BM tells business to pull the plug, Agora pulls shutters on interesting goods mart
IBM is warning corporates to start blocking TOR services from their networks, citing rising use of the encrypted network to deliver payloads like ransomware.
The advice comes in the company's latest X-Force research team report (PDF).
IBM claims there were around 180,000 malicious traffic “events” in the USA between January 1 and May 10 this year, with 150,000 in the Netherlands, and more than 50,000 in each of Romania, France, Luxembourg and Uraguay.
While the rise of ransomware is worrying, the biggest attacks emanating from TOR exit nodes are familiar old favourites: SQL injection, vulnerability scanning, and denial-of-service.
TOR is also providing an infrastructure for command-and-control networks, the report states.
The report also speculates that wrong-doing is shifting from simple financial attacks to something that looks more like industrial espionage. It says the top two industries attacked in its study were information and communications, followed by manufacturing.
“A likely explanation is that these attacks are not after money — they’re attempts to steal intellectual property and/or spy on company operations”, the report says.
full article