Traditional VPNs are not so secure anymore!
Ransomware gangs such as Conti, Ryuk, REvil, DoppelPaymer, LockBit, and others have recently been using VPN servers as entry points into their victim's organization before making lateral movements and escalating privileges to launch their attacks. 💣
With the explosion of remote work due to COVID-19, the proliferation of VPNs to provide remote workers access to corporate resources, and the false sense of security they supply, cybercriminals have focused on exploiting their weaknesses. 🔓
Because of that, the NSA has recently published a guide for 'Selecting and Hardening Remote Access VPN Solutions' 🤓
According to the guide, vulnerabilities may be intrinsic to the VPN solution you use and may also be due to inadequate configuration. ⚠️
The guide covers the following topics:
✅ Considerations for selecting remote access VPNs
✅ Directions on configuring strong cryptography and authentication
✅ Advice on reducing the VPN's attack surface by running only strictly necessary features
✅ Guidance on protecting and monitoring access to and from the VPN
Does your actual VPN implementation follow this guidance? 🤔
Instead of just VPNs, are you considering hardened ways to protect your remote workers' home offices? 🤔
Find the the link to Catalin Cimpanu's article about it.