My school has a screen in the Cyber Security building that shows web attacks by countries in real time. It shows attackers, defenders, scanners, and two other things I don’t remember.
How can they possibly track all of the cyber attacks and also know where they’re coming from and going to?
In: 7
A lot of cybersecurity companies have “real time attack maps” [Check Point’s](https://threatmap.checkpoint.com/), [Fireeye](https://www.fireeye.com/cyber-map/threat-map.html), [Net Scout](https://www.netscout.com/ddos-attack-map).
So first off your school is using one of those, the way they get that data is they have sensors in their clients networks and monitor for that stuff, it’s easy enough to see what machine is connection to your network. From that connection you can get location, and since you know where the network you are on is. This doesn’t mean the information is always accurate, it’s fairly easy to spoof IP address, or hide behind proxies, VPNs, hacked machine etc.
TL:DR it’s companies literal jobs to do it, they put up those maps to show off.
Latest Answers