Welcome to the AttackMap of NetWatch. You will see attacks on here in realtime as they hit our sensors |
NetWatch collects data from attackers through a global sensor network, allowing cyber-defenders to identify and protect against attacks, as they happen. Spanning six continents, our sensors capture intelligence on over 10 million attacks daily, leading to hundreds of malicious system takedowns. Driven by a dedicated community of like-minded individuals hosting sensors on a diverse range of systems, our network expands daily—enhancing visibility and accelerating response times.
Our network of sensors spans six continents, detecting and reporting threats in real-time to our central backend.
We analyze over 10 million cyber attacks every day allowing us to idenitify, track and disrupt adversarial groups.
Our collaboration with authorities allows us to regularly take down full botnets of malicious actors.
NetWatch is based on a large number of sensors that collect SSH brute-force attacks globally and report them to a central backend. By using modified OpenSSH server instances, we are able to blend in with other systems. The collected data is then used to identify the owners of abusive systems and report them. Furthermore, we also use the data to identify clusters of adversaries and take them down in cooperation with law enforcement.
For all the details have a look at our talk at the 38C3:
A large number of NetWatch sensors are hosted by the community on their infrastructure. Join the community by using your infrastructure to collect attacks and make the internet a safer place.
If you don't have any infrastructure to host a sensor on but still want to support us, you can sponsor a sensor for €1 a month.
If you not only want to support us by hosting a sensor but also want to join the team in using the data to take down adversaries, then get in touch: contact@netwatch.team.