IT companies react to a surge in business VPN-based attacks
65% of companies are considering VPN alternatives
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
With remote and hybrid work becoming a common practice, companies are relying more and more on thebest VPNservices to protect their network.
At the same time, attacks targeting businessVPNsappear to be worryingly on the rise.
“Cybercriminals continue to take advantage of long-standing security vulnerabilities and increased attacks on VPNs,” read a new report carried on by cloud security company Zscalert.
This is why 65% of the companies surveyed are now considering adopting VPN alternatives based on a Zero Trust model.
44% of the respondents see a surge in VPN attacks
“As evident in several high profile breaches and ransomware attacks, VPNs continue to be one of the weakest links in cybersecurity. Their architecture deficiencies provide an entry point to threat actors and offer them an opportunity to move laterally and steal data,” said Deepen Desai, Global CISO of Zscaler.
For the2022 VPN Risks report, the security company surveyed 350 IT professionals across North America businesses.
This security firm claims to have the right tool for your privacy, and it’s not a VPN>Why VPN no longer has a place in a secure work environment>Our pick of the most secure VPN providers around right now
Nearly half of the respondents (44%) said to have witnessed a surge in exploits against their VPNs since the shift to remote and hybrid work.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Among the most concerning types of cyberattacks there areransomware(78%),social engineering(70%),malware(66%), web applications (49%) andDDos attacks(45%).
Under this light, the great majority of companies are now concerned that the use of VPN services could compromise the security of their IT network.
This is why around three out of five companies surveyed said that they are considering switching to VPN alternatives, with 80% of those actively working towards aZero Trust securitymodel.
What is Zero Trust?
TheZero Trustmodel is a security strategy based on the fact that implicit trust cannot be granted to any user, device or web app. Unlike a VPN-based security infrastructure, all the exchanges of data are here treated as potentially hostile.
It is based on three core principles. The first is toalways verify, authenticate and authorize every connection attemptat all times.
Then, for minimizing the risks, any users or applications should haveonly the minimum access requiredto perform their job effectively.
Finally, a Zero Trust architecture isbuilt in a way able to shrink the impact zone as much as possiblein case of attacks and/or breach.
“To safeguard against the evolving threat landscape, organizations must use a Zero Trust architecture that, unlike VPN, does not bring the users on the same network as business-critical information, prevents lateral movement with user-app segmentation, minimizes the attack surface, and delivers full TLS inspection to prevent compromise and data loss,” said Desai.
Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up.She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to chiara.castro@futurenet.com
Should your VPN always be on?
3 reasons why PIA fell in our best VPN rankings
After Arcane season 1 ended on a stunning cliff hanger, its creators say it was ‘always the plan’ for those characters to die in the season 2 premiere
