The CEO of cybersecurity firm Cyemptive Technologies says his company has found, “advanced back doors into practically all corporate networks.”
The holes have been found in companies’ virtual private networks (VPNs), which, according to Cyemptive, are used, “by over 400 million consumers, businesses and government entities to securely connect their multiple offices or employees working remotely with the corporate network.” VPNs are also commonly used by financial firms.
Cyemptive, which is staffed by the former CIO of Microsoft and the former Chief Computer Architect for the National Security Agency (NSA), says it has taken its concerns to the US Senate and to the US Department of Homeland Security (DHS).
The DHS has now reportedly conducted its own study and has confirmed, “there are specific vulnerabilities with VPN technology.”
Cyemptive detected the problem after it noted attempted “VPN hacks against mainstream firewall technologies” used by its customers.
CEO Rob Pike called the discovery of the back doors, “a very disturbing scenario”:
“When Cyemptive detected hackers breaking into their VPNs, it was a very disturbing scenario to realize what we were dealing with in one of the most advanced back doors into practically all corporate networks.”
“Most companies leverage VPN technology to securely join multiple office locations or enable remote users to connect into corporate offices, not realizing the risks they have now enabled against the corporate network.”
Fortunately, Cyemptive says, “the market has responded quickly to the DHS announcement and has patched the VPNs.”
However:
“More security issues relating to VPNs continue to arise that organizations should be aware of. These include attacks from foreign governments and hacking groups, vulnerabilities from extending the network perimeter to any external connections and ‘Metamorphic’ attacks with malware that automatically re-codes itself each time it propagates or is distributed.”
As well, according to Pike:
“Although VPN’s still provide better security than SSL connectivity, neither connection scenario provides anywhere near the level of security that users thought existed in today’s environments.”
VPNs become particularly weak when they are connected with external networks, Pike added:
“One of the most concerning scenarios is extending your network perimeter to any external networks, which will completely open your whole network up to the world in almost all solutions seen to date and allows hackers direct access into the backend of your networks.”
Pike also said that ‘metamorphic attacks’ are very hard to detect using traditional means:
“Metamorphic attacks are rarely caught by machine learning – the technology employed by most cybersecurity solutions – and Embedded Metamorphic Attacks will never be caught by the latest and greatest AI / Machine learning technologies.”
In September, a company called Cybera wrote a guest post for Crowdfund Insider proposing the use of, “software-defined wide area network (SD-WAN) for the network edge,” rather than VPNs.