Cyber-attacks and online criminal activity happens every day, and the clever folks at computer security company Norse has designed a real-time map to illustrate cyber-attacks against a “honeypot” network.
A honeypot is, in theory, a trap set by someone to detect, deflect, or, in some manner, counteract attempts at unauthorised use of information systems. The map, named IPViking, show exactly where attacks are originating from, their IP addresses and where their targets are located. It’s not an overview of all the cyber-attacks currently in progress, but does provide a snapshot of sorts of what is going on.
At the time of writing, the majority of the online attacks against the honeypot network originated in Cape Town, and targeted a computer in St. Louis (where Norse is based). The US and China came in second and third place respectively, but in general, the majority of the attacks stem from China.
“At any given time during business hours on Monday in Hong Kong, China led the list of countries where attacks originated, and the US was China’s top target. But the US was a steady number two on ‘attack origins’ list, though the targets varied,” Heather Timmons for Quartz told The Smithsonian.
Norse explains that the map “attacks shown are based on a small subset of live flows against the Norse honeypot infrastructure, representing actual worldwide cyber-attacks by bad actors.”
The map makes up part of the IPViking software, which is a “SaaS service that gathers ‘dark intelligence’ from the parts of the Internet where bad actors operate and delivers an actionable risk score that enables organisations to drastically reduce ecommerce fraud and increase their overall security posture.”
The security company should know what it is talking about, as it was founded by a former intelligence expert with the US’s Department of Homeland Security and a technology consultant.[Source – Norse]