Global Attack Trend Visualizations

So you want to build you own GCHQ? Well forget the talent, procedures, and technology, you need to get yourself some flashy maps on a jumbo screen ASAP! But seriously, while these maps are pretty cool looking, I wouldn't use them for any serious insights to real-world attack trends. Often these maps only consist of a small subsection of sensors and only measure a few niche categories. None the less, they are still super cool to look at!

This one run by Akami is fantastic, showing heat maps of attack traffic, so you can get an idea of the hostile network locations around the world: http://www.akamai.com/html/technology/dataviz1.html

Kaspersky labs has a really cool map tracking endpoint hits from it's IDS and anti-virus suite. This map follows their OAS anti-virus runs, ODS anti-virus runs, web anti-virus triggers, mail anti-virus triggers, network IDS, and vulnerability scan alerts. lol this map get's extra comedic value because the earth is spinning in the wrong direction: http://cybermap.kaspersky.com/

This one which is run by the Dutch Telecom, tracks the source and destination as well as the type of attack, be it network, web, or even smartphone. This one is also good for some high level statistics. This is built on the honeynet project. http://www.sicherheitstacho.eu/

This next map is generated by Arbor Networks and Google, using data from Arbor Network’s Active Threat Level Analysis System (ATLAS). This map tracks global DDOS trends in livetime. It is intended to show the source and destination countries of such attacks, however many of the attacks end up with unknown source. The gallery shows some pretty cool historical events. The major factor in this tracking is the raw size of traffic flows. http://www.digitalattackmap.com/

This one is hands down the coolest map! It tracks source and destination, as well as the source IP of the attack. It also tracks the port and protocol of the attack, and definitely has the coolest visualizations. http://map.ipviking.com/

ShadowServer also has a really nice collection of maps which are update daily, which can help visualize things such as botnet CCs, drones, DDoS attacks and vulnerability scans. https://www.shadowserver.org/wiki/pmwiki.php/Stats/Statistics

FireEye came out with one, it's a good one for seeing which industries are being attacked. The data behind this graph is also very expansive, as FireEye / Mandiant have a wide range of customers and some of the best intel data out there.  https://www.fireeye.com/cyber-map/threat-map.html

Finally, you can build your own cyber attack map now, for your own GCHQ instillation.  The pew-pew maps are largely a joke, but still contain a robust enough framework that you could design your own maps off of this joke project: https://github.com/hrbrmstr/pewpew