How to protect your IP address | Malwarebytes Labs

How to protect your IP address

You might not know it, but every time you go on the Internet, from checking your social media to playing games and chatting with friends, you are identifiable to the rest of the world by a numeric address.

This “address” is your IP address, or Internet Protocol address. It’s a unique combination of numbers that identifies computers or devices from one another to allow them to communicate through the Internet. It might look like this: 173.223.120.165.

Your digital devices work much the same way as your physical address—your device needs an address in order to send information to another device. It seems harmless, but attackers can actually launch attacks against you (or in some cases disguised as you) if they know your IP address.

Now before we get too deep into this, keep in mind finding and utilizing a victim’s IP address in a cyberattack is really only a cog in the attack machine. Therefore, it’s important that all the information provided here represents the worst case scenario. However, knowledge of your personal vulnerabilities and how to secure them is important in every aspect of computer security.

What can someone do with my IP address?

There are many reasons why cybercriminals might want your IP address, ranging from just messing with you to future larger-scale, targeted malicious attacks. Three of the main reasons they’re on the hunt for IP addresses are to do the following:

1. Download illegal content under your IP address’ identity: They can download pirated movies, music, and videos—which would get you in trouble with your ISP—even child pornography or content that threatens national security. This puts an unnecessary target on your back for law enforcement to come after you. For example, in 2012, online threats to local police in Indiana were traced back to an IP address. After a SWAT team busted down the door and threw flashbangs into the entry, they realized they had the wrong place.

2. Hunt down your location for larger-scale attacks: When given an IP address, an attacker can use geolocation technology to identify what region, city, or state you’re in. They use this to decide if your area is a worthy target for future attacks. For instance, they may be looking for IP addresses in wealthier locations or less security-literate areas to receive more payoff from an attack or penetrate a system more easily. Combine this with the ability to gather additional information, like in the case of malvertising being able to fingerprint a system, and an attacker can determine if you or someone you love is an optimal victim.

3. Directly attack your network: Criminals can not only use your IP address for larger-scale attacks, but also to directly target your network and launch a variety of assaults. One of the most popular is a DDoS attack (distributed denial-of-service). This type of cyberattack occurs when bad guys use previously infected machines to generate a high volume of requests to flood the targeted system or server. By doing so, it creates too much traffic for the server to handle, resulting in a disruption of services. Basically, it shuts down your Internet, which in turn blocks you from accessing vital resources. While this attack is frequently referenced in being launched against businesses and video game services, it is just as possible to do against an individual, though not as common.

Online gamers are at particularly high risk for this, as their screen is visible while streaming (on which an IP address can be discovered). They accounted for over half of all of the DDoS attacks last year, according to Akamai’s Q3 2015 State of the Internet—Security Report. If someone’s IP address is known by other gamers, they can launch a DDoS attack, kicking them off of the game and Internet. Even worse (and at worst-case scenario), it could lead to a SWATTING attack, where an attacker pinpoints the location of their victim and deceives authorities enough to dispatch an emergency response team to the victim’s house. Imagine them barging through your door unannounced!

How do criminals find my IP address?

Just as they do to find personal info online in order to target users for malware infection, cybercriminals can be awfully crafty to find your IP address. Here are some of the ways attackers drill down to see that magical number.

Attackers can use social engineering to fool you into revealing your IP address. For example, they can find you through Skype and other instant messaging applications, which all use IP addresses to communicate. If you happen to chat with strangers using these apps, it’s important to note that they can see your IP address. Attackers can use a tool called Skype Resolver, where they can find your IP address when all they know is your username.

In addition, criminals can track down your IP address by simply following your online activity. Any number of online activities can reveal your IP address, from playing video games to commenting on websites and forums.

After finding your IP address, attackers simply go to an IP address tracking website, such as whatismyipaddress.com, type it in, and then BAM—they have an idea of your location. With a little elbow grease, hackers can cross reference other open source data if they want to validate whether the IP address is associated with you specifically. They can use LinkedIn, Facebook, or other social networks that show where you live, and then see if that matches the area given. If a Facebook stalker utilized a phishing attack against all people with your name to install spying malware, the IP address associated with your system would likely tell the stalker that they got the right person.

How can I protect my IP address?

You are typically assigned a dynamic (changes periodically) IP address by your ISP. However, you can sign up for a static (never changes) address if you wanted to run a web server from your house. There is some debate as to which is safer, though it is arguably more secure to have a dynamic IP address because “there isn’t a constant target for the attacker,” says Steven Burn, Lead Malware Intelligence Analyst at Malwarebytes.

It all boils down to the steps you take to secure your IP address. Here’s how you can keep your IP address out of the hands of criminals.

1. Use a Virtual Private Network (VPN): This protects your data online by the use of encryption and proxy tunneling. It hides your IP address and redirects your traffic through a separate server, making it much safer for you online. VPN services are without question the best practice for hiding your IP address, says Burn. They can be found online with monthly service charges, however, the price might not be worth it for every home user. There are free VPN services out there, but don’t expect them to be fast enough for any streaming or gaming.

In addition, you could run a proxy, which acts as an additional hub through which Internet requests are processed, all while hiding your IP address. It can determine legitimate over non-legitimate requests.

2. Update your router and firewall rules: Your router forwards data between networks, and your firewall prevents unauthorized access. Make sure you change the administrative password on your router, since default passwords are frequently used by attackers to break into your network. Each default password provided by your ISP is the same and can be easily searched online. Also, set your firewall rules to not allow any ping requests from the Internet. This makes sure unauthorized visitors won’t get through.

3. Change privacy settings on instant messaging applications: Only allow direct connections from contacts and don’t accept calls or messages from people you don’t know. Changing your settings to private makes it harder to find your IP address because people who don’t know you cannot connect with you.

4. Update your antivirus solution and add security layers: Making sure you are caught up on all of your security software’s updates ensures you’re protected from threats. Adding additional security on top of your antivirus further protects you. For instance, Malwarebytes Anti-Malware blocks malicious URLs originating from phishing emails in addition to blocking bad sites you might encounter.

Protecting your IP address is one aspect of protecting your identity. Securing it through these steps is one more way to stay safe against the wide variety of attack vectors cybercriminals are using today.

ABOUT THE AUTHOR

Sarah Enderby

Contributor

I am the millennial no one's ever heard of—the exception that proves the rule.