You can also filter the data down by location and by protocol.Ģ. Norse's map ranks the country of attack origin, attack type, attack target country and displays a live feed of attacks. This is the Norse attack map as an example:ġ. They all seem to show the cyber attacks in a slightly different perspective. Akamai says the data is presented in real-time.Here are the top 5 Cyber Attack Maps found in Google. Once loaded, it's possible to see what regions in the world have the most traffic volume in another tab, you can see what regions are experiencing the most attacks. The Akamai real-time monitor isn't a typical cyber-attack map, but we've included it here because it does track attacks in addition to traffic on the internet. The age of the data shown isn't clear, but the historical data tracks back 14 days. Trend Micro's Botnet Connection Dashboard is a smaller, stripped down cyber attack map that tracks C&C (Command and Control) servers used by botnets (and their targets) across the globe. The map will visualize DDoS attacks and allow filtering by size and type. The raw data is sourced from more than 300 ISP customers, and 130Tbps of global traffic. The Digital Attack Map tracks DDoS attacks with data from Arbor's ATLAS threat intelligence system. The cyber attack map from Arbor Networks is a hybrid map that was created in part with Google Ideas. The data displayed is "based on a subset of real attack data, which is optimized for better visual presentation." FireEye Arbor Networks It tracks historical data and splits it into industry segments and top country of origin for attackers.
The FireEye cyber attack map lacks the detail presented by the others, and keeps things simple.
In addition to watching the playback, the top attackers and targets can be viewed historically, with monthly and weekly stats. The map is more visual than the one from Norse, but still has the same basic construct. The ThreatCloud cyber attack map from Checkpoint Software shows historical data that is reset each day at 12:00 a.m. Fortinet customers have the ability to have a map of their own, according to documentation. As the attacks are displayed, a rotating breakdown of various stats appears in the lower left part of the screen. Kaspersky Fortinetįortinet's cyber attack map looks similar to the one from Norse and appears to show a playback of recorded events. But it isn't clear just how real-time, the real-time presentation is. The attacks shown on the Kaspersky map are taken from on-demand and on-access scans, as well as web and email detections. Taking first prize for visuals and interactive displays is the Kaspersky "Cyberthreat Real-Time Map" – complete with global rotation and zoom. Interestingly enough, organizations can add their logo to the map when it is displayed at the office. Discussing the data shown on their map, Norse says the attacks are "based on a small subset of live flows against the Norse honeypot infrastructure…" Probably the most well-known cyber attack map is the one produced by Norse, a security firm that's had its share of problems over the last few years. This is something the vendors that produce the maps know well, as the maps themselves are sales tools. Again, the value of these cyber attack maps isn't the data they're showing, it's how they can be used as a conversation starter. Some SOC operators do the same thing for clients, using the maps to visualize attack types and try to answer customer questions. The concept is smart, as the visuals and datatypes on display can create discussion points on attack types, methods and threat actors.
LIVE CYBER ATTACK MAP PROFESSIONAL
Most are just a subset of recorded attacks or a playback of sanitized packet captures.īut don't discount how useful the eye candy factor can be: one security professional said he uses them to get high schoolers interested in the security industry. The common misconception with cyber attack maps is that the data is live, or real-time. "If I found one that'd add value, we'd use it," one security executive said on Twitter.
0 kommentar(er)
