This Is The World's Most Active Battlefield - Watch Cyber-War In Real-Time

Tyler Durden's picture

Today’s most active battlefield is not located on the ground, in the air, or on the mighty seas. It’s taking place on the internet – and, as Visual Capitalist's Jeff Desjardins notes, if you’re still a non-believer, spend a few minutes with the following live map to watch a representation of cyber attacks as they happen...

Created by Norse Corporation, a cyber intelligence firm that claims to get instant attack telemetry from over eight million sensors deployed worldwide, the map visualizes cyberwar in real-time and organizes attacks by type, origin, and target. (A full-screen version is also available.)

Source: Visual Capitalist


Who is responsible for these attacks, and who is the target?

In our few minutes of watching, the United States received nearly 70% of incoming attacks:

Cyberwar and types of attacks

While we were not expecting this live visualization to literally cover every single hack worldwide, this does seem to match up with the ratio from other sources. For example, in a previous infographic on cyberwar, we noted that the U.S. is targeted in 66% of web application attacks, and in 54% of cyber espionage hacks.

In our few minutes of watching, about half of the attacks also originated from the United States. However, many also were launched from other countries such as China, Ukraine, and The Netherlands.


While the idea of cyber warfare still seems like science fiction for many people, recent events such as the WannaCry ransomware attack have made the scale and potential implications of cyber warfare much more real.

WannaCry Map

The above map from AFP shows that the WannaCry attack was unprecedented in scale, infecting more than 230,000 computers in over 150 countries. Using an exploit developed by the NSA, WannaCry infected Britain’s National Health Service (NHS), Spain’s Telefónica, FedEx, and Deutsche Bahn, along with many other companies or countries.

Ultimately, the hack had a built-in “killswitch” that was discovered by internet security experts. It also seemed to be relatively ineffective at collecting hefty amounts of ransom. Despite all of this, the reality is that the hack shut down hospitals and other businesses, giving us a true taste of the scale and impact that a professionally-executed cyber attack could have in the future.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
TruxtonSpangler's picture

This graphic is utter BS - port sans have been going on since the beginning of the internet

TruxtonSpangler's picture

Arent these the jabronies that DNC hired to research the "russian hack" and wouldnt let FBI even touch the DNC servers?

AltRight Girl's picture

The most active battlefield is MEDIA.

There is where leftiest scum try to program and brainwash the Western world.

Macron, May & Merkel: The Childless Leaders that Bring White Genocide to Europe

john doeberg's picture

Beside Media, don't forget the Education and Entertainment industry.

All these battlefields are belong to us!


old naughty's picture

cyber is the 5th Domain (and surly there'd be 6...)

before superman human did not know about laser seeing thru solid,
before Terminator human did not know robots exist to kill Humans,
before Star War, human did not know Death Star destroying entire planet,

before Drones human did not know faked bugs could listen/kill...
and imagine cyber warfare that could kill via camera or display?

Did anyone ever wonder: "Long long time ago, in a galaxy far far away..."
was a revelation? Be "prepared"...

BennyBoy's picture


 Curious there are no attacks on the St. Louis server farms.

Go to and see how often Microsoft Corporation, Redmond, WA comes up under live attacks. (hint, they are #1)

Thought Processor's picture



Yeah that's strange.  And now 230,000 people are upgrading also. I'm sure it's just a coincidence.

Blano's picture

Plus they sometimes attack a place that looks like it's in upstate New York or thereabouts.

I don't get it.

Crash Overide's picture

Microsoft's new O/S is called "Backdoors" and it's not related to the porn industry except you do get fucked in the end...

TruxtonSpangler's picture

This is like in the movies when a computer network is more difficult to hack, all you have to do is type faster...

DirtyHarry's picture

Agreed - In about 20% of the attacks the attacker is stated as Microsoft Corporation......

BorisTheBlade's picture

It's much bigger than that, they have produced a software that infected nearly every PC in the world. 

New_Meat's picture

I see what you did there ;-)

virgule's picture

In a war you must have armies, sides and battlefields. The internet is a battlefield for sure, but where are the armies and on which side are they?
Some government intelligence groups are most certainly doing work, but it is most likely covert. What you are seeing on this map is kids having fun with automated tools, mixed up with some bad people doing some bad things far away, just because they can.
Wanacry did not target anyone in particular, and was not under the controlled direction of its operator. It is/was just an automated tool looking for loopholes.
It's a big stretch to describe local mobsters around the world as "an active international battlefield".

Sam.Spade's picture

Actually, it's not.  That's what emergence is all about:  Individuals coordinating together without formal leadership.

If you are under attack by an armed free market, are you in a condition of war? 

Or are you trying to say only government can go to war?  Then what do you call the American-Indian 'wars' of the 1800's weren't 'wars'?

What we have here is the free market, protected from heirarchial governments by internet anonymity, stricking back from the digital shadows for fun and profit.

As I said earlier in anothe post, read Thieves Emporium.

virgule's picture

Well, are they all really coordinating - or are these botnets, each run by a single operator, giving the appearance of large number of individuals coordinating?

It doesn't make sense for hackers to form a large gang and decide to attack a specific target - unless it's Anonymous targetting Amazon or CIA website for protest (but that is not what the map is showing).

Tribal fights/wars are common in the real world, but very unlikely on the internet - unless you are navigating the bottom of the darknet and trying to assert control of some areas. IRC wars rarely involved more than a few people on a given channel. Even psyops on social media are most effectively performed by very small groups controlling lots of remote, passive machines.

Your conclusion is spot-on, unlike the "international war" main post title. 

Sam.Spade's picture

I am sure botnets play a part, but the problem with them is that they are not creative.  I expect that armies of script-kiddies are looking for targets individually, like any free-market effort.  They only seem coordinated because they get the same sorts of inputs when making their analysis and decisions.  Their strength is that they have no communications network to attack, no predictable behaviour that can be used against them.

My point about attacking large targets is that those targets are the ones most visible and will likely have the largest payouts.  Allow me to suggest an analogue.

Maoist China in the 50's had the largest group of armed 'militia' in the world.  Mao could have just told them to all pick targets in the United States, aim their rifles at an angle and direction that would send a bullet towards that target, and semi-randomly (due to the inaccuracies inherent in rifle fire) kill us.  Of course , if they did that, most of their people would pick significant targets, like the white house, not insignificant targets, like the house where I grew up in Podunk, Nowhere.

But, of course, they didn't do that because rifles didn't have the range to hit the US from China.

But laptops do.

Hope the analogue clears up my point.

MadHatt's picture

Oh god! Theres a red dot on my house!

The RUSSIANS!!! lol

DuneCreature's picture

Amazing! ... Not a single attack originates or is run against any IPs in Israel. ....... They must have some awesome security on their networks.

Operation Talpiot must be working out really well for them.

Live Hard, I Wish I Could Make My Network As Secure As An Operation Talpiot Brand System, Die Free

~ DC v6.0

SubjectivObject's picture

(((They))) do.

(((What's))) up with that?

SubjectivObject's picture

(((They))) do.

(((What's))) up with that?

brianshell's picture

DeKalb Junction New York is the key. What in hell is located there to be such a huge target?

espirit's picture


Xervant Cyber Security.


Blano's picture

That's the place I was referring to in my above post.

Microsoft sometimes attacks it....why?

Sam.Spade's picture

The last display has a major error.  The 'Attack Origins' label implies that we know who did it.  That is just not true, not even a little bit.

War on land began before mankind's first written records.  Naval warfare was not much later.  War in the air only began near the start of the last century.

But all three arenas have one thing in common:  Bigger is better.  Large organizations can field large armies.  And, as Napoleon is reputed to have said, "God favours the big battalions".  Pirates and highwaymen just can't compete.

But cyberwarfare is different.  Big is no longer an advantage.  In fact, 'small-ness' bestows the advantage of anonymity, while 'large-ness' only calls attention to you as a target.

That's because 'hacking' is a numbers game.  Like panning for gold.  The more people you have slucing dirt, the more likely you are to find nuggets. Sure, Russia can field a troop of hackers.  But not an army.  They just don't have enough money.

Ditto any government.  But not private enterprise.

Think thousands of skilled cracksmiths, turning out sophisticated tools that are sold on the underground market to millions of data thief wannabes who, like army ants, crawl all over the web, probing for any weakness.  For most of them, living in some slum in another overgrown city, finding the right weakness is their only ticket out.  DNC or NSA or Hillary's emails, the content doesn't matter.  What does is that there is an active underground market out there, just like for hacking tools, but this one is for stolen data.

How much do you think someone paid for Hillary's emails?

Thieves Emporium is a prescient primer on this new digital badlands, where anything is for sale.  It examines the fundamental issue that is really facing our world political order:  How can nation states survive this kind of assault?  And, if they can't, what will?

The Daily Anarchist loved it and called it 'Barely fiction'.  The editors at The Daily Bell thought it was so good they ran it as a serial, which you can still read for free at

Or you can buy a copy from Amazon (rated 4.6 in 120 reviews), Nook (same rating, fewer reviews), Smashwords (ditto), or iBooks.

But get your hands on a copy now.  Because, until you do, you'll keep getting gobsmacked by this newest of, not wars, but revolutions.

stampman's picture

"We spam-trolled some folks on ZH." -Jeff Bozos.

aardvarkk's picture

"Pirates and highwaymen just can't compete."

I'm with the pirates.  Pirates are cool.

stampman's picture

There are other forms of cyberwar ongoing as well.  These are much quieter and much more devastating than mere hack attacks or phony NSA ransomware.  In this regard ZH is badly behind the learning curve to the point of abject retardation.

The most noticeable one is the Google ad war against alt news sites.  This is one most can actually see if they look.

Another biggie is eBay hiding listings of millions of disfavored sellers in favor of public corporations, Chinese companies and the ever innocent 'jusual suspects'.

Another is deleting the Twitter accounts of Trump supporters.

And another is Hillary Clinton using a private email server.

Awan Brothers = cyberwar against you and I.


BTW I found MM on the dark web with John and Tony!  Two sets.  In one she is wearing a bright fuchsia heavy cotton dress.  Part of her face is shown in several shots.  The nose is the unmistakeable kennzeichen.  Their faces are not shown, but you can tell it is John and Tony by their hands.  John's hands have bitten nails and light brown hair.  Tony has perfect manicured nails and dark brown hair.  For searchers, MM goes by Anna.

And that larger main MSM close shot of her face one often sees is from about two years after the abduction.  It is approximately contemporaneous with the Dark Web shots.  Compare it with the others from kidnapping time and think about it.

She was clearly groomed from Day One and clearly enjoys the company of 'Uncle John and Uncle Tony'.  The abduction was fake and designed for public consumption.

Cyberwar ... GAME ON!

(Oh -- MM here stands for Marilyn Monroe of course!)  /s

(And news reporting like this is just "entertainment" by legal precedent of course!)  /s

ZH are such fucking punks sometimes with this fake hacking/ransomware shit they try to throw in our faces on behalf of the Deep Shit.  This article should have been called Red Herring City.

Excuse me - I have to go puke now.

sleigher's picture

So you are saying the parents know then?  They are part of it.  Many have suggested this but you appear to be declaring it as fact.

SpanishGoop's picture

And which country is always first in the list of attack origins.....

Not NK or RU.


stampman's picture

I did not bother to read the article.  It is clearly bullshit.

Fireman's picture

USSA needs to destroyed, balkanized and permanently defanged more than its erstwhile prototype creation NAZI germany. That simple!


Don't beleive it?

deoldefarte's picture

This "Real Time" cyber  graphic is pure BS,

It is daytime in Russia, and not a single "attack" from there or going there.

I guess the Ruskis are asleep.

NoWayJose's picture

No, the Russkies hacked it too - to change the data!

Van Halen's picture

You're forgetting that Obama called Russia and told them to 'cut it out'. 

NoWayJose's picture

Moral of the story - separate your PC/Mac from the Internet. Use it for things that do not require browsing or social media. Do not download anything. Do your email on your smartphone or better - use a type of Webmail. Do your browsing on an iPad or tablet where you delete cookies often, reset it regularly, and use few if any apps.

dark fiber's picture

Pile of bullshit put together by clowns and directed towards impressionable idiots.

disagreeableness's picture

I think the tracking thingy got hacked, it won't load........ just spins and spins...... 


Van Halen's picture

The video would be better if it had 8-bit music and went 'Pew! Pew! Pew!'.


coast1's picture

buy bitcoin!   lol