What the biggest cyberattacks can teach us about protecting ourselves online

Cyberattacks are on the rise. For some time, the U.S Cybersecurity and Infrastructure Security Agency (CISA) has been warning about the risks in using a VPN for personal cybersecurity purposes; they’ve now released guidance on how best to harden your virtual private network solutions so you can stay safe online!

The two agencies have created a report to help organizations defend themselves against attacks from nation-state adversaries. These are the kinds of hackers that can take advantage when you use an encrypted VPN system because they’ll be able execute code on your computer or read sensitive data without any protection whatsoever!

“Multiple nation-state advanced persistent threat (APT) actors have weaponized common vulnerabilities and exposures (CVEs) to gain access to vulnerable VPN devices,” the U.S. National Security Agency

It’s important for organizations to have a plan in place when it comes to patching known vulnerabilities. Organizations should also choose products from reputable vendors with an active history of quickly acting on patches, since we know that some attackers will exploit these holes as soon they’re found by looking at how often hackers use them themselves.

The two agencies recommend users improve VPN security and reduce their server’s attack surface by:

  1. Configuring strong cryptography and authentication

  2. Running on strictly necessary features

  3. Protecting and monitoring access to and from the VPN

With the rise of state-sponsored hackers, it is more important than ever to ensure your data stays secure and you are protecting . VPN vulnerabilities have been used recently by both financially motivated and backed assailants in an effort to penetrate networks belonging not only private companies but also defense firms all over Europe with a goal of gaining access for financial gain or geopolitical advantage on behalf their countries.

This year in April, cybersecurity company FireEye published a report about two state-backed groups who used an unknown vulnerability to compromise the Pulse Connect Secure (PCS) VPN appliance. 

The National Security Agency (NSA) has warned that Russian hackers are exploiting security flaws in certain firewalls and VPN providers. The NSA also reported this information to Congress around the same time, warning them about potential cyber attacks by these foreign agents who have been going under names like “APT29”, Cozy Bear or even just ‘The Dukes’.

Ransomware gangs are not only targeting computers and mobile devices. They’re also interested in network access, as evidenced by seven attacks on VPN solutions from Fortinet, Ivanti (Pulse), SonicWall. At least 7 operations exploiting flaws in these products have been reported since 2017- including two that successfully encrypted user data within the organization’s firewall perimeter.

If you need help with cybersecurity contact MicroPac today!