Is your small business at risk? Learn about VPN vulnerabilities
As a small business owner, you should be aware of growing risks related to VPN vulnerabilities. Although VPNs can be very useful to companies that allow employees to work remotely, business owners should stay protected by making sure they understand risks that have been on the rise since late 2019.
What is a VPN?
A VPN, or virtual private network, is commonly used to allow remote workers that are outside the corporate network to securely access corporate services from home or while travelling.
If you use a system like Citrix, Fortinet, Palo Alto, or Pulse Secure for employees working remotely, you should be alert to cyber attacks related to these VPNs.
What makes VPNs susceptible to attacks?
Since a VPN uses a public network to access a private one, they are more challenging to secure than an in-house network.
Here’s why VPNs are common targets for attacks:
- VPN devices are internet facing, which makes it easy for attackers to scan the internet for their vulnerabilities.
- VPN vulnerabilities give attackers remote access to a network without login credentials. In all cases, attackers can then run their own code to access internal systems, exfiltrate data, install ransomware (see Travelex below), and/or wipe devices (see Bapco below).
- Research has found that as of January 3, 2020, there were 3,825 unpatched Pulse Secure VPN servers. Of those, 30% of them were in the U.S. (1,148).
To avoid VPN vulnerabilities, make sure that your servers are ‘patched’. ‘Patching’, by technical definition, is a software or firmware add-on that’s designed to fix bugs and security vulnerabilities. It’s these vulnerabilities that a hacker is searching for as a way into a server.
Proper patching protocols will help you avoid vulnerabilities.
Attacks in the news
One major company that has been publicly disclosed as a victim of this type of attack is Travelex. Travelex was hit with the Sodinokibi ransomware on New Year’s Eve after attackers were able to exploit their Pulse Secure VPN server. Travelex had been warned of the vulnerability as far back as September 2019. Two weeks after the attack, some systems were still offline.
The result of attack was that Travelex systems were offline for over two weeks causing widespread business interruption and loss of revenue.
In a similar situation, Iranian state-sponsored hackers allegedly deployed a new strain of data-wiping malware on the network of Bapco, Bahrain's national oil company. This ZDnet article suggests that the attackers got in via a Fortinet VPN vulnerability.
The outcome here was that the attacker got into an admin account and wiped many of the company’s servers clean, even deleting data. If Bapco hadn’t had the proper back-ups in place, they would have lost the data permanently.
How to protect your business from VPN vulnerabilities
- If you use a VPN service, it is crucial that you stay up-to-date on the latest security patches and install them asap. Further information on major vendors can be found in these links: Pulse Secure, Fortinet, Palo Alto and Citrix. You should also remain on high-alert and look for signs of compromise within your network.
- If you run any of these services and your servers have not yet been patched, take them down to avoid being detected by internet scans.
- If you experience an attack, you should reset the authentication credentials of the affected VPNs.
For more information about how to protect your business from cyber threats, check out our cyber security insurance for small businesses.
Related Articles
A cyber security expert answers your ransomware questions
What is ransomware? Who is vulnerable? And most importantly, how can you protect your small business from the havoc it can wreak?
We sat down with Meghan Hannes, Head of Cyber and Tech Errors and Omissions for Hiscox USA. Meghan has been underwriting and managing cyber security and privacy-related risk since 2004. She is a noted author, speaker, and award-winning product head in the cyber insurance space.
Remote working increases cyber risk for small businesses
The pandemic has changed the way we do business in many ways. One of the most remarkable changes – and one that may become permanent for many businesses – is remote working. While this has been an advantage, the increase in cyber attacks since more people have been working from home is not a coincidence
Read More
The most common accounting mistakes made by small businesses and how to avoid them
Whether you’re a new or experienced small business owner, financial responsibilities—including accounting—can take a while to get the hang of. There are so many moving parts to keep track of, not to mention a lot of math to do, which makes mistakes almost inevitable. That’s why many companies bring on an accountant as soon as they can. But if that isn’t an option for you just yet, don’t worry. We’ll cover some of the most common accounting mistakes made by small businesses and how to avoid them, so you can protect your business.
Read MoreWe provide tailored insurance for the specific risks you face, so you can take the right risks to grow your business.