Published:May 3, 2023


Cyberattacks on government agencies

With the rising political tensions across the global arena, strong cybersecurity remains one of the core pillars of a country’s security. Over the past two decades, government agencies have become prime targets for cyberattacks, with perpetrators ranging from criminal organizations to state-sponsored hackers conducting cyber espionage. This week’s chart explores the prevalence and trends of these cyber ambushes, building upon records from the Center for Strategic & International Studies.

Key insights

  • Since 2006, there have been at least 722 cyberattacks on government agencies. In fact, 15% of them were reportedly carried out as part of cyber espionage campaigns, meaning they were executed by state-sponsored threat actors.
  • The first quarter of 2023 has already seen 9 cyber espionage attacks on government agencies — nearly as many as in the whole of 2022 (10). To put this into perspective, 28% of attacks in 2023’Q1 have been part of cyber espionage campaigns, while this decade’s yearly average is only 16%.
  • Close to half of the analyzed incidents happened over the last three years. Before 2020, around 29 cyberattacks on government agencies were reported every year, and this number rose to a yearly average of 96 with the start of a new decade.
  • The attacks on the governments varied from malware and ransomware attacks to social engineering and disinformation campaigns. Multiple countries were targeted through a single campaign in some cases. For example, Check Point Research recently revealed a cyber espionage campaign led by a Chinese group that targeted multiple Southeast Asian governments, including Vietnam, Thailand, and Indonesia¹.

Methodology and sources

Drawing on data from the Center for Strategic & International Studies, we analyzed 924 significant cyber incidents that took place between 2006 and 2023’Q1 (inclusive). Data was collected on April 11th, 2023. We categorized each incident based on the type of entity targeted by the attack, and only attacks on government agencies were used for the analysis. Any entities that fall under the supervision of the government were categorized as government agencies; examples include military departments, tax agencies, and offices responsible for the voting system. Incidents identified as being caused by state-sponsored threat actors were additionally classed as Cyber espionage. We then analyzed the occurrence of the attacks over the examined period.

For the complete research material behind this study, visit here.

Data was collected from:

Center for Strategic & International Studies (2023). Significant Cyber Incidents


¹ TechWire Asia (March 2023). Chinese cyber espionage group SharpPanda targeting SEA governments
The team behind this research:About us