An agency’s IP address is one clue cyber criminals can use to identify the confidential online activity of undercover agents, researchers, investigators and analysts. Someone visiting the Web can unintentionally disclose their operating system, browser version, physical address and other sensitive information. Adversaries can use this information to uncover a government organization’s confidential plans and jeopardize their entire operation. Additionally, once an enemy knows your IP address, they can start scanning and attacking your network directly, endangering your data and infrastructure.
The impacts are substantial
Once an IP address is exposed, Web site administrators can automatically block an agency’s access to specific pages on a site, redirect them to a cloaked Web site that displays false information, attract that visitor to a "honey pot" page, monitor to gain intelligence or directly and maliciously harm the network. Tactics like this could mean exposing a cover, losing millions of dollars or even risking the lives of government agents. More aggressive enemies even automatically counter attack to create a denial of service, or damage or infiltrate government infrastructure.
The threat is by no means hypothetical. Many Web sites currently publish active government IP addresses so administrators can easily identify when an agency is visiting their domain. Exposed agencies include the FBI, Department of Homeland Security, National Security Agency, Drug Enforcement Administration and the Department of State. It’s one key reason why the Bush administration is proposing to allocate $6 billion in the 2009 budget for a cyber security effort.
Deploying information assurance systems
These types of growing online threats and attacks now shed light on the need to implement improved Information Assurance practices. These initiatives protect outbound connections to the Internet in order to ensure access to open source information, guarantee the integrity of the information gathered and protect against confidential leakage or counter-intelligence from adversaries.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.