The FBI is so concerned about the threat of residential proxy attacks and the dangers posed by cyber criminals using the technique that it has posted guidance on its website.
Residential proxies are used by cybercriminals to reroute traffic between individuals and the websites they visit to make it appear to originate elsewhere? By taking over IoT devices, smartphones, or home routers, cybercriminals can mask their illegal online activities. But it’s not just consumers who are at risk: Enterprises can be the targets of those illegal activities — and their devices can be taken over too. Older devices are particularly soft targets.
The FBI urged enterprises to install software updates as they become available to help protect devices from being infected, and to enforce strong device policies to stop employees connecting unauthorized devices to corporate networks. It also encouraged them to segment networks, block IP addresses known to be associated with residential proxy networks, and implement stronger firewall rules.
There has been one major proxy attack already this year. In January, nine million Android devices were exposed. The threat to enterprises is deep-seated. Last month, cyber security company Spur identified vulnerable proxy exposure across 671 government entities, 263 energy and utility organizations, and nearly 1,900 education environments.
“Residential proxies are effective because they let bad actors blend into normal internet traffic. A lot of security teams know how to look for suspicious infrastructure. It gets harder when the traffic comes through real residential connections that appear legitimate on the surface,” Spur co-founder Riley Kilmer said via email.
No Responses