If iftop is reporting connections to other countries then it means there is a program running on your computer that is initiating those connections or a program on another computer initiating those connections to you. The question becomes locating which program is initiating these connections.

Steps to figure out what is causing those connections:

Look for a program initiating connections in the background on your behalf that you don't know about, or you've forgotten. Run the top command in another terminal window and take a screen shot of the first 100 processes there. Take time to understand what each is and what each is responsible for. Halt all processes in the top list that you know about.

If you have background tasks like daemons, databases, torrent programs, instant messengers, background tasks, scripts or whatever, then stop them all. You want your computer to do nothing, then you can identify the offending program, or if the offending program is hiding.

Once I stopped every program that was not an operating system process on my Linux box then iftop fell silent. I was then able use process of elimination to find the program that was launching all the connections.

If iftop still reports connections on a bare operating system then there could be a hidden program launching them, or a program on the internal or external network that is responsible.

You could create a boot disk of your operating system and load it up with a fresh OS, and run iftop on that, to identify if it is your box launching the connections, or it is your computer receiving connections from another node in the internal network or external network.

For me it was a forehead slapper, a program I left running in the background from long ago. I was kind of hoping I found a tentacle of a bot-net.