There are seven prominent types of Internet counter-intelligence threats:
IP-Based Blocking ó A process that blocks a companyís access to specific Internet resources to prohibit, for example, a marketing research team from viewing a competitorís Web site to conduct industry and competitive intelligence.
IP-Based Cloaking ó A Web site can change its online content based on a userís IP address, identity, or geographic location. For instance, a company that recognizes when a competitorís technical employee is surfing their site may route them to a shadow page that displays incorrect product information.
Personal Identity Leakage ó Patterns of Internet usage may reveal the personal identity of a user through their surfing history, cookies, and search patterns This can lead to the leakage of a personís confidential digital information, either accidentally or intentionally.
Corporate Information Leakage ó Circumstances when an organizationís employee surfs the Internet and inadvertently gives out confidential information simply by downloading similar types of information from the Internet over a period of time. Such actions could give away a companyís strategic initiatives. For example, simultaneous increases in traffic from corporate executives, lawyers, and investment bankers to a competitorís Web site could telegraph an upcoming takeover attempt.
Harvesting Risks ó This process highlights when companies block a rivalís ability to access its site by utilizing Web harvesting tools to automatically gather and organize unstructured information from Web pages. Doing so prevents the researcher from being able to develop a complete picture of the targetís products, pricing or other information..
Industrial Espionage ó Situations where Web administrators use tools to monitor and track what pages and objects are accessed on their Web site. A company can, for example, detect a large amount of traffic coming from a competitorís IP address to its product page, and accurately conclude that the firm will launch a similar product.
Cyber Terrorism ó The direct intervention of a threat source towards a companyís Web site, while not new, is growing, with hacking tools and expertise even more widespread then they were a decade ago. Reaching out to a possibly hostile Web site gives them a direct attack path back to the originator.
Countering these threats
In response, technology firms experienced in anonymous Web surfing systems have created solutions specifically designed for enterprises. Companies looking for proven offerings should consider implementing one of two types of third-party, identity protection and information assurance platforms:
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.