Cyberattacks continue to grow year over year. An astounding 5,126,930,507 breached records in 2021 represent an 11% increase in security incidents compared to 2020, based on IT governance analysis. Security professionals are in a constant battle to improve organizational security posture and prevent risks across all potential attack surfaces.
Web threats are, by far, the dominant attack vector for which Secure Web Gateways (SWGs) and NG Firewalls utilize URL/content filtering, advanced threat defense, and malware protection to defend users from internet-borne threats, as well as help enterprises enforce internet policy and regulation compliance. While security teams focus on the inbound threats from adversaries, they should also keep in mind in their risk assessments the weakest link in the security chain.
Humans. People are fallible, and they make mistakes. Even with proper awareness and education by IT teams to online risks, we all can be tricked to click on a phishing link that seems legit. Adversaries are taking advantage of human nature and use social engineering attacks to play on our emotions and curiosity. They often invoke urgency so that people will not stop to think. In their haste, people act against the companys and their own best interests. Employees also attempt to bypass security controls to gain access to websites that breach acceptable internet usage policies, such as adult content sites, gaming and gambling sites, and P2P file sharing websites. Rogue employees, or even overly enthusiastic employees with good intention, may try to circumvent the organizations security restrictions to perform tasks or other assignments by downloading unauthorized applications, connecting to unsanctioned online applications and cloud services, or using public proxy servers or VPN services, all of which impose greater risk to the organization by extending the attack surface.
In this blog post, I will address the different ways organizations can improve their security posture from internal risks imposed by either rogue employees trying to bypass security controls, or compromised hosts with malware that tries to exfiltrate data.
A rogue employee undermines the organization by ignoring rules and policies. They might openly break these rules, without concern of being fired, or covertly subvert them to keep from being discovered. Their actions might be relatively harmless, or serious enough to pose a risk to the security of the organizations data. In the worst cases, they may open the door to malware, or attempt to undermine the organization by giving data to a competitor or engage in corporate espionage.
As organizations utilize excessive restrictions to protect data and reduce the attack surface, the first thing users are going to do is look for a way around them, and then the security measures completely fail. Some of the tools available to circumvent security controls and organizational policy are web proxies and VPN. Both proxies and VPNs enable a high degree of privacy, allowing anonymous access of the internet. By doing so, the user is able to hide online activity and bypass any security policies, exposing the organization to malicious sites or data exfiltration. Lets dive into the differences found in such anonymity tools.
A proxy server acts as gateway between users and the internet. A proxy server has an IP address of its own, so internet traffic appears to be coming from somewhere else, hiding the sources true IP address. Proxy is ideal for basic functions like anonymous web browsing and circumventing content restrictions. Proxys main advantage is performing IP masking and misdirection, making it good for the viewing of geographically limited content. Proxies allow users to bypass content restrictions, monitoring, or enforcement of website content restrictions.
The different proxy types include:
A Virtual Private Network, or simply VPN, gives you online privacy and anonymity by creating a private network from a public internet connection. A VPN is similar to a proxy server in that it makes internet traffic appear to be coming from a remote IP address. However, with VPNs, traffic runs through an encrypted tunnel between the remote VPN network and the users computer or device, making VPNs an effective solution for ensuring network security and anonymity.
A VPN from a reliable provider ensures users have a safe way to browse the internet, especially when using Wi-Fi at a public location such as airports, hotels, and cafs, but you actually may be logged into a Wi-Fi network created by cybercriminal who now can easily spy on your browsing and steal any personal information you used online.
VPNs have been used by the business sector for many years. Remote employees use VPNs to create a tunnel from their device to the organization over the internet. Once a VPN tunnel is established, users on the public network are able to send and receive data as if they were directly connected to the private network. VPN usage skyrocketed by 41% in a single month, according to industry research on how COVID accelerated the distributed workforce.
There are many VPN services out there from free to premium VPN with ultra-speed connectivity. VPN services arent without their drawbacks, though. While theyre meant to protect your privacy, a VPN provider can see your web traffic and, in some cases, log it.
While Proxies and VPNs are good tools to remain anonymous and circumvent any organizational/governmental restrictions, Tor stands out first in the line when we compare the level of anonymity provided by various tools. Tor, or The Onion Router, is an open-source privacy network that enables anonymous web browsing. The worldwide Tor computer network uses secure, encrypted protocols to ensure that users online privacy is protected. Tor users digital data and communications are shielded using a layered approach that resembles the nested layers of an onion.
Tor technology was initially developed and solely used by the U.S. Navy to protect sensitive government communications. The network was later made available to the public as an open-source platform, meaning that Tors source code is accessible to everyone. Tor is upgraded and enhanced by volunteer developers in the Tor network. (source: https://www.torproject.org/about/history/)
Using a distributed network of nodes on the Internet, Tor provides anonymity to users. Internet Service Providers (ISPs), governments, and corporations cant know which sites youve been visiting. Authorities also cannot censor content or know your location.
Tor is able to do this because it hides your IP address and the addresses of sites you visit. Your packets are bounced across multiple nodes, with each node having only information about the previous and next hops along the route. Moreover, Tor nodes are run by volunteers without any centralized control. Tor is a network service, not a peer-to-peer service like BitTorrent.
The easiest way to use Tor is to use the Tor Browser, but there are many other services and software based on Tor. Due to the extreme anonymity Tor provides, its also been widely used by cyber criminals conducting illegal activities in the deep and dark web. Unless your organization is involved with analyzing the dark web using Tor for security research, Tor access should be blocked and no one in the organization should have any reason to search there.
Security professionals in charge of applying security measures need to find the balance between over-security, which impacts productivity and may result in frustrated employees or inspire over-enthusiastic employees to bypass the restrictions, and less-security, which may expose the organization to cyber risks. It is important for IT to strike a balance between not excessively clamping down on users activities while simultaneously educating users to stay secure and use IT infrastructure responsibly.
Employee security awareness training and education about cyberthreats are crucial to minimize damage from phishing emails and opening suspicious links, the impact of ransomware attacks on the organization, and the risk of sensitive data falling into the wrong hands. Some of the practices you should perform include:
I remember taking the Google phishing quiz a few month ago and I admit that I missed a few phishing cases. Even a trained eye can be fooled in regard to the legitimacy of a phishing website or a phishing email. So, monitoring and policy enforcement is essential. Goes without saying that web security, content filtering, and firewall policies should be in place to block malicious content.
A good practice is to block access to proxies, VPNs, and Tor. An application control system can be implemented to prevent the installation of the Tor browser, for example. Even if someone did manage to install it, using the network security system rules can be set to detect Tor traffic. Additionally, access to public proxies and VPNs should be restricted. There is no reason for an employee to use such services besides going to online apps or services that arent allowed by organizational policy, or in attempts to exfiltrate data and hide their tracks.
The Allot Traffic Management and Assurance platform is an inline network solution for checking and inspecting each packet in the network. Its Deep Packet Inspection (DPI) engine and classification logic are powered by machine learning and AI. Additionally, dedicated data and security researchers optimize, update, and create new detection logic to detect the most obfuscated proxies, VPNs, and Tor traffic out there. Our recent research is able even to detect applications and types of activities varying from file transfer, streaming, or web surfing within encrypted links (stay tuned for more info about it later on), enabling security professionals to gain visibility and control on everything that is running in the network.
Allots solution for traffic management and enforcement can also be used to detect and block any activities done over proxy, VPN, or Tor, and complement any security device already in place. Since the Allot engine inspects every packet on the network layer, it provides another layer of protection, detecting unauthorized traffic and stopping it. Please contact us for more information.
In short, security awareness training, constant monitoring and enforcement, and access restrictions are all strategies you can employ to stop rogue employees.
Read this article:
How to protect against the weakest link in cybersecurity THE USERS - Security Boulevard
- Tor Browser Bundle - Free download and software reviews ... [Last Updated On: April 26th, 2014] [Originally Added On: April 26th, 2014]
- Tor - Official Site [Last Updated On: April 26th, 2014] [Originally Added On: April 26th, 2014]
- Tor Browser (M-S0FT) - Video [Last Updated On: April 26th, 2014] [Originally Added On: April 26th, 2014]
- Downloading torrents in utorrent using tor browser - Video [Last Updated On: April 27th, 2014] [Originally Added On: April 27th, 2014]
- Tor Browser installieren [Tutorial deutsch] - Video [Last Updated On: May 1st, 2014] [Originally Added On: May 1st, 2014]
- TOR BROWSER KURULUM+KULLANIM - Video [Last Updated On: May 1st, 2014] [Originally Added On: May 1st, 2014]
- tor browser descargar e instalar - Video [Last Updated On: May 2nd, 2014] [Originally Added On: May 2nd, 2014]
- Entering the Deep Web-Deep Web Url link (2014) - Video [Last Updated On: May 6th, 2014] [Originally Added On: May 6th, 2014]
- Red Onion Tor Browser for iPhone - Video [Last Updated On: May 10th, 2014] [Originally Added On: May 10th, 2014]
- working referral link to agora hidden market place -new url ( onion site ) - Video [Last Updated On: May 13th, 2014] [Originally Added On: May 13th, 2014]
- how to install TOR Browser On LINUX - Video [Last Updated On: May 17th, 2014] [Originally Added On: May 17th, 2014]
- Tor Browser Free Download/Install|Free Latest Version|64/32 bit Windows|2014 - Video [Last Updated On: May 17th, 2014] [Originally Added On: May 17th, 2014]
- How to Install the New Tor Browser in Kali Linux - Video [Last Updated On: May 19th, 2014] [Originally Added On: May 19th, 2014]
- Grams Darknet black market search engine demo - Video [Last Updated On: May 19th, 2014] [Originally Added On: May 19th, 2014]
- How to download and use Tor browser [4K] - Video [Last Updated On: May 20th, 2014] [Originally Added On: May 20th, 2014]
- Free App Lets the Next Snowden Send Big Files Securely and Anonymously [Last Updated On: May 22nd, 2014] [Originally Added On: May 22nd, 2014]
- How to get free 7 day trials for XBL works as of May 2014 - Video [Last Updated On: May 24th, 2014] [Originally Added On: May 24th, 2014]
- Free Access to Deep Web (HIdden Wikki)(Tor Browser)-free 2014 - Video [Last Updated On: May 27th, 2014] [Originally Added On: May 27th, 2014]
- Cybersecurity official uses Tor but still gets caught with child porn [Last Updated On: September 1st, 2014] [Originally Added On: September 1st, 2014]
- Federal Cybersecurity Director Found Guilty on Child Porn Charges [Last Updated On: September 1st, 2014] [Originally Added On: September 1st, 2014]
- Browse Anonymously, Browse Safely - The App Center [Last Updated On: September 1st, 2014] [Originally Added On: September 1st, 2014]
- Tor Browser for iOS - Free download and software reviews ... [Last Updated On: September 1st, 2014] [Originally Added On: September 1st, 2014]
- Softonic - Tor Browser - Download [Last Updated On: September 1st, 2014] [Originally Added On: September 1st, 2014]
- Review: Tor Browser Bundle lets you browse in anonymity ... [Last Updated On: September 1st, 2014] [Originally Added On: September 1st, 2014]
- Guide to using the Tor Browser Bundle for secure communication - Video [Last Updated On: September 1st, 2014] [Originally Added On: September 1st, 2014]
- What is the Tor Browser? - Tor Project: Anonymity Online [Last Updated On: September 1st, 2014] [Originally Added On: September 1st, 2014]
- Tor Browser - Problem Connecting? [Last Updated On: September 1st, 2014] [Originally Added On: September 1st, 2014]
- Hack-Bypass Hotspot (Mikrotik) With Tor Browser - Video [Last Updated On: September 4th, 2014] [Originally Added On: September 4th, 2014]
- Using tor-browser on ubuntu 14.04 LTS - Video [Last Updated On: September 7th, 2014] [Originally Added On: September 7th, 2014]
- Download Tor Browser Bundle 3 6 5 For Win, Mac, Linux - Video [Last Updated On: September 8th, 2014] [Originally Added On: September 8th, 2014]
- Tor browser NOT SAFE without this quick step - Video [Last Updated On: September 12th, 2014] [Originally Added On: September 12th, 2014]
- Why a thinly sourced, unverified report about Comcast has the Web in an uproar [Last Updated On: September 16th, 2014] [Originally Added On: September 16th, 2014]
- Comcast Denies It Will Cut Off Customers Who Use Tor, The Web Browser For Criminals (CMCSA) [Last Updated On: September 16th, 2014] [Originally Added On: September 16th, 2014]
- Comcast calls rumor that it disconnects Tor users wildly inaccurate [Last Updated On: September 16th, 2014] [Originally Added On: September 16th, 2014]
- Guns, drugs and freedom: the great dark net debate [Last Updated On: September 18th, 2014] [Originally Added On: September 18th, 2014]
- How to instal Tor Browser - Video [Last Updated On: September 20th, 2014] [Originally Added On: September 20th, 2014]
- How to use the Tor Browser to surf the web anonymously [Last Updated On: September 23rd, 2014] [Originally Added On: September 23rd, 2014]
- Download and Install Tor Browser Bundle - Video [Last Updated On: September 24th, 2014] [Originally Added On: September 24th, 2014]
- TOR Browser: Safe to use 2014? - Yahoo Answers [Last Updated On: September 25th, 2014] [Originally Added On: September 25th, 2014]
- install tor browser for kali linux 1.0.9 - Video [Last Updated On: September 26th, 2014] [Originally Added On: September 26th, 2014]
- Alex Jones Interviews Creator of TOR Browser- Infowars September 2014 - Video [Last Updated On: September 29th, 2014] [Originally Added On: September 29th, 2014]
- Dreaming of a Tor Button for Firefox [Last Updated On: September 30th, 2014] [Originally Added On: September 30th, 2014]
- Tor Executive Director Hints At Firefox Integration [Last Updated On: September 30th, 2014] [Originally Added On: September 30th, 2014]
- Install tor browser on kali linux - Video [Last Updated On: September 30th, 2014] [Originally Added On: September 30th, 2014]
- How to install TOR browser bundle on sparkylinux 32bit - Video [Last Updated On: October 1st, 2014] [Originally Added On: October 1st, 2014]
- Firefox could be adding built-in Tor support for improved private browsing [Last Updated On: October 2nd, 2014] [Originally Added On: October 2nd, 2014]
- Download Tor Browser Windows 3.6 Keygen Crack [No Survey] - Video [Last Updated On: October 2nd, 2014] [Originally Added On: October 2nd, 2014]
- Tor Browser Bundle: Download & Start - Tutorial deutsch - Video [Last Updated On: October 4th, 2014] [Originally Added On: October 4th, 2014]
- Morsay Enqute exclusif les combats de Rue - Video [Last Updated On: October 5th, 2014] [Originally Added On: October 5th, 2014]
- With This Tiny Box, You Can Anonymize Everything You Do Online [Last Updated On: October 13th, 2014] [Originally Added On: October 13th, 2014]
- Tor Browser Cheat TankPit - Video [Last Updated On: October 13th, 2014] [Originally Added On: October 13th, 2014]
- Anonabox plug-and-pay router wants to bring Tor to the masses [Last Updated On: October 15th, 2014] [Originally Added On: October 15th, 2014]
- Anonabox Promises Total Online Anonymity That's Easy, Open Source, and Cheap [Last Updated On: October 15th, 2014] [Originally Added On: October 15th, 2014]
- Investors flock to tiny device that promises online anonymity [Last Updated On: October 16th, 2014] [Originally Added On: October 16th, 2014]
- This tiny box anonymises all your online actions [Last Updated On: October 16th, 2014] [Originally Added On: October 16th, 2014]
- How to run all your Internet's programs thru Tor Browser - Video [Last Updated On: October 16th, 2014] [Originally Added On: October 16th, 2014]
- Tails 1.2 : Released with Tor Browser 4.0 - Video [Last Updated On: October 21st, 2014] [Originally Added On: October 21st, 2014]
- Tor Browser Windows 3.6 Crack Download Free / Download No Survey 2014 - Video [Last Updated On: October 21st, 2014] [Originally Added On: October 21st, 2014]
- How to Use the Tor Browser Bundle - Video [Last Updated On: October 22nd, 2014] [Originally Added On: October 22nd, 2014]
- Access Blocked site using Tor Browser and chrome [2014] - Video [Last Updated On: October 26th, 2014] [Originally Added On: October 26th, 2014]
- Be Anonymous Online : TOR Browser - Video [Last Updated On: October 26th, 2014] [Originally Added On: October 26th, 2014]
- Tor Browser 4.0 is released | The Tor Blog [Last Updated On: October 27th, 2014] [Originally Added On: October 27th, 2014]
- Menggunakan TOR Browser - Video [Last Updated On: October 29th, 2014] [Originally Added On: October 29th, 2014]
- How to install and run TOR browser on Kali Linux - Video [Last Updated On: October 30th, 2014] [Originally Added On: October 30th, 2014]
- How to install and use the Tor browser in windows... - Video [Last Updated On: October 30th, 2014] [Originally Added On: October 30th, 2014]
- Setup Tor Browser on Mac OS 10 - Video [Last Updated On: October 31st, 2014] [Originally Added On: October 31st, 2014]
- Facebook Just Created a Custom Tor Link and That's Awesome [Last Updated On: November 1st, 2014] [Originally Added On: November 1st, 2014]
- How to Use Deep Web Using Tor Browser - Video [Last Updated On: November 1st, 2014] [Originally Added On: November 1st, 2014]
- Facebook opens up to Tor users with new secure .onion address [Last Updated On: November 1st, 2014] [Originally Added On: November 1st, 2014]
- How to use the Tor browser and the Open PGP applet - Video [Last Updated On: November 1st, 2014] [Originally Added On: November 1st, 2014]
- tor browser [MEDIAFIRE][NO SURVEY] - Video [Last Updated On: November 1st, 2014] [Originally Added On: November 1st, 2014]
- Facebookcorewwwi.onion ( Preview ) - Video [Last Updated On: November 2nd, 2014] [Originally Added On: November 2nd, 2014]
- How to use Tor for Facebook (Windows, Mac & Linux) [Last Updated On: November 4th, 2014] [Originally Added On: November 4th, 2014]
- Tor Browser Bundle - Secure your Web surfing - [Free Download] - Video [Last Updated On: November 5th, 2014] [Originally Added On: November 5th, 2014]
- The Law Scores a Victory Against Dark Net Denizens [Last Updated On: November 8th, 2014] [Originally Added On: November 8th, 2014]
- Tor Browser New 4 - Video [Last Updated On: November 9th, 2014] [Originally Added On: November 9th, 2014]
- How to (Install- Enable) Flash Player on Tor Browser - Video [Last Updated On: November 9th, 2014] [Originally Added On: November 9th, 2014]
- Tor Browser New 2 - Video [Last Updated On: November 9th, 2014] [Originally Added On: November 9th, 2014]
- Tor Browser New 1 - Video [Last Updated On: November 9th, 2014] [Originally Added On: November 9th, 2014]
- Developer edition and privacy are Firefoxs 10th birthday present for the world [Last Updated On: November 10th, 2014] [Originally Added On: November 10th, 2014]