In 2023, the worldwide number of malware attacks reached 6.06 billion, an increase of 10 percent compared to the preceding year. In recent years, the highest number of malware attacks was detected in 2018, when 10.5 billion such attacks were reported across the globe. Malware attacks worldwide In 2022, worm malware was blocked over 205 million times. Another common malware type during that period, Emotet, primarily targeted the Asia-Pacific region. Overall, websites are the most common vector for malware attacks and recent industry data found that malware attacks were frequently received via exe files. Most targeted industries In 2022, the education sector was heavily targeted by malware, encountering 2,314 weekly attacks on average. Government and military organizations ranked second, followed by the healthcare units. Overall, in 2022, the education sector saw over five million malware attacks in the examined year.

Between 2018 and 2024, the share of global malware attacks that occurred via e-mail increased from 33 to 68 percent. The percentage of web attacks has decreased, going from 67 percent in 2018 to 32 percent in 2024.

In January 2025, a small fintech startup in Austin discovered it had fallen victim to a cyberattack. At first glance, the breach looked like a typical case of credential stuffing. But it wasn’t. The attacker had used an AI-driven system that mimicked the behavioral patterns of employees, learning login habits,...

A 2025 survey of cybersecurity professionals of organizations worldwide revealed that 32 percent of the organizations suffered ransomware attacks due to exploited vulnerabilities. Compromised credentials were the second-most common cause of successful ransomware attacks, while malicious e-mail ranked third.

Overview This dataset is a comprehensive, easy-to-understand collection of cybersecurity incidents, threats, and vulnerabilities, designed to help both beginners and experts explore the world of digital security. It covers a wide range of modern cybersecurity challenges, from everyday web attacks to cutting-edge threats in artificial intelligence (AI), satellites, and quantum computing. Whether you're a student, a security professional, a researcher, or just curious about cybersecurity, this dataset offers a clear and structured way to learn about how cyber attacks happen, what they target, and how to defend against them.

With 14134 entries and 15 columns, this dataset provides detailed insights into 26 distinct cybersecurity domains, making it a valuable tool for understanding the evolving landscape of digital threats. It’s perfect for anyone looking to study cyber risks, develop strategies to protect systems, or build tools to detect and prevent attacks.

What’s in the Dataset? The dataset is organized into 16 columns that describe each cybersecurity incident or research scenario in detail:

ID: A unique number for each entry (e.g., 1, 2, 3). Title: A short, descriptive name of the attack or scenario (e.g., "Authentication Bypass via SQL Injection"). Category: The main cybersecurity area, like Mobile Security, Satellite Security, or AI Exploits. Attack Type: The specific kind of attack, such as SQL Injection, Cross-Site Scripting (XSS), or GPS Spoofing. Scenario Description: A plain-language explanation of how the attack works or what the scenario involves. Tools Used: Software or tools used to carry out or test the attack (e.g., Burp Suite, SQLMap, GNURadio). Attack Steps: A step-by-step breakdown of how the attack is performed, written clearly for all audiences. Target Type: The system or technology attacked, like web apps, satellites, or login forms. Vulnerability: The weakness that makes the attack possible (e.g., unfiltered user input or weak encryption). MITRE Technique: A code from the MITRE ATT&CK framework, linking the attack to a standard classification (e.g., T1190 for exploiting public-facing apps). Impact: What could happen if the attack succeeds, like data theft, system takeover, or financial loss. Detection Method: Ways to spot the attack, such as checking logs or monitoring unusual activity. Solution: Practical steps to prevent or fix the issue, like using secure coding or stronger encryption. Tags: Keywords to help search and categorize entries (e.g., SQLi, WebSecurity, SatelliteSpoofing). Source: Where the information comes from, like OWASP, MITRE ATT&CK, or Space-ISAC.

Cybersecurity Domains Covered The dataset organizes cybersecurity into 26 key areas:

AI / ML Security

AI Agents & LLM Exploits

AI Data Leakage & Privacy Risks

Automotive / Cyber-Physical Systems

Blockchain / Web3 Security

Blue Team (Defense & SOC)

Browser Security

Cloud Security

DevSecOps & CI/CD Security

Email & Messaging Protocol Exploits

Forensics & Incident Response

Insider Threats

IoT / Embedded Devices

Mobile Security

Network Security

Operating System Exploits

Physical / Hardware Attacks

Quantum Cryptography & Post-Quantum Threats

Red Team Operations

Satellite & Space Infrastructure Security

SCADA / ICS (Industrial Systems)

Supply Chain Attacks

Virtualization & Container Security

Web Application Security

Wireless Attacks

Zero-Day Research / Fuzzing

Why Is This Dataset Important? Cybersecurity is more critical than ever as our world relies on technology for everything from banking to space exploration. This dataset is a one-stop resource to understand:

What threats exist: From simple web attacks to complex satellite hacks. How attacks work: Clear explanations of how hackers exploit weaknesses. How to stay safe: Practical solutions to prevent or stop attacks. Future risks: Insight into emerging threats like AI manipulation or quantum attacks. It’s a bridge between technical details and real-world applications, making cybersecurity accessible to everyone.

Potential Uses This dataset can be used in many ways, whether you’re a beginner or an expert:

Learning and Education: Students can explore how cyber attacks work and how to defend against them. Threat Intelligence: Security teams can identify common attack patterns and prepare better defenses. Security Planning: Businesses and governments can use it to prioritize protection for critical systems like satellites or cloud infrastructure. Machine Learning: Data scientists can train models to detect threats or predict vulnerabilities. Incident Response Training: Practice responding to cyber incidents, from web hacks to satellite tampering.

Ethical Considerations Purpose: The dataset is for educational and research purposes only, to help improve cybersecurity knowledge and de...

Phishing, ransomware, and business malware have been the most widespread types of cyberattacks in the United States, resulting in data compromises. In 2024, 455 cases of phishing and its variations were detected. Ransomware followed in the second place, with 188 attacks.

To determine the effectiveness of any defense mechanism, there is a need for comprehensive real-time network data that solely references various attack scenarios based on older software versions or unprotected ports, and so on. This presented dataset has entire network data at the time of several cyber attacks to enable experimentation on challenges based on implementing defense mechanisms on a larger scale. For collecting the data, we captured the network traffic of configured virtual machines using Wireshark and tcpdump. To analyze the impact of several cyber attack scenarios, this dataset presents a set of ten computers connected to Router1 on VLAN1 in a Docker Bridge network, that try and exploit each other. It includes browsing the web and downloading foreign packages including malicious ones. Also, services like FTP and SSH were exploited using several attack mechanisms. The presented dataset shows the importance of updating and patching systems to protect themselves to a greater extent, by following attack tactics on older versions of packages as compared to the newer and updated ones. This dataset also includes an Apache Server hosted on the different subset on VLAN2 which is connected to the VLAN1 to demonstrate isolation and cross-VLAN communication. The services on this web server were also exploited by the previously stated ten computers. The attack types include: Distributed Denial of Service, SQL Injection, Account Takeover, Service Exploitation (SSH, FTP), DNS and ARP Spoofing, Scanning and Firewall Searching and Indexing (using Nmap), Hammering the services to brute-force passwords and usernames, Malware attack, Spoofing and Man-in-the-Middle Attack. The attack scenarios also show various scanning mechanisms and the impact of Insider Threats on the entire network.

Pay attention to the following cybersecurity statistics to learn how to protect yourself from attacks.

Introduction

Cybersecurity in Healthcare Statistics: As the healthcare sector increasingly integrates digital technologies, the need for robust cybersecurity measures has become more critical than ever. Adopting electronic health records (EHRs), telemedicine, and connected medical devices has significantly enhanced patient care and operational efficiency.

However, this digital shift has also exposed healthcare organizations to a rising tide of cyber threats, including data breaches, ransomware attacks, and hacks of medical devices. The sensitive nature of the data fuels these threats, such as personal health information (PHI) and payment records, making healthcare one of the most targeted cyberattack industries.

In response to these growing risks, healthcare providers must prioritize implementing stringent cybersecurity policies and embrace cutting-edge technologies like encryption, artificial intelligence, and multi-factor authentication. The sector is grappling with challenges such as outdated security systems, inadequate staff training, and the complexities of safeguarding networks of interconnected devices.

As cyberattacks become more frequent and sophisticated, understanding cybersecurity statistics within healthcare is essential for identifying vulnerabilities, assessing risks, and strengthening defenses to protect sensitive patient data and maintain trust within the industry.

As of 2025, nearly 63 percent of businesses worldwide were affected by ransomware attacks. This figure represents a decrease on the previous year and was by far the lowest figure reported since 2020. Overall, since 2018, more than half of the total survey respondents each year stated that their organizations had been victimized by ransomware. Most targeted industries In 2024, the critical manufacturing industry in the United States was once again most targeted by ransomware attacks. Overall, organizations in this industry experienced 258 cyberattacks in the measured year. Healthcare and the public health sector ranked second, followed by government facilities, with 238 and 220 cyberattacks, respectively. Ransomware in the manufacturing industry The manufacturing industry, along with its subindustries, is constantly targeted by ransomware attacks, causing data loss, business disruptions, and reputational damage. Often, such cyberattacks are international and have a political intent. In 2024, exploited vulnerabilities were the leading cause of ransomware attacks in the manufacturing industry.

The European Repository of Cyber Incidents (EuRepoC) is releasing the Global Dataset of Cyber Incidents in Version 1.3 as an extract of our backend database. This official release contains fully consolidated cyber incident data reviewed by our interdisciplinary experts in the fields of politics, law and technology across all 60 variables covered by the European Repository. Version 1.3 covers the years 2000 – 2024 entirely. The Global Dataset is meant for reliable, evidence-based analysis. If you require real-time data, please refer to the download option in our TableView or contact us for special requirements (including API access).

The dataset now contains data on 3416 cyber incidents which started between 01.01.2000 and 31.12.2024. The European Repository of Cyber Incidents (EuRepoC) gathers, codes, and analyses publicly available information from over 220 sources and 600 Twitter accounts daily to report on dynamic trends in the global, and particularly the European, cyber threat environment.

For more information on the scope and data collection methodology see: https://eurepoc.eu/methodology

Full Codebook available here

Information about each file

please scroll down this page entirely to see all files available. Zenodo only displays the attribution dataset by default.

Global Database (csv or xlsx):
This file includes all variables coded for each incident, organised such that one row corresponds to one incident - our main unit of investigation. Where multiple codes are present for a single variable for a single incident, these are separated with semi-colons within the same cell.

Receiver Dataset (csv or xlsx):
In this file, the data of affected entities and individuals (receivers) is restructured to facilitate analysis. Each cell contains only a single code, with the data "unpacked" across multiple rows. Thus, a single incident can span several rows, identifiable through the unique identifier assigned to each incident (incident_id).

Attribution Dataset (csv or xlsx):
This file follows a similar approach to the receiver dataset. The attribution data is "unpacked" over several rows, allowing each cell to contain only one code. Here too, a single incident may occupy several rows, with the unique identifier enabling easy tracking of each incident (incident_id). In addition, some attributions may also have multiple possible codes for one variable, these are also "unpacked" over several rows, with the attribution_id enabling to track each attribution.

Dyadic Dataset (csv or xlsx):
The dyadic dataset puts state dyads in the focus. Each row in the dataset represents one cyber incident in a specific dyad. Because incidents may affect multiple receivers, single incidents can be duplicated in this format, when they affected multiple countries.

Context

(U) My purpose is to analyze Amazon Web Services (AWS) honeypot data for any trends and/or correlations that could possibly be used in predictive cyber threat vectors. I spent a lot of time looking for data sets and most of the ones I found had no documentation and the data was hard to interpret just from the file. This data is well formatted and straight forward.

Content

(U) The AWS Honeypot Database is an open-source database including information on cyber attacks/attempts.

(U) Data has 451,581 data points collected from 9:53pm on 3 March 2013 to 5:55am on 8 September 2013.

Acknowledgements

http://datadrivensecurity.info/blog/pages/dds-dataset-collection.html Jay Jacobs & Bob Rudis

Inspiration

Your data will be in front of the world's largest data science community. What questions do you want to see answered?

Cyber Security as a Service Market Outlook

The global Cyber Security as a Service market size was valued at approximately $14 billion in 2023 and is projected to reach $41 billion by 2032, growing at a compound annual growth rate (CAGR) of 12.5% during the forecast period. This remarkable growth is driven by the increasing prevalence of cyber threats and the growing need for robust security solutions across various sectors.

The growth of the Cyber Security as a Service market can be attributed to several key factors. Firstly, the rapid digitization and adoption of cloud services have exposed businesses to a myriad of cyber threats, necessitating advanced security measures. The rise in sophisticated cyber-attacks, such as ransomware, phishing, and malware, has compelled organizations to seek comprehensive security solutions to safeguard their data and ensure business continuity. Additionally, regulatory requirements and compliance mandates across industries are driving the demand for managed security services, further propelling market growth.

Secondly, the increasing adoption of Internet of Things (IoT) devices has expanded the attack surface, making enterprises more vulnerable to cyber-attacks. As IoT devices become integral to business operations, securing these devices has become paramount. Cyber Security as a Service offers scalable and flexible solutions to monitor and protect IoT ecosystems, thereby addressing the security challenges posed by these interconnected devices. Furthermore, the growing awareness about the financial and reputational damage caused by data breaches is prompting businesses to invest heavily in cybersecurity services.

Thirdly, the shortage of skilled cybersecurity professionals is a significant growth driver for the market. Many organizations lack the in-house expertise required to effectively combat evolving cyber threats. As a result, they are increasingly turning to third-party service providers to manage their cybersecurity needs. Cyber Security as a Service offers access to a pool of experts, advanced technologies, and continuous monitoring capabilities, enabling businesses to strengthen their security posture without the need for extensive internal resources.

The integration of Financial Services Cybersecurity Systems and Services is becoming increasingly vital in the face of evolving cyber threats. Financial institutions are prime targets for cybercriminals due to the sensitive nature of financial data and transactions. As a result, there is a growing emphasis on developing comprehensive cybersecurity frameworks that encompass both preventive and responsive measures. These systems and services are designed to protect financial data, ensure compliance with regulatory requirements, and maintain customer trust. By leveraging advanced technologies such as artificial intelligence and machine learning, financial institutions can enhance their threat detection and response capabilities, thereby safeguarding their operations from potential cyber threats.

From a regional perspective, North America is expected to dominate the Cyber Security as a Service market during the forecast period. The presence of major cybersecurity vendors, coupled with stringent regulatory frameworks and high adoption rates of advanced technologies, contribute to the region's leading position. However, the Asia Pacific region is anticipated to witness the highest growth rate, driven by increasing digital transformation initiatives, rising cybercrime incidents, and growing awareness about cybersecurity solutions.

Service Type Analysis

In the Cyber Security as a Service market, the service type segment is pivotal, covering services such as Threat Intelligence, Managed Security Services, Security Monitoring and Analytics, Incident Response, Compliance Management, and others. The diverse nature of cyber threats necessitates a variety of specialized services, each catering to different facets of cybersecurity.

Threat Intelligence services play a crucial role in the market. These services involve the collection, analysis, and dissemination of information about potential or ongoing cyber threats. By leveraging advanced analytics and machine learning, threat intelligence services provide actionable insights that help organizations anticipate and mitigate cyber risks before they materialize. The growing complexity of cyber threats and the need for proactive threat management

Banking Cyber Security Market Outlook

The global banking cyber security market size is projected to grow from USD 12.4 billion in 2023 to USD 25.8 billion by 2032, exhibiting a CAGR of 8.5% during the forecast period. The primary growth factor driving this market is the increasing frequency and sophistication of cyber-attacks targeting the banking sector, coupled with stringent regulatory compliances and the rising adoption of digital banking services.

The exponential growth in the market is significantly bolstered by the widespread adoption of digital transformation initiatives by banking institutions. As banks shift towards digital channels to offer seamless and efficient services to customers, the vulnerability to cyber threats increases, necessitating robust cyber security measures. The proliferation of mobile banking and online transactions has expanded the attack surface for cybercriminals, compelling banks to invest heavily in advanced cyber security solutions to safeguard sensitive financial data and maintain customer trust.

Another critical growth factor is the increasing complexity and sophistication of cyber-attacks. Modern cyber threats are no longer limited to simple malware but encompass advanced persistent threats (APTs), ransomware, phishing attacks, and Distributed Denial of Service (DDoS) attacks. These advanced threats target not only the financial transactions but also the underlying banking infrastructures and customer data, posing significant operational and reputational risks. Consequently, there is an escalating demand for comprehensive and multi-layered security solutions to detect, prevent, and respond to these advanced threats effectively.

The regulatory landscape is also a significant driver of market growth. Governments and regulatory bodies worldwide have implemented stringent data protection and cyber security regulations to protect financial systems and consumer data. Compliance with regulations such as the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), and the New York Department of Financial Services (NYDFS) Cybersecurity Regulation has become mandatory for banking institutions. These regulations mandate the implementation of robust cyber security frameworks, driving substantial investments in advanced security solutions and services.

Regionally, North America dominates the banking cyber security market, driven by the presence of major market players and stringent regulatory norms. However, the Asia Pacific region is expected to witness the highest growth rate during the forecast period, primarily due to the rapid digitalization of banking services, increasing internet penetration, and a surge in cyber-attacks. Developing economies in the Asia Pacific region are heavily investing in cyber security infrastructure to protect their burgeoning digital banking sectors, which further fuels market growth.

Component Analysis

The banking cyber security market can be segmented by component into two primary categories: solutions and services. Solutions encompass a wide range of security products like firewalls, intrusion detection systems, encryption software, and security information and event management (SIEM) systems. The solutions segment is anticipated to hold the largest market share due to the essential nature of these products in providing foundational security infrastructure for banking operations. Banks are increasingly deploying these solutions to protect their networks, endpoints, applications, and data from ever-evolving cyber threats.

Within the solutions segment, the adoption of artificial intelligence (AI) and machine learning (ML) technologies is significantly on the rise. These technologies are utilized for real-time threat detection and response, predictive analytics, and automated remediation. AI and ML enhance the effectiveness of cyber security measures by identifying abnormal patterns and potential threats with high accuracy, thus allowing banks to proactively prevent security breaches and reduce response times.

The services segment, which includes managed security services, consulting, and support services, is also witnessing significant growth. Managed security services are particularly gaining traction, as many banking institutions opt to outsource their cyber security operations to specialized providers. This approach allows banks to leverage expert knowledge, advanced technologies, and continuous monitoring without the need for substantial in-house investments. Additionally, consulting services are essential for banks to

This dataset contains synthetic logs designed to simulate the activity of the Pegasus malware, providing a rich resource for cybersecurity research, anomaly detection, and machine learning applications. The dataset includes 1000 entries with 17 columns, each capturing detailed information about device usage, network traffic, and potential security events

Columns: user_id: Unique identifier for each user device_type: Type of device used (e.g., iPhone, Android) os_version: Operating system version of the device app_usage_pattern: Usage pattern of the applications (Low, Normal, High) timestamp: Timestamp of the recorded activity source_ip: Source IP address of the network traffic destination_ip: Destination IP address of the network traffic protocol: Network protocol used (e.g., HTTPS, FTP, SSH) data_volume: Volume of data transferred in the session log_type: Type of log entry (system, application, security) event: Specific event type (e.g., App Install, System Update, Logout, App Crash) event_description: Description of the event error_code: Error code associated with the event file_accessed: File path accessed during the event process: Process name involved in the event anomaly_detected: Description of any detected anomalies (e.g., Unknown Process Execution, Suspicious File Access) ioc: Indicators of Compromise (e.g., Pegasus Signature, Known Malicious IP)

This dataset is ideal for those looking to develop and test cybersecurity solutions, understand malware behavior, or create educational tools for cybersecurity training. The data captures various scenarios of potential malware activities, making it a versatile resource for a range of cybersecurity applications.

On average, ** percent of organizations worldwide were victims of a ransomware attack between January and February 2024, according to a survey conducted among cybersecurity leaders of worldwide organizations. France ranked first by the ransomware rate in companies, with ** percent reporting having encountered such an attack in the last 12 months. Companies in South Africa, Italy, and Austria followed, with up to ** percent of the organizations experiencing ransomware attacks.

In March 2025, a small logistics company in Ohio lost access to every operational file it had overnight. Trucks sat idle, routes scrambled, and customer data vanished into encryption. The attackers demanded payment in Bitcoin, $210,000, to unlock the systems. The company paid. What happened next? The decryptor didn’t work....

Introduction

Notable Ransomware Statistics: Even in the year 2024, ransomware is ranked among the most disruptive and expensive types of cybercrime. This is software that keeps people from accessing their gadgets until they pay an amount, and it keeps getting better with time, while looking for people to pay or companies.

Data as of 2024 indicated that there was an upward trend in the prevalence and economic losses caused by ransomware attacks throughout the world. Emerged are some notable ransomware statistics to consider in the year 2024.

As per Cognitive Market Research's latest published report, the Global Cyber Security market size was $154.80 Billion in 2022 and it is forecasted to reach $353.15 Billion by 2030. Cyber Security Industry's Compound Annual Growth Rate will be 10.8% from 2023 to 2030. Market Dynamics of Cyber Security Market:

Increased target based cyber-attacks:

Every year, cybercrime dramatically rises as attackers become more proficient and sophisticated. In target-based cyberattacks, hackers or attackers focus on a single organisation because they have a particular business interest. Putting the attack together could take months so they can figure out the best way to get their exploit into your systems (or users). Because it has been precisely designed to attack your systems, processes, or persons, at the office and often at home, a targeted attack is frequently more harmful than an untargeted one. In addition to having an impact on the organization's and business's finances, cybersecurity also makes businesses more vulnerable and uncertain.

Cyberattacks can potentially harm a company's reputation, especially if private customer information is taken. The established customer trust may suffer as a result of cyberattacks. This breach of trust may be challenging to repair and may have long-term effects on the company. The activities of a company are also disrupted by these attacks, making it difficult or impossible to access vital systems or data. This might cause delays in manufacturing, disrupt customer service, and result in lost income. Businesses may occasionally have to stop operating completely until the attack is stopped, which will have a greater financial impact.

Growing need for automated cybersecurity due to the increased use of IoT devices.

Restraining Factor:

Budget restrictions and a lack of specialists among SME's:

Cybersecurity is crucial prat of any organization as it protects against unwanted access, theft, and damage to critical data and computer systems. Cyber-attacks are growing more prevalent in today's digital environment, and they could have very negative effects. Due to the complexity of technology, many organisations, especially SME's, cannot afford cybersecurity despite its necessity. Cybersecurity can be complicated and calls for knowledge in fields like software development, network security, and cryptography. The cost of acquiring and maintaining this expertise might be high. In addition, considering the consistently evolving cyber threats, the updating of cybersecurity measures is necessary. This requires ongoing investment in technology, personnel, and training. Therefore, budget restrictions coupled with expensive tools and software’s and a lack of specialists in SME's might affect the growth of the cyber security market.

Current Trends on Cyber Security:

Rising e-commerce platforms and online shopping:

Rising disposable income coupled with high penetration of internet and smartphone expected to drive the e-commerce market and online shopping. Online shopping is incredibly convenient for consumers as they can shop from the comfort of their homes or on-the-go using their smartphones or tablets. This is especially true during the COVID-19 pandemic when physical stores are closed or people prefer to avoid crowded places. In addition, online retailers can offer lower prices compared to physical stores due to lower overhead costs. Moreover, E-commerce platforms are open 24/7, which allows customers to shop at any time that is convenient for them. With advances in technology, e-commerce platforms have improved their shipping and delivery options. Overall, rising e-commerce platforms and online shopping provides new opportunities to cyber security market.

Impact of COVID-19 pandemic on Cyber Security Market:

With the widespread shift to remote work and online services, there has been a surge in cyber-attacks, making cyber security more important in COVID-19 pandemic. Organizations are investing in cyber security solutions to safeguard their systems and data as a result of the rise in cyberattacks brought on by the epidemic. The need for cyber security goods and services has increased as a result. Budget restrictions, especially for SME's, have been brought on by the economic burden of the epidemic on many organisations. Cost-effective cyber security solutions are now receiving more attention as a result of this. The CO...