VPNs: COVID-19 revelation

VPNs: COVID-19 revelation

The second wave of COVID-19 is now a reality: in the middle of October 12 US states hit record seven-day rolling average case counts, as reported by Business Insider. This year will be remembered as the harshest for a long time. Once again, government organisations, schools and private companies are turning back to remote work. Are we more prepared now than six months ago for the threats and challenges of this reality?

What does it mean

In this new spontaneously created “remote world” private citizens and big companies are more or less under the same conditions, still vulnerable to cyber attacks of hackers who surely learned their lesson well. According to ZDNet (September 2020): for the first six months of 2020 the total number of vulnerable RDP machines rose by 40% (while the number of attacks on RDP quadrupled in Spring alone), COVID-19 spam rose to truly Satanic 667% in March alone, while users became three times more likely to click on a phishing link in such letters. There is no reason to not expect a new spike in cybercriminal activity, if the second lockdown will follow.

An average internet user, working from home, and a corporate employee, working from home, are equally vulnerable to cyber attack. These days the company’s cyber defense is just as good as the company’s system administrator/IT department is. Which is probably not always good enough.

As reported by Malwarebytes: since the start of the pandemic, remote workers have caused a security breach in at least 20% of organisations. It is a miracle that the number is not higher: 45% respondents of that survey reported that no additional security checks or audits were performed by their employers.

What kind of “security breaches” are we talking about

Most likely – corporate networks infected by ransomware. 2020 is probably the worst year so far for big companies which are constantly attacked by ransom-demanding viruses: Westech, Garmin, LG, Xerox, Canon, SK Hynix, Software AG, to be continued.

Universities are suffering too: University of Utah, Michigan State University, University of California at San Francisco were recently forced to pay hackers $ 500 000–1140,000 to prevent leaks of student data. And this is getting bigger.

Sometimes computer viruses are literally lethal. A patient at Dusseldorf University Hospital died during a ransomware attack after the facility was unable to provide urgent medical assistance.

267 million records were breached in September 2020 only. Leaks are happening in different places: from the database of private calls between inmates and their attorneys to the database of several million American voters from Michigan.

The biggest single leak during the first wave of COVID was probably the leak from the hotel chain Marriott, where security breach impacted the data of more than 5.2 million hotel guests who used company’s loyalty application.

Even Twitter itself was hacked. 130 accounts, some of them belonging to the high profile US personalities like Barack Obama, Elon Musk and Bill Gates were compromised for the purpose of certain Bitcoin scam.

And we didn’t even start talking about darknet criminals selling access to domain administrators in local authorities and corporate networks or exposing personal information of thousands of US business owners who applied for federal disaster loans.

When you have so many ways for the malware to enter while working remotely it will enter somewhere for sure. When COVID-19 struck the world in January, many organisations were not prepared for such a big security challenge (before the lockdown 77% of bosses had never managed a fully remote team, 37% of companies didn’t have centralised way of managing the remote processes — Remote Leadership Report).

It is ironic that technology that provides the opportunity for remote safe work has been around for many years, but we guess, it is better late than never. This graph below shows that even more people have downloaded VPN in September 2020 than in January 2020 when it all started. We will discuss it in detail further, but to sum it up quickly: the most important lesson of remote work, cyber security risks lesson, have been learned well.

Traffic for iPhone and iPad users from October 2019–2020
Traffic for iPhone and iPad users from October 2019–2020

So, what does this second September spike indicate

Our experts analysed different kinds of data and it seems to be that ordinary users and companies, taught by experience, finally started to realize that today it is mandatory to have a VPN for both safe working and recreational web activities. “The coronavirus has suddenly given the VPN industry a new life” — Rob Smith, the research director at Gartner.

VPN provides a private and secure connection that shields your web-surfing from outside interception (safety level one) and provides the mandatory encryption of transmitting information, readable only for you, VPN server, and the client-side (safety level two). This is extremely needed during the COVID-19 lockdown, however, the benefits of VPN are not limited to handling this emergency situation.

Big corporations and companies could benefit from using a VPN to instantly connect different branches and locations sometimes scattered worldwide. Hackers are pretty creative these days and they employ a big set of techniques, both basic and very advanced, from good old phishing and keyloggers to the man-in-the-middle attacks, credential stuffing and many others. Corporate VPN usage (especially with the MFA) makes safe the process of the remote access to the network resources, so no traffic containing important data could be intercepted by the third party.

So far, VPN is the most secure method for the business employees to safely work while at home with the company’s network data through a secure tunnel, established upon the connection. With Switcherry VPN you will be able to configure the corporate VPN in 24 hours and provide your employees with a safe connection, eliminating the risk to work processes. Switcherry VPN is multi-platform solution that works on Windows, Mac, Linux, iOS and Android, so you can protect all at once, corporate and private traffic (which is necessary, because many security breaches are happening when mixing the usage of corporate and private gadgets and accounts in the same unprotected network).

Conclusion

It is unclear if life will ever be the same after the Second Wave of COVID-19. It is doubtful that hackers who have tasted the “blood” of defenseless corporate and personal data will stop now. It is most likely that remote work mode, from a semi-marginal position it held years before will transit to just another official option for the average worker. In that case an increasing number of security breaches and cyber threats are with us forever, and the usage of VPN will become the means of digital survival. Start your VPN connection today, stay safe and get used to the rhythm of the future.

Author: Nicolas Cuts

Product Managers at SwitcherryVPN. Have 5 years background in management and marketing. I never stop learning!

Leave a Reply

Your email address will not be published. Required fields are marked *