As threat actors attempt to remain undetected to carry out attacks, they often use a variety of tools to obscure their identities and activity. Organizations meanwhile leave their networks and activity open for inspection by anyone who chooses to perform basic reconnaissance.
For example, employees directly using the Internet expose their IP address, location and network identity. To make matters worse, most enterprise networks are fixed, static and easily located. This makes any external connection used by a company a potential source of attack for targeting data and systems.
While obscurity is an offensive tool for attackers, it also represents a defensive measure for organizations. Let’s consider the benefits of concealing network infrastructure and activity from the outside world to reduce the enterprise attack surface.
Network privacy is a new and often overlooked concept that can enable an organization to protect its identity, intellectual property, corporate information and customer data while conducting business over the Internet. This approach provides an additional layer of protection that significantly complicates the ability of attackers to identify and attack resources, and breach the network.
Internet Access Privacy can eliminate “footprints” created by user activity. Anyone using the Internet exposes their IP (internet protocol) addresses and network identities, which exposes the organization to attack. Especially high value targets such as law enforcement, banks and national infrastructure providers. This approach prevents tracking cookies, browser fingerprinting, and device characteristics from being passed to target websites. It also enables malware protected browsing, since without access to device information malicious websites won’t upload payloads.
Security through obscurity at the network layer can be achieved by transparently distributing communications within and across multiple clouds using Software-Defined Network (SDN) virtualization and dynamically shifting communications across multiple commercial providers. The use of multi-hop transport makes it extremely difficult for anyone including hackers or search engine optimization companies to determine actual user information, and origination location and identities.
Meanwhile there are several techniques available for concealing user activity on the internet. These include browser plug-ins, virtual desktop and Open VPN implementations. They can obscure enterprise information, origination location and identity, and enable enterprises to confidently conduct secure business on the internet.
The enterprise needs to make it more difficult for threat actors to know what their priorities are, and discover their offensive activities. Network privacy is a fundamental concept that should be applied to all sensitive operations including incident response, threat hunting, and fraud investigations. It’s time for the good guys to start using the same tactics as attackers in order to level the playing field or even gain a competitive advantage.

Gordon Lawson is CEO of Conceal, a company that uses Zero Trust isolation technology to defend against sophisticated cyber threats, malware and ransomware at the edge. Previously, he served as president at RangeForce Inc. Gordon has nearly two decades of experience in the security sector with a focus on SaaS optimization and global enterprise business development from global companies including Reversing Labs, Cofense (formerly PhishMe) and Pictometry. As a naval officer, Gordon conducted operational deployments to the Arabian Gulf and Horn of Africa, as well as assignments with the Defense Intelligence Agency, US Marine Corps, and Special Operations Command. He is a graduate of the US Naval Academy and holds an MBA from George Washington University.
More from Gordon Lawson
- Digesting CISA’s Cross-Sector Cybersecurity Performance Goals
- How to Prepare for New SEC Cybersecurity Disclosure Requirements
- The Zero Day Dilemma
- The Future of CyberSecurity is Prevention
- Is an Infrastructure War on the Horizon?
- For Smaller Enterprises Infrastructure Security Starts With Hygiene
- Healthcare and the Other CIA
- Universities Should Prepare for Attacks
Latest News
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
- Blumira Raises $15 Million for SMB-Tailored XDR Platform
- Microsoft Will Pay $20M to Settle US Charges of Illegally Collecting Children’s Data
- KeePass Update Patches Vulnerability Exposing Master Password
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Keep Aware Raises $2.4M to Eliminate Browser Blind Spots
- Google Workspace Gets Passkey Authentication
