Cautioning that foreign government-backed hackers are actively exploiting vulnerabilities in virtual private network devices, the National Security Agency and the Department of Homeland Security’s cyber wing on Tuesday published guidelines for securing VPNs.
While the advice is broad, the NSA and DHS’ Cybersecurity and Infrastructure Security Agency specifically said it would help protect the Defense Department, national security systems and defense contractors against such advanced persistent threat groups, a term that typically refers to state-sponsored hacking groups. The NSA has specifically warned in the past about Chinese hackers exploiting VPN vulnerabilities, as has CISA, but the history of advanced groups seizing on VPN vulnerabilities is far broader and lengthier.
“VPN servers are entry points into protected networks, making them attractive targets,” Rob Joyce, director of cybersecurity at the NSA, said on Twitter. “APT actors have and will exploit VPNs.”
In one case, the FBI warned in May about hackers leveraging VPN technology made by Fortinet to target a municipal government. VPN technology typically promises a secure connection to a protected server, meaning many subjects may be operating with an inflated sense of security.
NSA said there are many dangers that accompany not fortifying VPNs against attacks from groups that exploit