Hiding your tracks online via Tor, the software that helps conceal users’ identity by randomly routing their Internet traffic through a network of relays, may soon become tougher — at least in the office. This week, IBM is encouraging businesses (PDF) to start blocking Tor on their networks.
IBM says companies should excise Tor services from their infrastructure because Tor is increasingly serving as a vector for executing attacks that include ransomware, SQL injection, vulnerability scanning, and denial-of-service. That’s according to research the company presented in its latest X-Force report.
IBM thinks the attacks mostly have to do with corporate espionage, not financial gain. Its report thus suggests that the target malicious hackers are after on Tor networks is private data about the corporations themselves. They’re probably less interested in stealing personal data from the corporations’ employees.
Either way, if businesses take IBM’s pronouncement to heart, this news is likely to make it that much harder to use Tor to browse anonymously at work.
But all hope is not lost — there are other steps you can take to help browse and download files securely even if you’re working on a network that blocks Tor. In particular, consider:
- Using a VPN service — and not the one your work provides, of course, unless you’re comfortable with your employer tracking your online activities
- Connecting through a Web proxy, like HideMe
- Switching to an uncensored DNS service
- Installing the Electronic Frontier Foundation‘s HTTPS Everywhere plug-in for your browser. It won’t hide the websites you’re visiting, but it will help prevent eavesdroppers from intercepting your conversations.
Nothing replaces Tor itself, of course. It’s a service that does a particular thing, which no other service does.
Still, by taking advantage of other privacy tools, keeping private online can be possible even if your network administrator makes things hard by blocking services like Tor.