Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Attackers Use Obscurity, Enterprises Should Too

As threat actors attempt to remain undetected to carry out attacks, they often use a variety of tools to obscure their identities and activity. Organizations meanwhile leave their networks and activity open for inspection by anyone who chooses to perform basic reconnaissance. 

As threat actors attempt to remain undetected to carry out attacks, they often use a variety of tools to obscure their identities and activity. Organizations meanwhile leave their networks and activity open for inspection by anyone who chooses to perform basic reconnaissance. 

For example, employees directly using the Internet expose their IP address, location and network identity. To make matters worse, most enterprise networks are fixed, static and easily located. This makes any external connection used by a company a potential source of attack for targeting data and systems.

While obscurity is an offensive tool for attackers, it also represents a defensive measure for organizations. Let’s consider the benefits of concealing network infrastructure and activity from the outside world to reduce the enterprise attack surface.

Network privacy is a new and often overlooked concept that can enable an organization to protect its identity, intellectual property, corporate information and customer data while conducting business over the Internet. This approach provides an additional layer of protection that significantly complicates the ability of attackers to identify and attack resources, and breach the network. 

Internet Access Privacy can eliminate “footprints” created by user activity. Anyone using the Internet exposes their IP (internet protocol) addresses and network identities, which exposes the organization to attack. Especially high value targets such as law enforcement, banks and national infrastructure providers. This approach prevents tracking cookies, browser fingerprinting, and device characteristics from being passed to target websites. It also enables malware protected browsing, since without access to device information malicious websites won’t upload payloads.

Security through obscurity at the network layer can be achieved by transparently distributing communications within and across multiple clouds using Software-Defined Network (SDN) virtualization and dynamically shifting communications across multiple commercial providers. The use of multi-hop transport makes it extremely difficult for anyone including hackers or search engine optimization companies to determine actual user information, and origination location and identities.

Meanwhile there are several techniques available for concealing user activity on the internet. These include browser plug-ins, virtual desktop and Open VPN implementations. They can obscure enterprise information, origination location and identity, and enable enterprises to confidently conduct secure business on the internet.

The enterprise needs to make it more difficult for threat actors to know what their priorities are, and discover their offensive activities. Network privacy is a fundamental concept that should be applied to all sensitive operations including incident response, threat hunting, and fraud investigations. It’s time for the good guys to start using the same tactics as attackers in order to level the playing field or even gain a competitive advantage.

Advertisement. Scroll to continue reading.
Written By

Gordon Lawson is CEO of Conceal, a company that uses Zero Trust isolation technology to defend against sophisticated cyber threats, malware and ransomware at the edge. Previously, he served as president at RangeForce Inc. Gordon has nearly two decades of experience in the security sector with a focus on SaaS optimization and global enterprise business development from global companies including Reversing Labs, Cofense (formerly PhishMe) and Pictometry. As a naval officer, Gordon conducted operational deployments to the Arabian Gulf and Horn of Africa, as well as assignments with the Defense Intelligence Agency, US Marine Corps, and Special Operations Command. He is a graduate of the US Naval Academy and holds an MBA from George Washington University.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet