A report from IBM researchers has shown that the use of Tor network is on the rise. As a result, the growth of malicious traffic and hacking attacks originating from the Tor network is higher than ever.
The United States government helped in the creation of The Onion Router and it funds it regularly for its development. Many government agencies themselves use the Tor network for transferring secret information to their counterparts. However, in the past, the law enforcement agencies and NSA have repeatedly tried to break into the network and identified the Tor users as targets that should be surveilled. The reason behind this suspection lies in the fact that people use the Tor network to hide their activities.
Recently, IBM X-Force Threat Intelligence Quarterly report was released and it indicates that the Tor network is becoming a bigger source of the malicious traffic that arises from Tor exit nodes.
The Tor exit nodes are the face of Tor to the rest of outer internet. As the encrypted message is passed from one computer to another, each intermediate Tor node removes one layer of encryption. The last Tor node, also called the exit node, forwards the request to the destination by revealing the original source.
Creating a Tor node is easy and this ease brings some complex security-related consequences. In the case of setups like Tor honeypotting using the exit nodes and traffic fingerprinting, the security concerns increase exponentially.
The IBM researchers have gathered data from January 1 to May 10 and used it to dedicate the fact that most malicious traffic originates from the exit nodes hosted in USA, Holland, Romania, France, and Luxembourg.
The report also highlights that SQL injections are the most common attacks being planted, closely followed by vulnerability scanning attacks and DDoS attacks. It should be noted that Tor offers the attackers an easy way to hide their location and change their exit nodes after their IP is banned after detection.
IBM report says that Tor can provide attackers a significant amount of ease to achieve their goals, but they leave some trails behind. However, the corporate networks just have a choice to detect communications to these networks.
Do you use Tor network to access the internet? Having something to add? Tell us in the comments below.