In September 2019, we started a dataset of Critical Infrastructures Ransomware Attacks (CIRWAs). These are based on publicly disclosed incidents in the media or security reports. This dataset (version 10.4) now has 747 records assembled from publicly disclosed incidents between November 2013 and September 2020, and has been mapped to the MITRE ATT&CK Framework (56% mapping on software/strain). This is a FREE resource that you can request.
Want to submit a CIRWA? Your contribution, if relevant, will be added to this dataset!