A curated dataset of critical cyber attacks against governments, infrastructure, and industry. ROCCA tracks threat actors, targets, attack methods, and outcomes across 711 core incidents and 954 extended records, coded and reviewed by Orion Policy Institute researchers.
Public tier is free and open. Private tier is granted on request.
Core incidents
Extended records
Coded variables per record
Update cycle
The public dashboard gives open access to the ROCCA core dataset with interactive filtering, incident timelines, and per-record detail cards. No registration required.
Slice the dataset by threat actor, target sector, and attack type in one view.
Follow critical attacks from the earliest records to the present, updated monthly.
Open any incident for its coded fields: target, method, impact, and actor type.
The public tier covers the core dataset and is open to everyone. The private tier adds the full extended dataset, source documentation, and export tools for approved users.
| Feature | Public Dashboard | Private Dashboard |
|---|---|---|
| Incident coverage | Core dataset (711 incidents) | Full dataset (954 records) |
| Variables per incident | Summary fields | All coded variables, incl. attribution confidence and source notes |
| Threat actor profiles | Group name and type | Full profiles with linked incidents and TTPs |
| Data export | Not available | CSV export of filtered views |
| Update frequency | Monthly | Monthly, with early access to new records |
| Source documentation | — | Per-incident source list |
| Cost | Free, no registration | Free, approval required |
Private access is granted to academic researchers, government and policy analysts, and journalists. Requests are reviewed individually.
We have developed a dashboard for the OPI-ROCCA with two access levels: a public version and a private version. The public dashboard provides general information and selected data for broader use.
The private dashboard includes additional information, restricted data, or internal features that are only available to approved users.
If you would like to request access to the private version of the dashboard, please complete the form. Your request will be reviewed, and access will be granted accordingly.
Your information is used only to review this request and is handled under our Privacy Policy. Requests are reviewed within 5 business days.
Orion Policy Institute. (2026). OPI-ROCCA: Records of Critical Cyber Attacks [Dataset]. https://orionpolicy.org/records-of-critical-cyber-attacks-project/
Yes. The public dashboard is open to everyone, with no registration required.
Academic researchers, government and policy analysts, and journalists. Each request is reviewed individually.
Requests are reviewed within 5 business days. Approved users receive credentials by email.
Yes. Public dashboard data may be cited freely using the suggested citation format. Private-tier data use is subject to the terms shared upon approval.