The VPN Privacy Fallacy and Remote Work

As the world adjusts to the new normal brought about with COVID-19, companies everywhere have been scrambling to protect their remote employees. With most organizations globally running remote operations and cybercriminals preying on the Coronavirus pandemic, there has never been a more crucial time for IT security departments everywhere.

Perhaps unsurprisingly, virtual private network software (VPN) usage has seen a spike in usage as the need for remote working rises. Despite often being considered a ‘dinosaur’ technology, the Coronavirus pandemic has seemingly given it a new lease of life.

However, as cybercrime techniques become more sophisticated and hackers increasingly motivated, the antiquated technologies of the past are no longer enough to defend against the new breed of malware and ransomware we are seeing today.  To adequately protect today’s remote workers organizations must look at the problem in a new way.

Existing techniques are simply not enough to protect devices from the sophisticated threat landscape. Traditionally, companies have relied on VPN’s to connect to corporate networks, or third-party VPN’s to provide some level of anonymity. Unfortunately, there are several problems associated with this technique.

Firstly, it assumes that users actually turn on the VPN on their device, which is often not the case. Recent reports suggest that only 46% of users actually turn it on when using the device.

Secondly, VPN’s don’t actually prevent an attack on a device, and they are still prone to the same vulnerabilities as a normal device. They can still download malware, become infected by ransomware and are therefore still subject to data breaches. From a security perspective, VPN’s have become a new attack vector for cybercriminals. In fact, the recent Meow attacks specifically target VPN session secrets and tokens, as well as IP addresses of both user devices and the VPN servers they connected to.

It has also been reported that the passwords of 900+ VPN servers has been compromised and leaked online. The frequency of these attacks has only been increasing with COVID-19. This validates many of the trends we have been seeing at BlackFog and why we focus so much around on device privacy and security.

Reports have suggested that hackers have been targeting VPN’s from major vendors to infiltrate and plant backdoors into corporations all over the world. From a privacy perspective, VPN data breaches are not uncommon, as evidenced by hacks at NordVPN and TorGuard. These attacks allow hackers to access user activity and extract data. It is therefore not surprising that they have become new targets, providing a central repository of network traffic by individuals.

VPN’s are specifically designed to provide secure access to a corporate network, allowing access to internal documents and other corporate services. However, in recent years, VPN’s have been used to bypass regional controls on content for services such as Netflix, music services and government censorship. More recent concerns about privacy have increased their popularity with promises of online anonymity. However, users should be mindful that there is no such guarantee and that they are subject to government regulation and recording. Several reports have demonstrated that many VPN’s and ad blockers are secretly collecting user data. In addition, within some regions of the world such as China, United Arab Emirates, and Turkey, VPN’s are illegal.

So, if VPN’s aren’t the answer to securing remote workers, what should organizations be doing?  We need to assume that at some point hackers will find their way into the network. The focus should be on preventing the data leaving the network, which can only be done by monitoring outbound data flow and preventing data exfiltration.  Because modern attacks are predicated on the ability to communicate with third party servers to steal data, it’s crucial that any cybersecurity solution is able to monitor, detect and prevent the unauthorized transmission of such data in real time.

By focusing on preventing data loss, data profiling and data collection, BlackFog Privacy stops cyberattacks in real time. BlackFog protects from today’s modern threats by filling the gap between security solutions that focus on preventing access through intrusion detection systems, such as Firewalls and AV / Malware solutions that remove known infections after they have been discovered.

BlackFog is the only solution that provides on-device protection from data exfiltration, no data is ever sent to the cloud. BlackFog is also the only solution able to block outbound dataflow, ensuring what is on your device stays on your device. BlackFog’s 12 layers of defense protect from ransomware, spyware, malware, phishing, unauthorized data collection and profiling.

BlackFog is helping companies around the world to protect their remote teams during the Coronavirus pandemic with free 30-day coverage for all of your devices. Get in touch with us at info@blackfog.com to learn more.