Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 9 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Outdated VPN remote access puts critical national infrastructure organisations at risk

by The Gurus
May 29, 2018
in This Week's Gurus
Share on FacebookShare on Twitter

Written by Paul Darby, Regional Director – EMEA, Vidder

When VPNs were first developed back in the 1990s, the idea was to extend the LAN to employees’ home offices and hotels as they hit the road. This meant giving employees remote access to everything their company network had to offer—just as if they were working on the internal network. Then, when companies began outsourcing work and bringing ecosystem partners onto their networks, the remote access VPN was about the only tool at their disposal. The VPN became the default means to provide third parties access into corporate networks and applications, and its use is still common today.

An insecure method in today’s cyber climate – especially in critical national infrastructure

Fast forward to 2018 and unfortunately there are several security weaknesses that make the remote access VPN an unsuitable method. Today, attackers are looking to access an organisation’s most sensitive data and systems, often for financial gain or political disruption, and will leverage any weak point they can find in the perimeter to establish a foothold to exploit valuable assets.  And right now, this is particularly the case for organisations who work at the heart of the UK’s critical infrastructure – everything from healthcare and government to utilities, finance and emergency services – on whose systems, networks and processes the daily functioning of the country depends.

Recently, the National Cyber Security Centre (NCSC) warned companies connected to the UK’s critical national infrastructure that they were being targeted by hackers aiming to gain a position from which to disrupt public services or steal highly sensitive data pertaining to UK citizens and government.  In fact, today national security experts operate on the basis that it is a matter of “when, not if” the UK becomes a victim to a category one cyber attack targeting critical network infrastructure, as reports from the NCSC warn that the supply chain of the critical national infrastructure  is under “sustained attack”.

Hackers first attack target computers indirectly connected to the target’s network to compromise workers who might have an advanced security process to access their immediate perimeter. Once compromised, they use this vulnerability to move laterally and attack mission critical networks and/or data. A combination of human fallibility over password protection and an all-or-nothing approach to network access via VPNs means that they are particularly vulnerable to this kind of attack.

Data breaches as a result of weak, default or stolen passwords.

News headlines would have you believe that most security breaches are the result of very sophisticated attack methods. Reality is actually much more mundane: the biggest threat to security today stems from compromised credentials.  In fact, according to the 2016 Verizon Data Breach Investigations Report, 63% of confirmed data breaches involve using weak, default or stolen passwords.  On this point the login credentials for remote access VPNs can be compromised in a variety of ways.  For example, it is very possible that a contractor, vendor or service provider uses the same credentials for remote access VPNs as the passwords they use for their own social media account. Considering that people often use simple or default passwords, hackers can easily guess the login and password details.

On top of this, the VPN provides wide access to network resources – often far more than the one or two applications that the user actually needs.  This means that once the attacker is in, they have practically unrestricted access to large areas of the network – a huge potential attack surface.

With that said it is staggering to read that almost half (48 per cent) of UK IT professionals surveyed by OneLogin still require remote workers to use VPNs. However, with 30 per cent receiving frequent complaints that the use of a VPN slows down remote network access, many organisations are struggling to find a balance between productivity and security. The survey also found that half of remote workers spend up to one day per week connected to unsecured networks in an effort to circumnavigate VPNs and get on with their job, leaving organisations open to a host of cyber threats.

Awareness is growing that more needs to be done to protect our critical network infrastructure and as a result the concept of Zero-Trust Networking and Trusted Access Control has come into the spotlight. The premise behind this approach is to provide identified legitimate users with secure access to the functionality that they need while mobile, without giving them – or any potential attackers – carte blanche to access the entire system.

Isolate, validate and then allow 

A system such as that described above is known as full spectrum protection. Here at Vidder we have a solution, PrecisionAccess, that implements transparent multi-factor authentication using the device itself as an additional factor for all authentication. What this means in terms of credential theft is that a bad actor can’t use stolen credentials to simply login to an application because credentials alone aren’t enough to satisfy the stringent authentication requirements of PrecisionAccess. An attacker would have to have the credentials and access to the specific device that is linked to the legitimate user. 

Additionally, PrecisionAccess uses application layer tunnels over existing network infrastructure to provide access to specific applications, not to the entire network and not even to the entire server—just to the port of the server of the authorised application. This severely limits the potential attack surface, providing far higher security for critical infrastructure organisations, without compromising on productivity.

There’s a lot more that can be done to protect third-party access to the network, if you are interested in finding out more why not read our whitepaper ‘Trusted Third Party Access’. Today threats are constantly evolving, hacking and breaches are everyday occurrences and critical national infrastructure is a prime target, so don’t let your organisation be a victim of a data breach through ineffective remote or third party access!

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Fraudsters Capitalise on TSB Customer Woes

Next Post

UK the most breached country in Europe, but organisations aren’t feeling the threat

Recent News

Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato SASE Cloud Named “Leader” and “Outperformer” in GigaOm Radar Report for SD-WAN

February 7, 2023
AT&T Cybersecurity grows SASE offering by adding Palo Alto Networks

UK second most targeted nation behind America for Ransomware

February 7, 2023
safe

Will Emphasising App Security Lead to More App Installs?

February 6, 2023
Phone with app store open

$400,000 Fine for Stalkerware App Developer

February 6, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information