New Internet threats are quietly taking place

VPN hacking can be seen as a new threat, quietly taking place of the Internet world, with unpredictable consequences.

The most recent VPN hack is the one involving an enterprise VPN app developed by Pulse Secure. About 100 companies, 9 major federal agencies in the US were affected by this attack. Hackers have taken advantage of this application's vulnerabilities to infiltrate the computers of many companies and government officials around the globe.

We know that, a VPN is a virtual private network system, when participating in the public network can connect securely. Private VPNs are used by many corporations, companies, government agencies, and educational institutions to connect users. To access the organization's system, each user will have an authenticated account.

If hackers have these credentials, they can steal accounts without the need for phishing emails or custom malware, says Sarah Jones, senior principal analyst at FireEye.

Stephen Eckels, an engineer at FireEye, said that businesses need to rapidly improve their security processes and adopt new hardware technologies to avoid the risk of attack.

Currently, the trend of remote work is increasing, and due to the complexity of Internet security protocols, businesses are in high demand to use VPNs to simplify logging into corporate networks. This opens up many opportunities for hackers because there will be more vulnerabilities and the more VPN users are, the more difficult it is to detect the bad guy.

Vijay Sarvepalli, senior security expert at CERT, said that VPNs are convenient for large organizations but VPN developers have not thoroughly studied the risks to prevent and handle when their customers suffer attack.