Security News > 2020 > July > CISA Warns Enterprises of Risks Associated With Tor
In an alert this week, the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warned enterprises about the use of Tor in cyberattacks.
Maintained by non-profit organization Tor Project, the Tor software and the underlying infrastructure are meant to provide users with anonymity and the means to bypass censorship by encrypting requests and routing them via multiple nodes.
"The risk of being the target of malicious activity routed through Tor is unique to each organization. An organization should determine its individual risk by assessing the likelihood that a threat actor will target its systems or data and the probability of the threat actor's success given current mitigations and controls," CISA says.
Security information and event management and other log analysis tools can help identify activities involving Tor exit nodes, all of which are included in a list maintained by the Tor Project's Exit List Service.
CISA also lists mitigation steps enterprises should take to reduce the risks associated with adversaries using Tor, ranging from monitoring and analysis to completely blocking traffic to and from public Tor nodes.