Targeted network attacks

Collectively, your fellow users (us) have been recommending users remove any anti-virus software from their Macs, and years of evidence in these communities indicate that doing so clears up a most false a/v reports, unexplained, or performance robbing issues that users have reported occurring on their Macs.

Kaspersky certainly got its share of visibility in the world press, and in these support communities, as one that transmits information from client computers to the Russian government. That might be the source of your internal generated packets, or you may have unsuspectingly installed software that also included bitcoin mining code. As there are no viruses found on Macs (though many will label malware/adware as "viruses") — it makes no sense to have anti-virus software installed. The operating system has its own built-in security.

A long time ago, with a version 5.x of the Airport Utility, one could see a log of all the IP addresses bouncing off of an AirPort Extreme Router. Many of these, even at that time, could be traced to China, or just Internet-facing servers bouncing their request packets off my router. Harmless, once understood.

This is just dust in the wind as Kansas would state in their lyrics, and not specific targeted attacks. It is why your router light blinks when you think it should not, as all those Internet packets bounce off your router, on their way elsewhere.

Among the worse things you can install on a Mac is any anti-virus tool, which has nothing but false reporting to offer.

The only anti-virus type app I would recommend on a Mac is MalwareBytes. It did a great job of cleaning up a client's malware infected system. Personally I would not run real-time scans, but would only use it if you suspect malware on your system. The free version does not perform real-time scans after the trial period has ended.

Our organization is required to use an anti-virus product on our Macs and we have tried them all. None of the traditional AV products work and they all cause some type of macOS issue and performance issues. It is even impossible to find a good AV product for Windows these days (it is bad when Microsoft's AV solution may be the "best"). I lived with AV products while using Windows because at the time it was a necessity due to poor Windows' security, but these days AV products are just as bad as the malware & other threats since the AV apps collect and sell personal information and push ads.

Have you run EtreCheck? You can post the report here using the "Additional Text" icon which looks like a piece of paper.

The best way to be sure your system is clean would be to perform a clean install of macOS and only migrate your user account and data. Reinstall everything else.

To get an even better look at traffic coming from your Mac going to your router, I suggest that you consider performing data captures using something like Wireshark. You can then analyze the captures to see what potentially the culprit on your Mac may be. This would provide much more detail that your router's logs.

Get rid of Norton and Kaspesrsky as they are useless on a modern Mac.

Just to reiterate: uninstall Norton and Kaspersky.