Take for instance the recent case of Ashley Madison – the worldwide scandal based in Toronto, where nearly 40 million accounts were outed for using its service, and as a result, faced with detrimental consequences in their professional and personal lives.
As time goes by, we’re learning that a security breach is not just an IT hoax, but an issue that delivers very serious consequences in society. That’s why the industry and society as a whole should collectively work towards better understanding the ins and outs of the cyberspace, including the Dark Web, the side of the Internet behind the typical web browsers consumers use every day. While the majority of global consumers may not often find themselves on the Dark Web, it’s fairly easy to access and put companies at risk on a daily basis.
“The Onion Router” (Tor for short) is a network that connects directly to the Dark Web, and enables anonymous communications by letting users jump through relay nodes via multiple IP addresses. This anonymous communication is incredibly valuable for worthy causes such as: journalists uncovering stories, government officials exchanging intelligence, or even law enforcement officials trying to track predators. However, it also opens doors to stealthy hackers looking to launch a cyber-attack or share details with other cybercriminals.
In fact, the 3Q 2015 IBM X-Force Threat Intelligence Quarterly Report released in August, showed the growing dangers of cyber-attacks originating from the Dark Web through the use of the Tor network/browser. The report found that so far in 2015 more than 600,000 malicious events originated from Tor around the world. The United States lead with more than 150,000 malicious events, while countries including Romania, France, and Luxembourg, have each seen more than 50,000 malicious events originating from Tor thus far in 2015.
The growing popularity of Tor represents a troubling problem for enterprises. Employees may be tempted to download the Tor browser to find out what they can discover on the Dark Web – even for non-malicious reasons. However, if an employee activates a Tor browser on an enterprise network, it not only puts the company at risk for a malicious attack that can compromise confidential corporate data, but in some instances the organization can be held legally liable for data or illicit or malicious content that comes through that Tor node.
Companies need to understand that the Dark Web is easier to find than they assume. In order to help protect themselves from potential threats and liability concerns, organizations should:
- Develop a comprehensive corporate policy for the acceptable use of networks such as Tor. If your industry requires the use of Tor-like networks – journalists, law enforcement, cybersecurity professionals – make sure that there is a complete corporate policy in place so employees understand how and when they can access these networks. Not every employee in the company will need this access, so having a policy in place with limited approvals can lower the risk of threat and make it easier to track activity.
- Configure corporate networks to deny access to anonymous proxies or anonymization services such as Tor. There are only a few business-centric instances that may require access to the Dark Web. Therefore, most organizations should be set up to deny any access to networks.
- Warn all employees that accessing prohibited websites could result in disciplinary action. It’s important that all employees understand the threats that come with connecting to the Dark Web through networks like Tor. They should also understand the consequences that may occur if they access a stealth network on a corporate device. By doing so, employees are educated about the dangers and are less likely to put their company as well as their role inside an organization at risk.
The recent Ashley Madison hack isn’t the first incident to come out of the Dark Web. In the past, it’s been associated with classified media websites and illegal marketplace operations. The Dark Web is easy to find if someone is interested in exploring. Furthermore, whether the reasons leveraging it are noble or not, it’s important to understand the dangers of what can occur while using Tor.
As technology continues to evolve, companies – and others as well – must adapt and ensure proper security measures are in place to avoid the very real and damaging affects of a cyber-attack.
By: Sandy Bird, CTO for IBM Security
Sandy Bird was the co-founder and CTO of Q1 Labs, now part of IBM. Today, he’s the CTO for IBM Security and is responsible for the company’s strategic technology direction. Sandy has extensive technology experience specializing in database design and development for web applications. Prior to IBM and Q1 Labs, he held a variety of technical positions at the University of New Brunswick in support, development and administration. Sandy studied Electrical Engineering at the University of New Brunswick and was named an IBM Fellow in 2014.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…