Understanding The Digital Attack Map


The Digital Attack Map is a free online service that provides live and historical world-wide DDoS attack data between countries for a given day.

What is a DDos attack?

Arbor Network’s ATLAS® global threat intelligence system sources the data. The front-end and presentation is the work of Jigsaw LLC. You can visit digitalattackmap.com directly in a web browser or do a google search on digitalattackmap.com both methods should work.

You can make sure you are actually on the real site and not a phishing site by clicking on the padlock symbol in the address bar and inspecting the certificate issuer. If it says GTS CA 1DS, you are on the real website.

Heads Up & Warnings

  • The interface can be confusing and slow in some cases owing to the amount of data displayed. So I recommend using a computer with plenty of CPU and memory or enabling power mode on your laptop.
  • I haven’t been able to get the embed feature to work.
  • The date on the timeline does not match the date on the top of the right sidebar because it begins on the 2nd of January instead of the 1st.
  • The news stories seem to be missing in the current version of the interface.
  • The round buttons below Size(Bandwidth, in Gbps) aren’t working for me.


To read a map effectively, you need to look at the map key. The column on the right is that key. Unlike a map key on printed material, this key has buttons to filter the map data. The Large, Unusual, and Combined buttons, filter the DDos map data by the size of the attack for a given day. The list of buttons below Color Attacks By is self-explanatory.

The section below Shape indicates the source and destination of the attack.


Keep in mind that just because an attack is sourced in a country it doesn’t mean that the attacker performing the attack is in the same country. He could be using a compromised machine from another country. You should use the data to get a general idea of DDos activities on a global level.

Sources: Google Trust Services Repository