In September 2019, we started a dataset of Critical Infrastructures Ransomware Attacks (CIRWAs). These are based on publicly disclosed incidents in the media or security reports. This dataset (version 11.5) now has 1,050 records assembled from publicly disclosed incidents between November 2013 and September 30, 2021, and has been mapped to the MITRE ATT&CK Framework. This is a FREE resource that you can request.
We are trying our best to keep this dataset free and accessible to the community. This dataset can be used for educational/training purposes, conducting your own analysis/threat intel, sharing with stakeholders, etc. Please do NOT use/share this dataset to develop commercial products/services/software that others have to pay for!
If you do use the dataset for any analysis, publication, presentation, or any other dissemination, please cite this dataset in your reference list as:
Rege, A. (2021). “Critical Infrastructure Ransomware Incident Dataset”. Version 11.5. Temple University. Online at https://sites.temple.edu/care/ci-rw-attacks/. Funded by National Science Foundation CAREER Award #1453040. ORCID: 0000-0002-6396-1066.
Our dataset was featured in Security Week, BRINK, Security Magazine, SenteinelOne, Bleeping Computer, Dark Reading, the Washington Post, Bloomberg, USA Today, Institute for New Economic Thinking, The Dallas Morning News, Business Insider, California News Times, and eSecurity Planet!
Want to submit a CIRWA? Your contribution, if relevant, will be added to this dataset!