Massive security hole in VPNs shows their shortcomings as a defensive measure
- by nlqip
“Among other things, traffic should be appropriately encrypted prior to even entering a VPN. All technology has vulnerabilities. The mere fact that a tool has a particular vulnerability doesn’t mean it can’t be helpful in a robust defense in depth strategy.”
Noah Beddome, Leviathan’s CISO in residence, said that CISOs need to remember the origin of VPNs. “VPN was never supposed to be a security solution — VPNs were never designed for that,” he said.
“They were a stopgap use at the time [they were created]. Still, almost all enterprises have so many VPNs in use that there is no easy replacement.” Beddome said it’s likely that underfunded and understaffed security operations may have made it more difficult to replace VPNs quickly.
Tunnelvision is a secondary attack that follows a breach
According to the researchers, Tunnelvision is a secondary attack, meaning that it only works if the attacker has already gained significant access to the network. The danger is that some IT and security staffers might think that the VPN would still protect its data even if the environment is compromised. According to testing performed by Leviathan, no such protection would exist in a standard VPN.
The attack “bypasses VPN encapsulation. An attacker can use this technique to force a target user’s traffic off their VPN tunnel using built-in features of DHCP (Dynamic Host Configuration Protocol),” the blog post said.
“The result of this is the user transmits packets that are never encrypted by a VPN, and an attacker can snoop their traffic. We are using the term ‘decloaking’ to refer to this effect. Importantly, the VPN control channel is maintained so features such as kill switches are never tripped, and users continue to show as connected to a VPN in all the cases we’ve observed.”
Source link
lol
“Among other things, traffic should be appropriately encrypted prior to even entering a VPN. All technology has vulnerabilities. The mere fact that a tool has a particular vulnerability doesn’t mean it can’t be helpful in a robust defense in depth strategy.” Noah Beddome, Leviathan’s CISO in residence, said that CISOs need to remember the origin…
Recent Posts
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict
- Jury Sides With Qualcomm Over Arm In Case Related To Snapdragon X PC Chips
- Equinix Makes Dell AI Factory With Nvidia Available Through Partners
- AMD’s EPYC CPU Boss Seeks To Push Into SMB, Midmarket With Partners
- Fortinet Releases Security Updates for FortiManager | CISA