Contact Us
back

VPN Vulnerabilities

Published On: 
May 28, 2020

Barbara M. Hunt

Founder and Chief Executive Officer
145 Views    10 Comments

Barbara Hunt

Founder and CEO, NetAbstraction
Secure VPN
VPN Web
Remote Workers

Today’s VPNs can provide a secure point-to-point tunnel between two devices, an origin and a destination. The level of security across a VPN is largely dependent upon the type of encryption that is used to encapsulate the transmission. Key issues with traditional VPNs:

· Discoverability: VPNs typically connect an ingress point to an egress point, and are static and easily discoverable. As a result, it is possible for an adversary or interested party to detect the presence of a VPN link and obtain intelligence related to the existence of a link between the ingress point and the egress point, even if the traffic itself remains encrypted. 

There are well known vulnerabilities in the most popular VPNs, which result in users having a false sense of security.

 

· Network topology changes: To alter the topography of a traditional VPN (i.e., change the egress point), the existing link is “torn down” and a new VPN is established. This process results in a break in traffic exchange, and the establishment of a new VPN can consume significant network overhead and take a significant amount of time to restore communications. Moreover, users and/or administrators associated with the origin and/or destination computer devices have little or no control over the physical and/or virtual path the VPN tunnel takes across the cloud(s).  

As a result, most users fail to alter the network topology of their VPN once established, making them a static target for attack. 

 

· Latency/Performance: Traffic sent across VPNs or implemented in a cloud applying traditional network virtualization techniques will typically take an unpredictable and/or varied path through the physical and/or virtual infrastructure. As a result, traditional VPNs have inconsistent latencies as two packets traversing a VPN implemented across a virtual network may take different routes and may arrive out-of-order. 

Many users will elect not to use VPNs when performance matters, which is often when they need them the most.

 

· TOR: The Onion Router (TOR) allows a user to surf the Internet with some degree of anonymity by obfuscating the path between the origin and the destination. TOR clients and nodes maintain a list of participating TOR nodes in a routing table that is updated via network broadcasts. TOR clients then select a path between the origin and destination by randomly selecting multiple routing nodes from the list. TOR, however, does not allow a client or administrator to select a path through the TOR network. TOR operates by broadcasting a node list so that each client and node remain up-to-date. 

As a result, an adversary or interested party can recognize the use of TOR and take advantage of well-documented TOR vulnerabilities. 

 

The NetAbstraction patents allow us to provide dynamically shifting VPN routing that enables a user and/or administrator to control the routing and select the path through the network that:

o   Improves privacy by protecting the location and identity of our customers;

o   Improves network performance by providing a consistent path for our customers; and

o   Improves security by not broadcasting information in order to set up a connection.

Featured Blogs

Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Related Content
Your title content goes here

It is a long established fact that a reader will be distracted by the readable.

Read More
Your title content goes here

It is a long established fact that a reader will be distracted by the readable.

Read More
Your title content goes here

It is a long established fact that a reader will be distracted by the readable.

Read More

Ad Space

Barbara Hunt

Founder and CEO, NetAbstraction

Barbara is a recognized expert in information and telecommunications technology and operations, based on her extensive experience in the Intelligence Community (IC). She is a sought-after speaker and presenter in the cyber communications market.

Related Content
VPN, Cloud, and Phishing Misunderstandings Show Up in Myths About Security and Remote Work

Visibility remains a principal need for security and other reasons, especially across distributed environments.

READ MORE
Flaws in 4 Popular VPNs Could’ve Let Hackers Steal Your Data, Researchers Say

Security issues with these virtual private network services could’ve enables cybercrooks to spy and even install ransomware.

READ MORE
Eliminating VPNs for More Secure, Productive Remote Work

Remote work is a popular use case, and in light of the Covid-19 outbreak, many companies are rushing to deploy VPNs to enable employees to work remotely.

READ MORE

Subscribe

Sign up for the latest posts and updates from NetAbstraction.

Subscribe

Related Blogs

Category
Best practices for Mobile Device Security

This article appeared in Security Brief, New Zealand and is republished here with their permission.Mobile phones have a huge impact on the day-to-day lives and the way one communicates with the world.

Read More
Category
Watch Compelling Keynotes and Sessions from the Fal.Con for Public Sector Conference

rowdStrike’s first Fal.Con for Public Sector cybersecurity conference — held last week at the new International Spy Museum in Washington D.C. — brought together.

Read More
Category
ITProPortal: CrowdStrike Discusses Life Beyond Malware

This article, “Life Beyond Malware,” originally appeared on ITProPortal and is published here with their permission.

Read More
2020
NetAbstraction