NSA, CISA Release Guidelines to Secure VPNs

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

State-backed hackers have been constantly exploiting vulnerabilities in VPNs to breach critical cyberinfrastructure in the United States, agencies have warned.

The National Security Agency (NSA) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) have published guidelines to secure virtual private networks (VPNs).

The guidelines came after the departments noticed a rise in government-backed hackers exploiting vulnerabilities in VPN devices. The agencies stated that the guidelines would help protect the national security systems, the Defense Department, and defense contractors against ATP (advanced threat protection) groups, which refers to state-sponsored hackers.

The NSA specifically has been focusing on Chinese-government-backed hacker groups.

The Dangers of Vulnerable VPN Devices

Research by the departments reveals that ATP groups are always hunting for VPN vulnerabilities mainly because VPN servers serve as entry points into protected networks, which makes them attractive targets.

APT actors have and will exploit VPNs,” NSA’s director of cybersecurity, Rob Joyce, tweeted.

The

Read the article