Risk of VPN attacks: every second company affected

Risk of VPN attacks: every second company affected Image: Bing - AI

Share post

The VPN Risk Report shows that more than half of companies were affected by cyberattacks via VPN in 2023. According to the Zscaler ThreatLabz Report 2024, 78 percent of companies plan to implement a Zero Trust strategy in the next 12 months.

ThreatLabz VPN Risk Reports 2024: For this study, Cybersecurity Insiders surveyed over 600 IT security, IT and networking professionals. 56 percent of participating companies reported being the target of cyberattacks that exploited security vulnerabilities in VPNs in the past year. These incidents underscore the vulnerability of traditional perimeter-based security compared to a more robust Zero Trust architecture.

Zero Trust instead of VPN solutions

The move to Zero Trust has gained momentum following recent security breaches and critical vulnerabilities in VPNs from two major companies:

Ivanti (CVE-2023-46805 and CVE-2024-21887) – Remote attacks could bypass authentication and inject remote commands.
Palo Alto Networks OS vulnerability (CVE-2024-3400) – Unauthenticated users exploited the security vendor's operating system to infiltrate the network. As a result, the vulnerability received the maximum severity level of 10.

Ivanti's zero-day vulnerabilities prompted the Cybersecurity and Infrastructure Security Agency (CISA) to issue an emergency directive for federal agencies to immediately disconnect connections to the compromised VPN devices.

VPN security challenges

VPNs provide traditional remote access to corporate networks, but the growing scale and sophistication of cyberattacks on these networks is a concern for security teams. Of those surveyed, 91 percent expressed concern that VPN vulnerabilities could provide entry points into their IT infrastructure, a concern supported by recent breaches involving outdated or unpatched VPN infrastructure.

"Over the past year, numerous critical VPN vulnerabilities have served as successful entry points for attacks on large enterprises and government entities," said Deepen Desai, CSO at Zscaler. "Given these repeated findings, organizations must prepare for threat actors to increasingly exploit these traditional internet-exposed assets such as appliances and virtual assets, the compromise of which allows attackers to navigate laterally through traditional flat networks. Transitioning to a Zero Trust architecture significantly eliminates the attack surfaces of traditional VPNs and firewalls and helps enforce consistent security mechanisms with TLS inspection. The attack radius can be limited using segmentation and deception, preventing greater damage from security incidents."

VPN vulnerabilities used for attacks

The study identifies ransomware attacks (42 percent), malware infections (35 percent) and DDoS attacks (30 percent) as the top threat vectors that exploit VPN vulnerabilities. The report also shows that 78 percent of surveyed organizations plan to implement Zero Trust strategies in the next 62 months. In addition, XNUMX percent of organizations acknowledge that VPNs contradict Zero Trust principles and that even deploying VPNs via the cloud does not constitute a Zero Trust architecture.

Stop the spread

Of the organizations that have experienced compromise via VPN vulnerabilities, the majority reported lateral spread of attacks within the network, resulting in failure to contain after initial infection. To minimize the radius of spread and mitigate the risk of VPN vulnerabilities, Zscaler recommends adopting a Zero Trust architecture to:

  • minimize the attack surface by making applications invisible to the Internet, making them harder for attackers to detect and attack.
  • Prevent compromise by inline inspection of traffic and content to detect and block malicious activity and protect resources from unauthorized access or data exfiltration.
  • Eliminate lateral movement by segmenting and connecting users directly to their applications instead of the network, limiting an attacker's ability to gain unauthorized access and spread laterally.
More at Zscaler.com

 


About Zscaler

Zscaler accelerates digital transformation so customers can become more agile, efficient, resilient, and secure. Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting people, devices, and applications anywhere. The SSE-based Zero Trust Exchange is the world's largest inline cloud security platform, distributed across 150+ data centers around the world.


 

Matching articles on the topic

NIS2 and the security obligation: email encryption

Although email encryption is not explicitly mentioned as a separate topic in the NIS2 Directive, it falls under the general requirements for ➡ Read more

Best-of-breed for cybersecurity

History repeats itself, even in the area of ​​cybersecurity. There are cycles of consolidation and modularization. Currently, consolidation is again ➡ Read more

Ransomware: Above-average number of attacks in the education sector

The number of compromised backups and data encryption rates due to ransomware in the education sector have increased compared to the previous year. The recovery costs after ➡ Read more

TotalAI Platform: Vulnerability Assessment of AI Workloads

The new TotalAI solution enables holistic detection and vulnerability assessment of AI workloads to detect data leaks, injection issues and model theft. ➡ Read more

NIS2 Directive: Communicating implementation with managers

A free white paper helps CISOs speak the language of executives to advance the implementation of the NIS2 directive in the company ➡ Read more

NIS2 will soon come into force – 5 tips to prepare

The EU Directive NIS2 is due to come into force in Germany in October. It requires many companies to take greater cyber security precautions. ➡ Read more

Global danger: vulnerabilities in photovoltaic platform

As the experts at Bitdefender Labs have discovered, power outages are possible due to attacks on photovoltaic inverters and management platforms. A vulnerability was only discovered in ➡ Read more

30 percent more ransomware attacks in Germany

In this year’s State of Ransomware report “ThreatDown 2024 State of Ransomware”, Malwarebytes shows an alarming increase in ransomware attacks in the past ➡ Read more