Your IT Consultant

Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.

VPNs Can’t Protect Against All Threats

December 5, 2019

Virtual private networks (VPN) are a great thing to protect your data transmissions and even shield your identity and location. However, too many people think they are totally safe if they use a VPN. It's similar to those that think they can open any attachment or click on any link just because they have security software installed. To make the point, CPO Magazine has an article that discusses five of the most common types of VPN security threats.

  1. Legacy software
  2. DNS hijacking
  3. Fake mobile VPNs
  4. DDoS attacks and repeated login attempts
  5. Worms

You can read the details in the posting, but the one I see most often is DNS hijacking. The primary reason is that the VPN is not configured correctly. When using a VPN, all DNS requests should also be tunneled through the VPN and should not be sent to the local network provider. In other words, if you are using the free Wi-Fi at the airport, don't use the airport's DNS services. The other recommendation is NOT to use free VPN services.

Also, if you use a VPN to connect to your firm's network, don't think you are totally safe. If your machine is infected with malware it can still travel through the VPN and infect your firm's network too.

Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com