Whether or not you are on board with Covid-19 being a deadly threat or not, it is clear that the response to this new virus is threatening businesses globally. I am not talking about the services industry which, hopefully soon, the government will bailout…
I am talking about all of those workers expected to remotely access their businesses and work from home.
It is a hacker’s wet dream come true.
See, I already know where to attack your VPN – ports 50,51, 443, 500, 1194, 1701, 1723 & 4500 for those who care – and anybody who wants to can readily hack into any VPN at any time.
For example, all of those nation states that have been dying to get into our government systems for years.
Better yet, VPNs are just massive tunnels contains open communication highways between a home computer and a supposedly secure business network. These throughways are ideal conduits for spreading malware directly from an employee’s home to the corporate network.
Sure, YOU might be so foolish as to browse the Internet while have your VPN online – but we all know SOMEBODY in the office that is not as smart as you…
Despite these threats – are really there is no defense in the VPN world that can help – the more disconcerting issue is how easy it is for hackers to take a VPN system down. Military systems are already under duress, with many reports of this older VPN systems not handling the concurrent user loads that were expected. Hackers already know exactly where to attack, how to attack, and can easily launch DDoS attacks to take down any VPN system that they desire for as long as they want…
It is just a matter of time given the way in which VPN systems paint a massive target on their backs just like sitting ducks…
That are stuck in the mud with heavy weights keeping them from moving…
Making These Better Today
There are immediate steps that can be taken today to at least make these types of connections more resilient to attacks. These immediate products are mainly networking solutions sold by the larger ISPs and, given their size, these solutions are mostly ready to be deployed today. These newer VPN options overcome many of the issues maligning the traditional VPN market, but they are not full proof and still struggle to scale.
This, while I might no longer know your exact port, and the networking can handle higher load, I still know how to find your secure tunnel and DDoS – albeit on a larger scale – attacks can still take these newer systems offline.
We still have that duck but at least it is swimming in a pond now instead of the mud.
True Long-Term Protection
The true solution to this problem is one that will need to scale effortlessly, leverage peer-based and quantum resilient device management control and lock down communications in a manner that is completely invisible to hackers. The real solution – the one that transforms that duck into a Mako shark – has to eliminate bottleneck issues and move beyond current approaches both in terms of architecture and limits on communication options.
Whether it is Covid-19, increased mobilization, or the advent of technologies such as 5G, the mixed use of communications that are not restricted to geography is our new reality. Attempting to provide one-off solutions for a single aspect of these comms have never made sense and it is proving a disaster.
The problem with the current VPN systems is that they, for unknown reasons, think that a connection should be treated differently depending on if the communications is “internal” or “external”. In cyberspace, everything is internal, can be attacked, and needs to be properly secured. That security is not just some random encryption – rather it has to be part of the larger context of a complete cybersecurity platform.
I get it, this sounds too fantasy, too far out, too unlikely, too much
It isn’t any of those things and the solutions are there and can be brought online very rapidly…
Or we can wait for everything to truly shut down and then scramble for a solution.