Tor is software that allows users to browse the web anonymously by encrypting and routing requests through multiple relay layers or nodes. While this software can be used legally to protect individuals who wish their information to remain anonymous on the internet, cyber threat actors can use Tor software and network infrastructure for anonymity and obfuscation purposes to clandestinely conduct malicious cyber operations.
The use of Tor in this context allows threat actors to remain anonymous, making it difficult for network defenders and authorities to perform system recovery and respond to cyberattacks. Organizations that do not take steps to block or monitor Tor traffic are at heightened risk of being targeted and exploited by threat actors hiding their identity and intentions using Tor.
CISA and the FBI recommend that organizations assess their individual risk of compromise via Tor and take appropriate mitigations to block or closely monitor inbound and outbound traffic from known Tor nodes.
Source: Maryland Association of Counties press release and Joint Cybersecurity Advisory CISA and FBI
No comments:
Post a Comment