The Briefing
- From 2006 to 2020, the U.S. experienced 156 significant cyber attacks—more than the UK, India, and Germany combined
- A “significant” cyber attack refers to a hack into a country’s government agency, a defense or high-tech company, or a crime with losses of more than $1M
Significant Cyber Attacks from 2006-2020, by Country
Committing a cyber crime can have serious consequences. In the U.S., a cyber criminal can receive up to 20 years in prison for hacking into a government institution if it compromises national security.
Yet, despite the consequences, cyber criminals continue to wreak havoc across the globe. But some countries seem to be targeted more than others.
Using data from Specops Software, this graphic looks at the countries that have experienced the most significant cyber attacks over the last two decades.
| Rank | Country / Region | Number of Significant Cyber Attacks (2006-2020) |
|---|---|---|
| 1 | 🇺🇸 United States | 156 |
| 2 | 🇬🇧 United Kingdom | 47 |
| 3 | 🇮🇳 India | 23 |
| 4 | 🇩🇪 Germany | 21 |
| 5 | 🇰🇷 South Korea | 18 |
| 6 | 🇦🇺 Australia | 16 |
| 7 | 🇺🇦 Ukraine | 16 |
| 8 | 🇨🇳 China | 15 |
| 9 | 🇮🇷 Iran | 15 |
| 10 | 🇸🇦 Saudi Arabia | 15 |
| 11 | 🇯🇵 Japan | 13 |
| 12 | 🇨🇦 Canada | 12 |
| 13 | 🇫🇷 France | 11 |
| 14 | 🇮🇱 Israel | 11 |
| 15 | 🇵🇰 Pakistan | 9 |
| 16 | 🇷🇺 Russia | 8 |
| 17 | 🇭🇰 Hong Kong | 7 |
| 18 | 🇻🇳 Vietnam | 6 |
| 19 | 🇹🇷 Turkey | 6 |
| 20 | 🇰🇵 North Korea | 5 |
The U.S. comes in first place, with 156 recorded cyber attacks. That’s an average of 11 significant attacks per year, which is more than Russia’s had in 14 years.
What are the Most Common Types?
While there are many different types of cyber attacks, Specops highlights the four most commonly used for significant cyber crimes:
- Structured Query Language (SQL) Injection Attack
SQL is the code used to communicate with a database. In an SQL injection attack, the hacker writes vindictive SQL code and inserts it into a victim’s database, in order to access private information. - A man-in-the-middle (MitM)
This form of attack happens when a cyber criminal hacks into a communication channel between two people, and eavesdrops on their online exchanges. - Phishing Attack
When a cyber criminal poses as a legitimate institution and emails a victim to gain personal details like login credentials, home address, credit card information. - Denial of Service Attack (DoS)
This involves flooding a victim’s system with traffic, to the point where their network is inaccessible. The hacker doesn’t gain any valuable information from this style of attack.
»Like this? Here’s another article you might enjoy: The 15 Biggest Data Breaches in the Last 15 Years
Where does this data come from?
Source: Specops Software
Details: Report is based on each entry made by the Center for Strategic and International Studies (CSIS) in their record of significant cyber-attacks between May 2006 and June 2020.
