Almost every second, both automated systems and simple IS specialists crack hundreds of servers and devices. These attacks are monitored and the information about them is carefully analyzed.
Usually, the collected data are classified, but the harmless part of them is still made public. Cyberattack maps are based on it.
How does it work?
The technologies of the above examples are different in most cases, someone more analyzes data received from notifications of their own antivirus, someone puts hanipots, analysis of search queries is also present in the architecture of these applications.
You can create something similar at home by installing and configuring a hanippot, a device that has a huge number of vulnerabilities on board and serves as bait for attackers.
What can you learn from these cards?
They provide information about the attacks in real time. By analyzing the information from each map, statistics is built on the number of attacks, the most attacked countries, industries and the priority of the cracking tools.