March 06, 2013, 3:12 PM — Deutsche Telekom launched a Web portal Wednesday that provides a real-time visualization of cyberattacks detected by its network of sensors placed around the world.
The website is called Sicherheitstacho.eu and aims to provide a situational overview of global cyberattack activity. The attack data is collected by 97 sensors known as honeypot systems deployed by the company around the world.
These sensors serve as decoys for automated attacks targeting vulnerabilities in network services, websites, smartphones and other types of systems. The incidents are displayed in real time on an interactive map as they hit the sensors and a live ticker lists their type, their country of origin and the targeted services.
Deutsche Telekom uses the information gathered from the sensors to protect its own systems and to warn customers about the prevalence of specific threats. The company shares the data with the authorities and other security vendors.
The new website also provides attack statistics for the past month. For example, it shows that network services like SMB (Server Message Block), NetBIOS or SSH are frequently targeted by automated attacks. Website vulnerabilities are the second-most-common target.
According to the site, last month there were more than 27.3 million attack attempts against the SMB services mimicked by the sensors; 937,476 against the NetBIOS services; 687,446 on port 33434; 669,589 against SSH; and 522,671 on port 5353.
The top countries from where attacks originated were Russia (2.4 million attacks), Taiwan (907,102 attacks) and Germany (780,425 attacks). The United States was in sixth place with 355,341 attacks originating from IP (Internet Protocol) addresses in the country.
This is not the first real-time cyberattack map based on data collected by honeypots. The Honeynet Project, a nonprofit security research organization, launched a similar service in September 2012, but the organization maintains fewer sensors than Deutsche Telekom.
The new Sicherheitstacho.eu portal was unveiled at the Cebit trade show in Hanover, Germany. It was built by Deutsche Telekom as part of the company's partnership with the Alliance for Cyber Security, an initiative of the German Federal Office for Information Security (BSI) and the German Federal Association for Information Technology, Telecommunications and New Media (BITKOM).