Skip to content

EU Media Reporting Tracker

Curious about how European media covers cybersecurity events? The EU Media Reporting Tracker reveals the dynamics of media reporting on cyber incidents across the EU. Cybersecurity is complex, with specialized coverage that often dives deep into technical details. But how much of this information actually reaches the public? Our Media Tracker sheds light on this by providing daily updates from the European Repository of Cyber Incidents Dataset. Explore how EU media is shaping public understanding of cybersecurity.

Select Your Issue: The EU Media Reporting Tracker will analyze data from the chosen time period, based on the publication date of the report.

scroll down

Our tracker covers non-paywalled articles from:

news outlets
0

in

EU member states
0

The tracker analyses the extent to which these media report on cyber incidents, compared to other sources, including reports from IT companies, governments, and social media. It covers incidents added to the database since January 2023.

The data provides insights into the disparities/similarities between the cyber security expert community and the mainstream media, which continues to play a crucial role in shaping public perception in European societies.

Cyber incidents receive limited attention in the mainstream EU media

Overall, only 6% of cyber incidents recorded by EuRepoC since January 2023 were also reported in the tracked EU media.

This figure increases when looking only at cyber incidents that targeted EU member states, but still remains low at 12%.

Percentage of cyber incidents reported by EU media
out of all incidents recorded by EuRepoC

All incidents     Incidents targeting EU member states

Number of cyber incidents reported by media country and targeted country

We see a lack of Europeanised reporting on cyber incidents

The EU media tend to report cyber incidents where their own country was targeted or cyber incidents targeting non-EU member states – particularly the United States. Very few outlets report cyber incidents targeting other EU member states. This is partly due to the comparatively high vulnerability of US targets to cyberattacks, but also to a particularly high number of US actors first reporting on cyber incidents, whose reports are then picked up by EU media.

The heatmap to the right shows the number of incidents reported by outlets in the 9 EU member states covered by this analysis by targeted country.

DDoS/Defacement operations are over reported

Since January 2023, 30% of incidents reported by the media were DDoS operations, whereas these operations only represent 15% of all operations added to the database over the same period (green bar).

Other less visible incidents (e.g. hijackings or data theft), are underreported (red bar), despite often having more severe socio-economic consequences than DDoS/defacement attacks. This is significant as the increased attention given to DDoS attacks can play in the hand of the attackers. It can lead to a distorted threat perception of European citizens as well as a misallocation of public cybersecurity resources.

Difference between EU media coverage of different operation types vs.
their actual share of the EuRepoC database

Use the dropdown menu on the top left of the graph to display the figure for specific months and/or only for incidents targeting EU member states.

There's a significant delay between the start of a cyber incident and its media coverage.​

On average, incidents are reported 8 months after they initially take place. The delay ranges from a few months to as long as 108 months—approximately 9 years—in some cases. This time lag is indicative of the time often required for a cyber incident to be detected and/or disclosed by the affected parties.

DDoS/defacement and wiper operations are reported much quicker than other types of operations, as due to their disruptive effects, they are necessarily designed for timely detection, also by third parties outside of the target organisation.

Number of months between the start of an incident and the media report

To zoom into a specific area of the graph, select the area using the cursor. Double-click on the graph to reset back to the default zoom settings.

Media reporting on cyber incidents linked to the Russia-Ukraine conflict has a strong national focus.

Since January 2023, we recorded 147 cyber incidents linked to the Russia-Ukraine conflict, of which only 11% (16) were reported in the EU media covered under this analysis.

The EU media mainly reported incidents linked to the conflict when EU member states were affected – particularly their own member state. Specifically, 10 of the 16 reported incidents targeted EU member states, 8 of which the country of the reporting media outlet. On the other hand, only 2 of the incidents targeting Ukraine were reported and only 3 of those targeting Russia.

Number of cyber incidents linked to the Russia-Ukraine conflict by targeted country

Browse the EU Media Reporting on Cyber Incidents

Note on methodology

This analysis only covers media articles that are not behind a paywall.

Each source is scanned daily and automatically as part of the general EuRepoC data collection methodology. We cover the media sections on national and international politics and columns on cybersecurity/technology (see table below).

Please note that EuRepoC only considers cyber incidents that have a political dimension. It is possible that the EU media outlets covered by this analysis reported on additional cyber incidents outside the scope of the EuRepoC project.

Sources

Download static PDF version

Welcome to our Cyber Incident Dashboard!

For best results, please view on a desktop device.