The Geography of Cybersecurity: Cyber Threats and Vulnerabilities

The dataset "Cybersecurity Cases in India" is a comprehensive collection of real-world cybersecurity incidents reported across various cities in India. The dataset encapsulates the financial loss, incident types, and categories, providing a detailed overview of the cybercrime landscape in one of the world’s largest digital economies. With over 1000 records, it spans incidents from 2020 to 2024, covering various types of cybercrimes such as phishing, online fraud, malware attacks, ransomware, data breaches, DDoS attacks, identity theft, and more. Each record captures important attributes of the incidents, such as the year, date of occurrence, amount lost in INR, the type of incident, the city in which it occurred, and the category of the affected entity (e.g., financial, personal, corporate).

The dataset is structured to enable analysis of the trends in cybercrime over time, the financial impact of various cyberattacks, and the geographic distribution of incidents across Indian cities. It serves as a critical resource for cybersecurity professionals, policymakers, law enforcement agencies, and academic researchers seeking to understand the challenges posed by cybercrime in India and to identify strategies to combat these challenges.

1. Dataset Purpose and Scope

The dataset’s primary purpose is to provide an extensive, granular view of the nature and scope of cybersecurity incidents in India. It enables the analysis of the frequency, severity, and financial impact of cybercrimes across different types of attacks, cities, and time periods. As cybercrimes continue to rise globally, including in India, this dataset serves as an important tool for understanding the evolving threats and risks in cyberspace. Cybersecurity experts and analysts can leverage this dataset to identify patterns and trends, while government and law enforcement agencies can use it to devise more targeted interventions and preventive measures.

India, with its large and growing digital footprint, is a prime target for cybercriminals. The country's rapidly expanding internet user base, coupled with increasing digital adoption in various sectors like finance, healthcare, education, and e-commerce, makes it an attractive target for cyberattacks. This dataset allows stakeholders to understand how cybercrime evolves in response to these dynamics.

The dataset is a rich resource for understanding the following:

• Incident Frequency: How often different types of cybercrimes are reported in various Indian cities.
• Financial Impact: The monetary losses associated with each type of cybercrime.
• Geographic Distribution: The prevalence of specific types of cybercrimes in particular cities or states.
• Trend Analysis: How cybercrime has evolved over the years in terms of volume and impact.

2. Dataset Structure and Variables

The dataset includes the following key variables, each contributing valuable information to the analysis:

• Year: The year in which the cybercrime incident occurred. This variable helps track the growth or decline of cybercrime incidents over time.
• Date: The specific date of the cybercrime incident. This allows for time-series analysis of the data.
• Amount_Lost_INR: The financial loss associated with the cybercrime incident, expressed in Indian Rupees (INR). This variable highlights the economic impact of each cyberattack and can be used to assess the severity of different incidents.
• Incident_Type: The type of cybercrime incident. This can include phishing, online fraud, malware attacks, ransomware, data breaches, DDoS attacks, and identity theft. This variable is crucial for understanding which types of cybercrimes are most prevalent and how they differ in their impact.
• City: The city where the incident occurred. This allows for the geographic analysis of cybercrime, helping to identify high-risk areas and cities where certain types of cyberattacks are more common.
• Category: The category of the entity affected by the cybercrime, such as financial institutions, government bodies, corporations, educational institutions, or individuals. This variable provides insights into which sectors are more vulnerable to specific types of cyberattacks.

3. Cybersecurity Threat Landscape in India

India's digital transformation has made it a prime target for cybercriminals. As of 2023, India is one of the largest internet markets in the world, with over 600 million active internet users. The rapid growth of e-commerce, digital banking, social media, and government services has created new opportunities for cybercriminals to exploit vulnerabilities in digital systems. According to a 2022 report by the Indian Computer Emergency Response Team (CERT-In), India witnessed a significant increase in cybersecurity incidents, with millions of cyberattacks targeting individuals, b...

A January 2023 survey of IT and cybersecurity decision-makers of companies across North America, the United Kingdom, and Australia revealed some interesting perspectives. First, it found that over half of the respondents, ** percent, believed that hackers might use ChatGPT to craft more believable and legitimate-sounding phishing e-mails. A further ** percent thought that the AI tool would help less experienced hackers improve their technical knowledge and develop their skills, as well as for spreading misinformation.

India Cyber Crime: IT Act, 2000: Number of Persons Arrested data was reported at 31,908.000 Person in 2022. This records an increase from the previous number of 27,427.000 Person for 2021. India Cyber Crime: IT Act, 2000: Number of Persons Arrested data is updated yearly, averaging 1,522.000 Person from Dec 2002 (Median) to 2022, with 21 observations. The data reached an all-time high of 31,908.000 Person in 2022 and a record low of 55.000 Person in 2003. India Cyber Crime: IT Act, 2000: Number of Persons Arrested data remains active status in CEIC and is reported by National Crime Records Bureau. The data is categorized under India Premium Database’s Crime – Table IN.CRA001: Crime Statistics.

As of September 2024, almost 30 percent of cyber incidents detected in the past 12 months were hacking incidents. A further 28.7 percent were incidents of misuse, and 15.2 percent of detections revealed malware attacks.

Description

The datasets demonstrate the malware economy and the value chain published in our paper, Malware Finances and Operations: a Data-Driven Study of the Value Chain for Infections and Compromised Access, at the 12th International Workshop on Cyber Crime (IWCC 2023), part of the ARES Conference, published by the International Conference Proceedings Series of the ACM ICPS.

Using the well-documented scripts, it is straightforward to reproduce our findings. It takes an estimated 1 hour of human time and 3 hours of computing time to duplicate our key findings from MalwareInfectionSet; around one hour with VictimAccessSet; and minutes to replicate the price calculations using AccountAccessSet. See the included README.md files and Python scripts.

We choose to represent each victim by a single JavaScript Object Notation (JSON) data file. Data sources provide sets of victim JSON data files from which we've extracted the essential information and omitted Personally Identifiable Information (PII). We collected, curated, and modelled three datasets, which we publish under the Creative Commons Attribution 4.0 International License.

1. MalwareInfectionSet We discover (and, to the best of our knowledge, document scientifically for the first time) that malware networks appear to dump their data collections online. We collected these infostealer malware logs available for free. We utilise 245 malware log dumps from 2019 and 2020 originating from 14 malware networks. The dataset contains 1.8 million victim files, with a dataset size of 15 GB.

2. VictimAccessSet We demonstrate how Infostealer malware networks sell access to infected victims. Genesis Market focuses on user-friendliness and continuous supply of compromised data. Marketplace listings include everything necessary to gain access to the victim's online accounts, including passwords and usernames, but also detailed collection of information which provides a clone of the victim's browser session. Indeed, Genesis Market simplifies the import of compromised victim authentication data into a web browser session. We measure the prices on Genesis Market and how compromised device prices are determined. We crawled the website between April 2019 and May 2022, collecting the web pages offering the resources for sale. The dataset contains 0.5 million victim files, with a dataset size of 3.5 GB.

3. AccountAccessSet The Database marketplace operates inside the anonymous Tor network. Vendors offer their goods for sale, and customers can purchase them with Bitcoins. The marketplace sells online accounts, such as PayPal and Spotify, as well as private datasets, such as driver's licence photographs and tax forms. We then collect data from Database Market, where vendors sell online credentials, and investigate similarly. To build our dataset, we crawled the website between November 2021 and June 2022, collecting the web pages offering the credentials for sale. The dataset contains 33,896 victim files, with a dataset size of 400 MB.

Credits Authors

Billy Bob Brumley (Tampere University, Tampere, Finland)

Juha Nurmi (Tampere University, Tampere, Finland)

Mikko Niemelä (Cyber Intelligence House, Singapore)

Funding

This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme under project numbers 804476 (SCARE) and 952622 (SPIRS).

Alternative links to download: AccountAccessSet, MalwareInfectionSet, and VictimAccessSet.