Organisations of all sizes are being urged to make sure any VPN services they use are secured properly in order to avoid suffering cyberattacks.
VPNs, or Virtual Private Networks, have become an incredibly popular tool in workplaces and homes around the world as users look to ensure their online surfing stays private.
However as with many other software suites, there is a need to ensure any services being used are updated to the latest version in order to not fall victim to security issues.
The warning came from officals at the Cybersecurity and Infrastructure Security Agency (CISA), which stressed the importance of keeping workplaces secure.
“We have been advising departments and agencies to patch [virtual private networks] for a year now,” said Bryan Ware, assistant director for cybersecurity at CISA.
“That VPN now has gone from 10 or 15% of your enterprise traffic to maybe 95% of your enterprise traffic and we still see unpatched VPNs.”
“The locus of the attacks are the VPNs now,” he added. “Our adversaries know where we are and where we’re working, so that’s where they go.”
Attacks on VPN services have increased dramatically as their use soared during lockdown. The use of extra software platforms means that customers widen their potential attack vector, and add another headache to already-stretched IT administrators.
The news comes as businesses are being repeatedly urge to monitor their security practices as workers begin to head back to the office in some countries.
Recent research from Kaspersky that of those British workers provided with a company computer, over three-quarters of desktop devices (77%) have adequate antivirus or cybersecurity software installed, falling some way short of total protection.
Nearly a fifth (17%) of laptops supplied by UK employers also lacked security software, putting their employees at risk in this new era of remote working.
- Protect your PC from online threats with the best antivirus software