On Oct, 12, a new vulnerability was discovered that affects nearly 800,000 internet-connected devices using the SonicWall VPN. The vulnerability is caused by a security bug in the SonicWall VPN portal which can cause both a device to crash and allow for easy remote code execution for even unskilled hackers.
“VPN bugs are tremendously dangerous for a bunch of reasons,” said Craig Young, a computer security researcher with Tripwire’s Vulnerability and Exposures Research Team (VERT), in an interview with Threatpost. “These systems expose entry points into sensitive networks and there is very little in the way of security introspection tools for system admins to recognize when a breach has occurred. Attackers can breach a VPN and then spend months mapping out a target network before deploying ransomware or making extortion demands.”
This is nothing new in the way of VPN compromisation
This isn’t the only VPN vulnerability we’ve seen in the past year. In September, it was discovered that the default configuration for FortiGate VPNs allows for Man-in-the-Middle (MitM) attacks. The Travelex foreign currency exchange attack in January was left vulnerable from seven unpatched Pulse Secure VPN servers, and it gained enough traction for the United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) issue an alert to update outdated VPNs.
Since COVID-19 forced companies to migrate to work-from-home policies, VPNs have become a critical tool in the digital workplace. They’re made to protect sensitive company data from prying eyes, and allow for a secure connection into the enterprise Intranet—if configured correctly.
The NSA released a new cybersecurity advisory that VPNs are more likely to be vulnerable to attacks if they are not configured properly:
“Many organizations currently utilize IP Security (IPsec) Virtual Private Networks (VPNs) to connect remote sites and enable telework capabilities. These connections use cryptography to protect sensitive information that traverses untrusted networks. To protect this traffic and ensure data confidentiality, it is critical that these VPNs use strong cryptography. This guidance identifies common VPN misconfigurations and vulnerabilities.” [NSA, Securing IPsec Virtual Private Networks]
Defense-in-Depth: it’s much better than VPNs alone
In our blog “VPN: from protector to attack conduit in the new remote work era,” we explored how the VPN security tool has been transformed to be an attack vector for bad actors. Hacker groups are targeting WFH employees with little to no security experience or IT support, leading to compromised data for entire companies.
VPNs should be an additional layer of security to an already-mapped out plan. Adding additional layers of defense, like VPNs, properly-configured firewalls, and endpoint security is key to protecting remote workers’ home networks from attacks (and protecting your company from a costly data breach). Although VPNs have been proven to be a potential attack vector, making sure they are properly configured and up-to-date will allow for a better chance at thwarting bad actors, and having a Defense-in-Depth strategy with multiple layers will help to ensure your data is as safe as it can be.
The BYON solution designed for remote workers and distributed IT teams
Firewalls, VPNs, and endpoint security are simply not enough in today’s threatscape. A Bring Your Own Network™ solution is needed to protect remote employees and all the traffic from home networks that are left vulnerable. This entails whole-home monitoring, AI-powered security, network topology, and more.
Minim’s Bring Your Own Network™ solution meets and exceeds all of the needs any IT team would need to implement for their remote workforce. Minim brings the power of a Defense-in-Depth strategy packaged into a robust approach:
- The Minim Score is a health assessment on the home network based on continuous monitoring device performance and security
- AI-powered security gives real-time scanning and protection against router attacks, ransomware, network intrusions, trojans, botnets, worms, spyware, known exploits, and SSID spoofing
- Device profiles allow for the WFH employee to create user profiles and add known devices to them, a great way to keep track of and control devices in a multi-person household
- Network geography allows for every Minim-enabled router and the devices connected to them to display their signal strengths, device fingerprint, and health
- Whole-home coverage allows the WFH employee to set up network meshing so that dead zones are gone forever
To learn more about how the Minim solution can fit your distributed team’s needs, get in touch with us below!
Want to know how to secure your network for WFH?
