If you haven’t seen these maps, it can be eye opening. These are real-time and/or near real-time threat maps that are readily available online.

They cover traffic such as:

DDoS (distributed denial of service) the intentional paralyzing of a computer network by flooding it with data sent simultaneously from many individual computers

IDS (intrusion detection systems) network attacks detection flow

VUL (vulnerability scan) vulnerability detection flow

MAV (mail anti-virus) malware detection flow during Mail Anti-Virus scan when new objects appear in an email application

WAV (web anit-virus) shows malware detection flow during Web Anti-Virus scan when the html page of a website opens or a file is downloads

OAS (on-access scan) shows malware detection flow during On-Access Scan, i.e. when objects are accessed during open, copy, run or save operations

ODS (on demand scanner) shows malware detection flow during On-Demand Scan, when the user manually selects the “Scan for viruses

Attack types against (all types not listed): telnet SQL domain http ssh



Various companies who are touting their cyber security offering like to throw these up behind them during photo ops. They are impressive, but more importantly they show us the unseen cyber world and the fact we are under attack.

The list below includes pictures of the sites and the links to view them in real-time.

Live Norse Attack Map – Norse collects and analyzes live threat intelligence from darknets in hundreds of locations in over 40 countries. The attacks shown are based on a small subset of live flows against the Norse honeypot infrastructure, representing actual worldwide cyber attacks by bad actors.

Kaspersky Lab’s CYBERTHREAT Real-Time Map – Kaspersky Lab has launched an interactive cyberthreat map that visualizes cyber security incidents occurring worldwide in real time. The types of threats displayed include malicious objects detected during on-access and on-demand scans, email and web antivirus detections, as well as objects identified by vulnerability and intrusion detection sub-systems.

Digital Attack Map – The Digital Attack Map displays global DDoS activity on any given day. Attacks are displayed as dotted lines, scaled to size, and placed according to the source and destination countries of the attack traffic when known

Fortinet Threat Map – Remote execution attacks, memory related attacks, remote location attacks, denial of service attacks (DoS), etc.

There are more maps that do some of the same type of tracking as well as other threats. The list below includes the site listed in this article as well as others.

http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=0&time=16643&view=map

http://map.norsecorp.com/

http://map.honeynet.org/

https://cybermap.kaspersky.com/

http://threatmap.fortiguard.com/

https://www.stateoftheinternet.com/trends-visualizations-security-real-time-global-ddos-attack-sources-types-and-targets.html

http://dds.ec/pewpew/index.html

http://www.trendmicro.com/us/security-intelligence/current-threat-activity/global-botnet-map/index.html

https://www.stateoftheinternet.com/trends-visualizations-security-real-time-global-ddos-attack-sources-types-and-targets.html

MUST RUN THIS ONE IN CHROME

https://labs.opendns.com/global-network/