Connect with us

Hi, what are you looking for?


Network Security

Attackers Use Obscurity, Enterprises Should Too

As threat actors attempt to remain undetected to carry out attacks, they often use a variety of tools to obscure their identities and activity. Organizations meanwhile leave their networks and activity open for inspection by anyone who chooses to perform basic reconnaissance. 

As threat actors attempt to remain undetected to carry out attacks, they often use a variety of tools to obscure their identities and activity. Organizations meanwhile leave their networks and activity open for inspection by anyone who chooses to perform basic reconnaissance. 

For example, employees directly using the Internet expose their IP address, location and network identity. To make matters worse, most enterprise networks are fixed, static and easily located. This makes any external connection used by a company a potential source of attack for targeting data and systems.

While obscurity is an offensive tool for attackers, it also represents a defensive measure for organizations. Let’s consider the benefits of concealing network infrastructure and activity from the outside world to reduce the enterprise attack surface.

Network privacy is a new and often overlooked concept that can enable an organization to protect its identity, intellectual property, corporate information and customer data while conducting business over the Internet. This approach provides an additional layer of protection that significantly complicates the ability of attackers to identify and attack resources, and breach the network. 

Internet Access Privacy can eliminate “footprints” created by user activity. Anyone using the Internet exposes their IP (internet protocol) addresses and network identities, which exposes the organization to attack. Especially high value targets such as law enforcement, banks and national infrastructure providers. This approach prevents tracking cookies, browser fingerprinting, and device characteristics from being passed to target websites. It also enables malware protected browsing, since without access to device information malicious websites won’t upload payloads.

Security through obscurity at the network layer can be achieved by transparently distributing communications within and across multiple clouds using Software-Defined Network (SDN) virtualization and dynamically shifting communications across multiple commercial providers. The use of multi-hop transport makes it extremely difficult for anyone including hackers or search engine optimization companies to determine actual user information, and origination location and identities.

Meanwhile there are several techniques available for concealing user activity on the internet. These include browser plug-ins, virtual desktop and Open VPN implementations. They can obscure enterprise information, origination location and identity, and enable enterprises to confidently conduct secure business on the internet.

Advertisement. Scroll to continue reading.

The enterprise needs to make it more difficult for threat actors to know what their priorities are, and discover their offensive activities. Network privacy is a fundamental concept that should be applied to all sensitive operations including incident response, threat hunting, and fraud investigations. It’s time for the good guys to start using the same tactics as attackers in order to level the playing field or even gain a competitive advantage.

Written By

Gordon Lawson is CEO of Conceal, a company that uses Zero Trust isolation technology to defend against sophisticated cyber threats, malware and ransomware at the edge. Previously, he served as president at RangeForce Inc. Gordon has nearly two decades of experience in the security sector with a focus on SaaS optimization and global enterprise business development from global companies including Reversing Labs, Cofense (formerly PhishMe) and Pictometry. As a naval officer, Gordon conducted operational deployments to the Arabian Gulf and Horn of Africa, as well as assignments with the Defense Intelligence Agency, US Marine Corps, and Special Operations Command. He is a graduate of the US Naval Academy and holds an MBA from George Washington University.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...