Spies in the server closet

CIO - The Supreme Court might have stirred up a bigger problem than it settled when it ruled last June that file-sharing networks such as Grokster could be sued if their members pirated copyrighted digital music and video.
Since then, some programmers have announced they would pursue so-called darknets. These private, invitation-only networks can be invisible to even state-of-the-art sleuthing. And although they're attractive as a way to get around the entertainment industry's zeal in prosecuting digital piracy, they could also create a new channel for corporate espionage, says Eric Cole, chief scientist for Lockheed Martin Information Technology.

Cole defines a darknet as a group of individuals who have a covert, dispersed communication channel. While file-sharing networks such as Grokster and even VPNs use public networks to exchange information, with a darknet, he says, "you don't know it's there in the first place."

All an employee has to do to set one up is install file-sharing software written for darknets and invite someone on the outside to join, thus creating a private connection that's unlikely to be detected. "The Internet is so vast, porous and complex, it's easy to set up underground networks that are almost impossible to find and take down," Cole says.

He advises that the best -- and perhaps only -- defense against darknets is a combination of network security best practices (such as firewalls, intrusion-detection systems and intrusion-prevention systems) and keeping intellectual property under lock and key.

In addition, he says, companies should enact a security policy called "least privilege," which means users are given the least amount of access they need to do their jobs. "Usually if a darknet is set up it's because an individual has too much access," Cole says.

Reprinted with permission from

This story is reprinted from CIO.com, an online resource for information executives.
Story Copyright CXO Media Inc., 2009. All rights reserved.