Norse's interactive live map, shown
above, allows viewers to watch as live attacks unfold around the world.
The most popular target seems to be the U.S., with many attacks
originating in China. At certain times, a large attack will take place
when hackers try to take a website offline, known as a DDoS attack. The
map was designed to work in Chrome and loading times may vary depending
on your browser
To
gather the data, Norse uses a worldwide 'honeypot', which is,
essentially, a vulnerable network purposefully set up to knows when it
is being attacked.
WHAT IS A DDOS ATTACK?
DDoS
stands for 'Distributed denial-of-service' attack, when hackers use a
network of 'zombie' computers to sabotage a specific Web site or server.
The
idea is pretty simple - a hacker tells all the computers on his
botnet to contact a specific server or web site repeatedly.
The sudden increase in traffic can cause the site to load very slowly for legitimate users.
Sometimes the traffic is enough to shut the site down completely.
This lets the company tell when and where an attack is originating from, creating a live map around the world.
It
also lets the company detect when a huge attack is taking place,
perhaps to take down a website or render a service inoperable.
‘Every
second, Norse collects and analyses live threat intelligence from
darknets in hundreds of locations in over 40 countries,’ the company
wrote. A darknet being a private network.
‘The
attacks shown are based on a small subset of live flows against the
Norse honeypot infrastructure, representing actual worldwide cyber
attacks by bad actors.
‘At a glance, one can see which countries are aggressors or targets at the moment.’
To gather the data Norse uses a worldwide
honeypot, in essence a purposefully vulnerable network that knows when
it is being attacked. This lets the company tell when and where an
attack is originating from, creating this live map from around the world
The U.S. Department of Defense announced it was subjected to 10 million cyber attacks a day in 2012.
While
the National Nuclear Security Administration, in charge of America’s
nuclear stockpile, also saw 10 million attacks per day in 2013, while
the UK in total reported 120,000 daily attacks in 2011.
Earlier this month, a security
report by security firm McAfee found that cybercrime is
now such big business, it is worth more than the wealth of some
countries.
As
a business, cybercrime would be ranked 27th in the world based on
revenue, and the attacks are currently costing the world more than £238
billion ($400 billion) a year.
This is
equal to more than 0.5 per cent of the world’s total gross domestic
product, damaging the global economy almost as much as illegal drugs and
piracy, according to ‘The Global Cost of Cybercrime’ report.
Facebook experienced an outage on 19 April that
meant users were unable to log on for 30 minutes (pictured). During this
time, YouTube user Tournaments Replays used Norse's map to spot a
significant distributed denial-of-service (DDoS) attack originating in
China, and appearing to attack the U.S. Facebook said the downtime was
due to 'an issue that prevented people from posting to Facebook for a
brief period of time' and did not confirm or deny if it had been hit by
an attack
Security
experts, including from EU law enforcement agency Europol and Nato,
have been discussing the report, and what more needs to be done to stop
the increasing amount of web attacks.
The report also found that more than 200,000
jobs have been lost as a result of cybercrime - through reputation damage
or loss of assets.
When Facebook was down for 30 minutes last week, YouTube user Tournaments Replays used Norse's map to spot a significant distributed denial-of-service (DDoS) attack originating in China, and appearing to attack the U.S.
Facebook said at the time the downtime was due to 'an issue that prevented people from posting to Facebook for a brief period of time' and did not confirm or deny if it had been hit by an attack.
This type of attack consists of using bots to overload a website with requests and take it offline. Hackers have used them to take down other famous websites in the past, including eBay and Microsoft.
Meanwhile, back in April Kaspersky Lab, headquartered in Moscow, launched its own cyberthreat map.
Using Kaspersky Lab's interactive map users
can rotate the globe and zoom in to any part of the world to get a
closer look at the local threat landscape. Different types of threats
detected in real-time are marked with different colours. Click on the
image to be taken to the full interactive map
It similarly visualises cyber security incidents occurring worldwide in real time.
The
types of threats displayed include malicious objects detected during
on-access and on-demand scans, email and web antivirus detections, as
well as objects identified by vulnerability and intrusion detection
sub-systems.
'Every
day Kaspersky Lab handles more than 300,000 malicious objects,' said
Denis Zenkin, Jead of Corporate Communications at Kapersky Lab.
'Three
years ago the figure was just 70,000 but antivirus technologies have
also changed with the times and we have no problem coping with this huge
stream of traffic.
'Where
do the attacks come from? Where do users click on malicious links most
often? Which types of malware are the most prevalent? These are the sort
of questions being asked by lots of users.
'Our
new map of the cyberworld threat landscape allows everyone to see the
scale of cyber activity in real time and to get a taste of what it feels
like to be one of our experts.'
A fascinating interactive map from security firm Norse serves as a stark reminder to just how dangerous the web can be.The live graphic plots every attack taking place on the internet, in real-time and reveals the number of attacks, where the attacks originate, and which locations they are aimed at.And the map highlights the staggering number of attacks that take place between the U.S. and China - who are said to be locked in a cyper-spying war.
No comments:
Post a Comment