The ability to watch global cyber attacks as they are about to happen? Sounds too good to be true, right? Nowhere else in the world can you locate a battlefield that is active 24/7 —and yet, if you turn on your PC, it’s possible to watch real-time cyberwar night or day. Right before your eyes, graphic representations of cyber attacks play out on a screen filled with conflict, hostility, and sheer terror. These real-time interactive maps depict a crashing salvo of thousands of firearms, and if you listen carefully, you can almost hear the impending rumble of catastrophic repercussions.
Real-time attacks categorized by type, origin, and target are made available to us to watch online via networks owned by leaders in threat intelligence. Tune in to real-time cyber attacks for just a few minutes, and it will become clear the U.S. is by far the most targeted country in the world, not to mention the U.S. and China are, indeed, the primary countries where threats originate.
With a level of sophistication that collects data identifying the identities of attackers—who they are and what their end goal is—leaders in threat intelligence networks boast ‘real-time’ attack telemetry with millions of sensors emulating thousands of applications, across multiple countries.
Sensors have been developed to look like standard pieces of equipment like PC’s, Macs, ATMs, closed-circuit TV cameras, critical infrastructure systems, and X-ray machines—systems that are characteristically targeted. Data is delivered through appliances and gives intelligence firms the ability to block attacks and improve their security and that of us all by taking the ‘first hit’ on behalf of businesses everywhere.
However, research suggests the real-time data shared via cyber attack maps is not actually ‘real-time’ at all, indicating instead that most threat intelligence networks exhibit pre-recorded attacks, not actual live feeds, and are said to share less than one percent of the data received at any given time. Of the many threat intelligence firms in existence, the California-based company called Norse in Foster City is one of the best known and consequently appears to carry the most credibility. Norse states that their shared real-time attacks are “based on a small subset of live flows against the Norse honeypot infrastructure.”
Some cybersecurity specialists suggest that online maps sharing real-time cyber attacks exist only as graphic magnets for those stimulated by visuals and have labeled them as ‘performance art’ with little value. Others suggest the moving images offer a genuine and real education for enthusiasts, and at the very least, can be used to raise interest in security and its industry in school leavers —educating them on cybersecurity-based data, strategy, and threat types.
The global impacts of cyber-related destruction were emphasized further with the WannaCry ransomware attack of May 2017— but it’s worth remembering there often isn’t a cloaked physical being instigating the attack or fighting his way through the Cyber Kill Chain. Often a malware-infected computer will be the culprit—that, or a series of automated attacks driven by bots.