Both departments refer to the unusual steps being taken to address what they believe to be a significant risk to the security of networks using VPNs.
Home working has been achieved against the odd’s and under extreme stress, with businesses large and small forced to take steps they could not have imagined. Many relied on the confidence that existing security measures would provide a level of protection to their precious data, with VPNs at the core of this.
The weakest link for companies that have set-up remote access is the remote workers own home network, and home computer. They often lack the security controls found inside the office or on the corporate computer. Knowing this, attackers have recent launched a number of COVID-19 related phishing attacks. One wrong click, and any VPN connected computer provides easy access to your company’s critical systems.
First raised by UK authorities back in October ’19, the latest US guidance just issued highlights the continuing concerns regarding VPN Security:
- Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations.
- Alert employees to an expected increase in phishing attempts.
- Ensure IT security personnel are prepared to ramp up the following remote access cybersecurity tasks: log review, attack detection, and incident response and recovery.
When an attacker compromises a VPN connected system, their usage of the VPN will be different than normal. The reason the US Government advises reviewing the VPN logs is to look for anomalies.
A business needs visibility of what’s happening on their network, inside and beyond the perimeter. You can’t stop what you can’t see, so this must be a first step.
This week US cyber security vendor CyGlass, recently acquired by Nominet to boost their cyber security credentials, announced new features to their cloud based VSOC service that extended visibility beyond the perimeter to include VPN activity and providing the visibility and controls recommended in the government guidelines.
These new features will enable ‘at risk' businesses to quickly and cost effectively address the significant risks faced through the increase in VPN activity.
In a second move, designed to assist 'at risk' businesses, CyGlass announced they would provide the VSOC service at no cost for the next 3 months,
There’s no doubting the need for increased visibility if businesses are to avoid the significant risks from security breaches. Initiatives like those from CyGlass will help meet this growing demand.