State-backed hackers have been constantly exploiting vulnerabilities in VPNs to breach critical cyberinfrastructure in the United States, agencies have warned.
The National Security Agency (NSA) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) have published guidelines to secure virtual private networks (VPNs).
The guidelines came after the departments noticed a rise in government-backed hackers exploiting vulnerabilities in VPN devices. The agencies stated that the guidelines would help protect the national security systems, the Defense Department, and defense contractors against ATP (advanced threat protection) groups, which refers to state-sponsored hackers.
The NSA specifically has been focusing on Chinese-government-backed hacker groups.
The Dangers of Vulnerable VPN Devices
Research by the departments reveals that ATP groups are always hunting for VPN vulnerabilities mainly because VPN servers serve as entry points into protected networks, which makes them attractive targets.
APT actors have and will exploit VPNs,” NSA’s director of cybersecurity, Rob Joyce, tweeted.
The agencies noted that multiple state-sponsored actors had exploited flaws in VPN products in the past few years. This is a dangerous trend as vulnerable VPN devices can allow attackers to steal credentials, overhear or weaken encrypted communications, access sensitive data, and remotely