ARTICLE
UK and US governments warn on the risks of VPNs

Alarm bells should be ringing with cyber security teams following recent guidance issued by both UK and US government security experts.

Read the article

Share this story

Read Time: 2 minutes

You might think ‘alarm bells’ an overreaction until you understand how rare it is for this sort of guidance to be issued by either government.

Both departments refer to the unusual steps being taken to address what they believe to be a significant risk to the security of networks using VPNs.

Home working has been achieved against the odd’s and under extreme stress, with businesses large and small forced to take steps they could not have imagined. Many relied on the confidence that existing security measures would provide a level of protection to their precious data, with VPNs at the core of this.

The weakest link for companies that have set-up remote access is the remote workers own home network, and home computer.  They often lack the security controls found inside the office or on the corporate computer.  Knowing this, attackers have recent launched a number of COVID-19 related phishing attacks.  One wrong click, and any VPN connected computer provides easy access to your company’s critical systems.

 First raised by UK authorities back in October ’19, the latest US guidance just issued highlights the continuing concerns regarding VPN Security:

  • Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations.
  • Alert employees to an expected increase in phishing attempts. 
  • Ensure IT security personnel are prepared to ramp up the following remote access cybersecurity tasks: log review, attack detection, and incident response and recovery.

When an attacker compromises a VPN connected system, their usage of the VPN will be different than normal.  The reason the US Government advises reviewing the VPN logs is to look for anomalies.  

A business needs visibility of what’s happening on their network, inside and beyond the perimeter. You can’t stop what you can’t see, so this must be a first step.

This week US cyber security vendor CyGlass, recently acquired by Nominet to boost their cyber security credentials, announced new features to their cloud based VSOC service that extended visibility beyond the perimeter to include VPN activity and providing the visibility and controls recommended in the government guidelines.

These new features will enable ‘at risk' businesses to quickly and cost effectively address the significant risks faced through the increase in VPN activity.

VPN’s need better monitoring

In a second move, designed to assist 'at risk' businesses, CyGlass announced they would provide the VSOC service at no cost for the next 3 months,

There’s no doubting the need for increased visibility if businesses are to avoid the significant risks from security breaches. Initiatives like those from CyGlass will help meet this growing demand.

Reference article:   

https://www.zdnet.com/article/hackers-are-scanning-for-vulnerable-vpns-in-order-to-launch-attacks-against-remote-workers/

User Rating
Rate the Article

Click the link below to rate this article

Rate this article
Have you also seen...
Test your Email Security Now

This tool tests if your email server is correctly configured to stop common threats.

Learn more
Remote working ‘Must Have' Technologies

90 days no cost, no commitment, no fuss technology deals for remote working quick wins

Learn more
Bright Security - Web Application Security: Top Threats and 6 Defensive Methods

Top Threats and 6 Defensive Methods

Learn more
Teams: the one-stop IT app

The one-stop IT app

Learn more
AppJacking

Mitigating risk from endpoint apps

Learn more
Cloud Technology Skills Shortages

Find help fast!

Learn more
About Libraesva

An email content gateway solution ESVA – Email Security Virtual Appliance – won the Computing Security Award as ‘Antispam of the Year’ solution 2014-2016

It was recognised by the prestigious Virus Bulletin as one of the best and effective systems of protection and analysis of email content, Libra ESVA was selected by Securefort to address email security in the SMB sector.

Learn more
You can’t protect what you can't see!

30 days no cost, no commitment, no fuss technology deals for remote working quick wins:

Learn more

We're a community where IT security buyers can engage on their own terms.

We help you to better understand the security challenges associated with digital business and how to address them, so your company remains safe and secure.

Other articles in this category
Risk Visibility
+
When Office 365 isn’t Secure Enough

When Office 365 isn't secure enough

Thursday, May 07, 2020
+
Is Your Network Secure?

You can’t protect what you can’t see

Friday, May 01, 2020
+
Digital Transformation or Digital Disaster

Before Covid 19, many SMB’s and mid sized enterprises were embarking on a journey to workplace automation and a world of greater performance, flexibility and control

Monday, May 18, 2020
+
The threat from within

With more employees now working from home, the risk of breaches has grown exponentially.

Tuesday, June 02, 2020
+
Hackers aren’t Heroes

Some think that hackers are "cool" and that their spirit of mischief and sneaking is admirable.

Wednesday, July 15, 2020
+
Half Full

50% of IT leaders don’t know if their cyber security is working

Friday, May 01, 2020
+
An awful lot of pain

Any business feels the pain

Friday, May 01, 2020
Interested in what you see? Get in touch, and let's start a conversation Get in touch