State-backed hackers have been constantly exploiting vulnerabilities in VPNs to breach critical cyberinfrastructure in the United States, agencies have warned.
The National Security Agency (NSA) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) have published guidelines to secure virtual private networks (VPNs).
The guidelines came after the departments noticed a rise in government-backed hackers exploiting vulnerabilities in VPN devices. The agencies stated that the guidelines would help protect the national security systems, the Defense Department, and defense contractors against ATP (advanced threat protection) groups, which refers to state-sponsored hackers.
The NSA specifically has been focusing on Chinese-government-backed hacker groups.
The Dangers of Vulnerable VPN Devices
Research by the departments reveals that ATP groups are always hunting for VPN vulnerabilities mainly because VPN servers serve as entry points into protected networks, which makes them attractive targets.
APT actors have and will exploit VPNs,” NSA’s director of cybersecurity, Rob Joyce, tweeted.
Read the article