This beautiful, hard-to-look-away-from graphic from the Honeynet Project shows cyberattacks as they happen, and where they happen. The red dots represent attacks; the yellow dots are “honeypots,” or sensors, which monitor and publish the flow of cyberattacks. You can watch it all flow across the bottom, too. Almost every second, a new attack is reported and pushed through.
So what this shows are cyberattacks. Some cyberattacks. Not anywhere close to all of them. Only some of the sensors are reporting the attacks on vulnerable systems to the internal feed system, where that scrolling list is coming from. The graphic is automatically charting those attacks based on the IP addresses that are published.
That means we’re getting a skewed world view of global attacks. Watch Europe: it’s charting way, way more attacks than anything else, but that doesn’t mean it’s really getting targeted that much more; more attacks are just being published there. On the Honeymap FAQ popup, they note that they have a particular active group of sensors in Aachen, Germany. Aachen is getting a lot of hits, but there’s not a cyberattack epidemic; there’s just a lot more sensors.
In that sense, this is more art project than diagnostic manual. Also on the FAQ, they explain how it’s a project done “just for fun.” But it’s enough to make you consider: if Aachen is the place they’re monitoring the attacks best, how fast would a true world cyberattack map fill up? Probably quick.
Click here to see it in real time.