top of page

Observing The Check Point Live Cyber Threat Map


It’s 7:16 at night and so far 20,193,575 cyber attacks have occurred at the time of this writing. By the end of this blog post, the number will have increased to almost 1 million more. Part of what is so encapsulating about cybersecurity is the colossal number of attacks that occur everyday on the internet. Whether they are cyber attacks launched by governments, cyber criminal rings, professional loan wolves or “script kiddies”, everyday the internet serves as a wild west for these bad actors to do their worst.

There are many ways to monitor cyber attacks as they occur, but your correspondent is watching them live on Check Point’s Cyber Threat Map. Check Point Software Technologies is an international software company headquartered in Tel-aviv, Israel. They are known to provide an array of hardware and software infosec products (everything from networks to the cloud and mobile security).


Featured on Check Point’s website, “ThreatCloud” is an interactive map that shows cyber attacks as they occur in real time. By clicking on any country, a user is able to view the most common malware trends that have struck national organizations in the last month. For Example: Clicking on China, it is seen that 4.7% of their malware attacks were banking trojans, 4.8% were botnets, 6.5% were cryptominers, 7.6% were mobile attacks, and 1.2% were ransomware.

ThreatCloud shows the top targeted countries for the day (right side bar) as Mongolia, Bolivia, Indonesia, Nepal, and Taiwan. The top targeted industries are utilities, education, and finance (also right side bar). Most often, a user will see bright red lasers beam back and forth from country to country, which are malware attacks. Yellow beams are exploits and bright purple beams represent phishing attacks.

It is fascinating to watch. An onslaught of red malware attacks shoot from the U.S. across the globe to Vietnam. The Netherlands sends a red attack straight down to South Africa. Kenya and Spain are then hit by purple phishing attacks from the U.S. A yellow exploit does a loop in India as someone in India attacks someone else in the same country.


In truth, not much. A cyber threat map is not a “doomsday” clock, but is rather a highly interesting way to observe cyber activity between nations on the internet. It is fascinating to watch how an attack from one pinpoint area will travel thousands of kilometers to reach a location across the planet. Countries that are rarely seen together physically (connections as diverse as the Côte d’Ivoire and Greenland) are frequently pinging each other in a game of offensive warfare.

In thinking about how politicians must scramble to untangle political policies and perform dicey diplomacy, nothing compares to the way that nations attack each other on the WWW (“Wild West Web”).


bottom of page