Country Reports on Terrorism - Statistical Annex


Project Details


Beginning in June 2012, the National Consortium for the Study of Terrorism and Responses to Terrorism (START) contracted with the U.S. Department of State to collect a Statistical Annex dataset and provide a report to include in the State Department’s annual Country Reports on Terrorism. Since 2001, START has maintained the Global Terrorism Database (GTD), an unclassified event database compiled from information in open-source reports of terrorist attacks. The first version of the GTD was released in 2006 and included information on worldwide terrorism from 1970 to 1997. START routinely updates and improves the accuracy of the data. The full GTD and accompanying documentation are available to the public at The GTD staff compiled the Statistical Annex dataset to include violent acts carried out by non-state actors that meet all of the GTD inclusion criteria:

  1. The violent act was aimed at attaining a political, economic, religious, or social goal;
  2. The violent act included evidence of an intention to coerce, intimidate, or convey some other message to a larger audience (or audiences) other than the immediate victims; and
  3. The violent act was outside the precepts of International Humanitarian Law insofar as it targeted non-combatants.

Readers familiar with the GTD will note that inclusion in the GTD proper, from which the Statistical Annex data set was derived, requires that an event meet at least two out of the three inclusion criteria above. In consultation with the U.S. Department of State, START determined that it was appropriate to include in the Statistical Annex dataset only those events for which all three criteria were met in order to adhere to the definition established in the U.S. Code. In addition, the Statistical Annex dataset excludes any events in the GTD for which there was considerable uncertainty or conflicting reports regarding the inclusion criteria.

Primary Findings:

The GTD team produced the Statistical Annex for the State Department’s Country Reports on Terrorism each year from 2012 to 2017. The archived reports can be found on the State Department’s website.

The global trends in terrorist attacks observed in 2017 were the continuation of an overall pattern of decline that began in 2014 following a rapid increase in terrorist violence.  This rapid increase was largely the result of violence carried out by the Islamic State of Iraq and Syria (ISIS) and affiliated groups including Boko Haram in Nigeria, as well as the Taliban in Afghanistan.  Likewise, the subsequent decline was primarily the product of decreasing levels of violence by these same groups.  Despite these patterns, these groups remained several of the deadliest terrorist groups in the world in 2017.

Although terrorist attacks took place in more than 140 countries between 2012 and 2017, they were concentrated geographically.  Sixty percent of all attacks took place in five countries (Afghanistan, India, Iraq, Nigeria, and Pakistan), and 75% of all deaths due to terrorist attacks took place in five countries (Afghanistan, Iraq, Nigeria, Pakistan, and Syria).

Overall trends in terrorism are sometimes driven by patterns of attacks not only in particular places, but involving particular tactics or outcomes as well. For example, in 2014 there were 20 terrorist attacks in which more than 100 people were killed, partially explaining the dramatic increase in total fatalities that year.  In 2015, the number of exceptionally lethal attacks involving more than 100 deaths declined to 14, and in 2016 this figure further declined – there were 10 attacks involving more than 100 total deaths. Ten such attacks were carried out in 2017 as well.


The database—sourced by unclassified media articles—contains information on multiple dimensions of each event. More than 100 structured variables characterize each attack’s location, tactics and weapons, targets, perpetrators, casualties and consequences, and general information such as definitional criteria and links between coordinated attacks. Unstructured variables include summary descriptions of the attacks and more detailed information on the weapons used, specific motives of the attackers, property damage, and ransom demands (where applicable).

A multi-disciplinary team of University of Maryland faculty members developed the GTD data collection methodology by applying fundamentals of social sciences and computer and information sciences. The process starts with a pool of more than two million open-source media reports published each day. The GTD team combines automated and human workflows, leveraging the strengths and mitigating the limitations of each, to produce rich and reliable data.

Automated Processes

  • Initial Boolean filters of articles.
  • Natural Language Processing:
    • Remove duplicate articles
    • Location identification
    • Clustering similar articles
  • Machine Learning (ML) models identify most relevant articles.

Machine-Assisted Workflows

  • Present analysts with high-validity, topically clustered source articles.
  • Prompt human assessment of sources with unknown validity.
  • Prevent creation of duplicate entries.
  • Analyst feedback informs ML models.

Research Analyst Tasks

  • Assess source validity.
  • Review relevant source articles; apply GTD inclusion criteria to identify unique terrorist attacks.
  • Populate database with attack characteristics according to established coding rules.

Detailed information including definitions of terms, and data collection methods can be found in the GTD Codebook. Users of the GTD should carefully consider the implications of data collection methods and, in particular, interpret trends over time with caution.


Project Period:

More Information