Chapter 1 Introduction

1.1 Research topic

Cybersecurity has become a growing issue globally, with the increase in internet penetration and digitalization. According to the FBI, the number of reported cybercrime incidents rose by about 300% in 2020 within the US alone. This does not come as a surprise since the COVID-19 pandemic provided the impetus for digital migration, which naturally leads to an increased financial incentive for hackers. Coincidentally, there has been an uptick in the use of cyber attacks by nation states fueled by the rise in geopolitical tensions between countries. Disruptions brought about by such incidents of cyber warfare are a cause of concern given their scale.

Our project will investigate high-impact cyber attacks and incidents on government agencies, defense and high tech companies, or economic crimes with losses of more than a million dollars, retrieved from the Center for Strategic & International Studies: https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents.

1.2 Data availability

The data we will be using comes from the website mentioned above, from which one can download a PDF text file 221006_Significant_Cyber_Incidents.pdf containing all the major cyber attacks from 2003 to present. Using regex and natural language processing, we can extract the following features: time of attack, origin of attacker, origin of victim, type of attack and the industry affected.

1.3 Motivation

This project aims to gain a deeper understanding on the cyber incidents listed in the report. Specifically, we will look for methods to group the attacker and victim origin countries (e.g. by continent or GDP per capita) for analysis. At the same time, we will also consider exogenous variables that might affect the frequency or nature of cyber attacks, such as periods coinciding with the Ukraine War and the COVID-19 pandemic etc.