Why should businesses (small and large) care about the dark web? Here is one reason: if you don't enforce a policy (you do have a policy on the dark web, don't you?) and controls (what firewalls and network restrictions?) to prevent undesirable network access, here are some scenarios:
1) Allowing your employees access to TOR (=the dark web) would enable them to access it, from inside the company network. Since the TOR traffic is encrypted, and their IP addresses are obfuscated, conventional firewalls (even NextGen firewalls) and network sniffers cannot detect the connections to (potentially illicit) sites on the dark web. 2) A rogue employee can set up a dark web (hidden service) server on the desktop or a system under their desk. The actual physical location of the hidden (dark web) service would be undetectable since it is only accessible with TOR software through the dark web. What are they selling? Where are their customers coming from? You can't tell. 3) A visitor or IT contractor could plug something into your network as simple as a single board computer as small as a credit card (see the Raspberry Pi) set up a TOR hidden service to allow an intruder to come in to your company network without your firewall or IDS/IPS detecting the entry at the perimeter. 4) Malware can set up a TOR connection and allow remote access without anyone having to enter your premises. 5) Outsourced services are so common now that outside organizations often install servers managed by those external entities, inside your network. Who knows what VirtualBox enabled virtual servers are running TOR and enabling connections to and from who knows where? Should we just give up then? It might seem hopeless, but there are strategies to configure your company network to allow monitored, audited, and logged access to the dark web without allowing the above scenarios. It can be a straightforward plan to not only enforce the appropriate policy, but also have full awareness and visibility for authorized activities. Send me a contact request and let's talk. Comments are closed.
|