Peer-to-Peer (P2P) Networks exist where groups or “peers” of computer systems are linked to each other through the Internet for a common purpose usually with a common application directing their use. Files can be shared directly between systems on the P2P network without the need for a central server. In other words, each computer on a P2P network becomes a file server of sorts, while also acting as a client.
P2P software like Kazaa, Napster, and LimeWire was once a standard application on many people’s home computers. These programs allowed users to swap large files over the internet, typically illegal music and movies. Rather than using central servers for this purpose, they used their worldwide user base’s computers as both client and server (P2P). However, these P2P applications fell out of common usage as copyright owners were able to identify participants in these P2P networks and began cracking down on illegal file sharing. Today, a more anonymous P2P network called BitTorrent has largely replaced these older networks. Again, today, many Torrents, as they are called, serve illegal file content such as recently released movies and music.
While there are legitimate uses for P2P networking, the file-sharing aspect raises both intellectual property and cybersecurity concerns. Any time people are sharing music, movies, software, or any other proprietary content, questions of intellectual property and copyright laws surface. In fact, some internet service providers have attempted to ban torrents and other P2P applications, despite the valid and perfectly legal functions P2P can serve.
Secondly, with the anonymity P2P computer owners has improved, allowing them to hide their identity, CyberHoot has reported that some of the downloaded files now contain malware and are infecting unsuspecting users.
In the 25 years, CyberHoot security professionals have been practicing cybersecurity, we have yet to find a legitimate business use of P2P networks. Most firewall vendors allow you to block access to P2P Networks from company networks, and so you should block such access outright.
If you watch the video explanation of Peer-To-Peer networks below, you will see that BlockChain technology applied to P2P networks may one day introduce technologies and security that are needed by businesses. However, until you find a legitimate business use-case, block these networks and their applications, especially bittorrents.
However, in the pandemic work-from-home era, it may not be possible to block such access outright. In these cases, it’s important to put cybersecurity policies in place the forbid using P2P networks on company devices or even personal devices doing company business. The stated risks are simply too common and damaging to your business.
The recommendations below will help you and your business stay secure against the various threats you face on a day-to-day basis.
All of the following suggestions can be accomplished in your company by hiring CyberHoot’s vCISO services. For a vCISO proposal, please email Sales@CyberHoot.com.
All of these recommendations are built into CyberHoot’s product and/or vCISO services. With CyberHoot you can govern, train, assess, and test your employees. Visit CyberHoot.com and sign up for our services or email Sales@cyberhoot.com for a free consultation. Do it today as you never know when an attack will occur. At the very least continue learning by enrolling in our monthly Cybersecurity newsletters to stay on top of current cybersecurity threats, vulnerabilities, and breaking news.
Sources:
Additional Reading:
Related Terms:
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...
Read moreA recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.