It takes more than an IP address to track someone on the internet.

The movies make it look easy to trace people if you have their IP address - but the reality is quite different.

Tracking individuals over the internet is incredibly easy – if the movies were true. You’ve seen it many times before:

So simple – because it doesn’t work

The truth is that an IP address is used for routing network traffic between computers – it is not generally attached to a physical address. Which means that obtaining an IP address is not normally enough to catch a computer criminal.

Many systems will try and assign a geographical location to an IP address, but this is usually no more accurate than identifying the local telephone exchange. Even this is a best guess – quite often the exit node, the point at which the individual connects to the internet, is in a different city.

Corporate networks, routers and public WiFi

Typically shared internet connections, like your company network, have a single IP address for the outside world. Your router then directs web traffic to the right computer inside the network.

The problem is that even if you do manage to trace the router from which the individual is located, it is impossible to tell which computer on the internal network is being used. Hackers will use this to their advantage too, hijacking corporate computers, or piggybacking off public WiFi networks to launch their attacks.

The Tor factor

Hackers and cybercriminals also typically use systems like the Tor browser to hide their location. These technologies bounce web traffic randomly across the web, making it almost impossible for anyone but the CIA and GCHQ to track them.

Even if you do get a cybercriminal’s IP address, if they are using Tor, you will quickly hit a dead in when trying to trace them.

Is it impossible to trace hackers?

It is possible to track hackers, but you will need a lot more information than just an IP address. The reality is that identifying and tracking hackers is an expert job, relying on in-depth technical skills that most SMEs do not have.

If your business does have a security problem, you should seek advice from a skilled third party consultant. Typing an IP address into a search engine will not deliver the answers you need.