Amidst the hyper-digitized world of today, the prospect of securing an organization has undergone a significant change. Employees now have to manage cybersecurity while working remotely during this global pandemic. Without the challenges brought by the COVID-19, exercising adequate enterprise security against the backdrop of the evolving threat landscape comes with its fair share of obstacles. Facing a cyberattack has now become a matter of ‘when’ rather than ‘if.’
In the present-day threat, landscape enterprise security shifts to a more remote setting. The traditional approach that IT teams previously used to secure the enterprise has become irrelevant. Typically, by opting for a traditional approach, organizations focus on perimeter security, which explains VPNs’ massive popularity (Virtual Private Networks), since they were specifically designed to provide onsite security.
In the past, where most company works were done within a physical boundary, using VPNs could effectively enable remote access and provide security to employees, granted that they were operating from within company walls. With the emergence of the ‘virtual worker,’ however, relying on VPNs for remote work has become quite a risky endeavor. Although corporate VPNs do enable remote workers to access company data, it comes with the risk of making all of the other network data vulnerable to exploitation.
The staggering number of data breaches that affect organizations in the first six months of 2019 shows that 4.1 billion records were exposed. It alone provides remote employees access to company data by giving them the run off the network that allows for a monumental attack surface available for exploitation by hackers and other cybercriminals alike. Moreover, solely relying on VPNs can prove fatal to an organization, since several vulnerabilities associated with virtual private networks are often brought into the limelight.
Bearing witness to a VPN’s limitations is that in 2019, the CERT Coordination Center, and the DHS Cybersecurity and Infrastructure Security Agency (CISA) brought forth information on a particular vulnerability targeting VPNs. A cybercriminal could target this vulnerability and exploit an already affected system. Still, there have also been certain instances where VPNs have allowed malicious agents entry into the networks by mishandling cookies and tokens. Considering how easy it is for a cybercriminal to exploit a VPN and gain control over an end user’s system, it is high time for both individuals and enterprises to realize VPNs’ limitations.
Instead of considering the VPN technology to be this messianic invention that helps users bypass even the most rigid restrictions, such as the notoriously blocked website, The Pirate Bay, it is highly significant that we see the situation for what it is.
Here are some of the most prevalent security threats that VPNs are no longer well-equipped to combat.
Threat #1: DNS Hijacking
When it comes to operating remotely, most employees typically rely on public Wi-Fi networks to get their work done- which poses an arsenal of threats to the company’s network, since a public Wi-Fi connection is highly susceptible to cyberattacks and breaches.
Furthermore, even if an individual uses a VPN while connected on an open network, the risk posed to their online activities remains the same. Perhaps the greatest danger to an organization’s security originates from DNS or Domain Name Server hijacking.
As the name quite aptly suggests, DNS hijacking is a type of attack in which malicious agents infiltrate the domain name servers, and reroute any potential victims to a corrupted website, instead of the site that they wanted to visit initially. If that damage wasn’t enough, the cybercriminals could wreak significant havoc on an enterprise by exploiting the DNS to launch highly sophisticated ransomware and malware attacks.
Threat #2: Man-in-the-middle Attacks
Man-in-the-middle attacks abbreviated as MITM attacks occur when a cybercriminal somehow gains access to the communication channel present between an application and the end-user.
Typically, while carrying out MITM attacks, cybercriminals will pretend to be the other party or will take up the identity of a trusted agent, so that they may be able to intercept the communication better. Furthermore, adding to the danger associated with MITM attacks is that the user, who is the intended victim, usually does not have the faintest clue that they’re being exploited in such a way since the attack mimics a regular information exchange.
Although a Virtual Private Network might provide some protection from a man-in-the-middle attack via encryption, VPN providers often attempt to reduce costs and send out traffic through a split encrypted tunnel, which renders the endpoints unencrypted and unprotected.
Threat #3: Legacy applications
Another threat that VPNs can’t protect against is the development of the security measures involved with legacy applications. When these apps were designed, internet accessibility was never prioritized, which has now rendered the applications completely useless amidst the present-day digital landscape.
Fortunately, however, the security risk posed by these legacy applications can be mitigated by adopting modern SDP solutions (software-defined perimeters), which enables an organization’s security team to segregate the application from the network. At the same time, they add adaptive controls and measures to reduce risk.
Alternatively, security teams may also adopt a zero-trust security framework and then build their networks around it, which allows for a higher level of control and enables access to be monitored and controlled.
Threat #4: Multiple login attempts
Similar to how a Distributed Denial of Service attack (DDoS) functions, which is by bombarding the targeted application with requests, repeated login attempts can have the same effect on a VPN’s provider’s servers.
In this type of attack, where a VPN’s server is flooded with login requests, which is also sometimes referred to as a ” brute force ” attack, the malicious agent may gain access to a company’s private network, through their repeated attempts to determine the password and log in. Fortunately, an SDP solution can also be leveraged here, since it helps detect failed login attempts and denies access accordingly.
Threat #5: Worms
Contrary to what the name of this threat might suggest, we aren’t referring to real-life worms exploiting your company’s network. Instead, the worms we’re talking about, propagate computers and replicate themselves in a worm-like way.
If one computer somehow gets infected with this pesky security risk, all it takes is a device joining the network for the entire network to become then infected. Moreover, since this vulnerability specifically targets a network, a VPN provides little to no protection.
At the end of the article, we can only hope that we’ve brought our readers up to speed regarding some of the most common security threats against which VPNs offer little to no protection. Fortunately, we’ve got SDP to bridge the gap and offer better security measures to enterprises globally!