On July 1, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) released a joint report with the Federal Bureau of Investigation (FBI) warning of cyber attacks utilizing The Onion Router (Tor). Tor is software which “allows users to browse the web anonymously by encrypting and routing requests through multiple relay layers or nodes.” While this software can be used legally to protect individuals who wish their information to remain anonymous on the internet, it can also be used illegally by hackers to conceal their identity while launching attacks.
“CISA and the FBI recommend that organizations assess their individual risk of compromise via Tor and take appropriate mitigations to block or closely monitor inbound and outbound traffic from known Tor nodes.”
See full report for detailed recommendations.
If you haven’t completed a cybersecurity risk assessment within the last year or don’t have a way to monitor for TOR nodes, please reach out to us. Our CyberBenchmark process reports on any TOR activity in your network using publicly available lists of TOR exit nodes, sourced by the TOR Project itself. As always, we are here to help if you have any questions or concerns about your cybersecurity.
SecuLore Support Team