Not as Secure as Everyone Expects
SNOHOMISH, Wash.–(BUSINESS WIRE)–#cybersecurity–Cyemptive Technologies, a provider of preemptive cybersecurity products and technology and winner of the Department of Homeland Security’s national competition for most innovative solutions in the market, today revealed that it was Cyemptive that raised initial concerns with the Department of Homeland Security and the Senate over the security of Virtual Private Networks (VPNs), the technology used by over 400 million consumers, businesses and government entities to securely connect their multiple offices or employees working remotely with the corporate network.
Cyemptive Technologies warned the Department of Homeland Security (DHS) of VPN security hacks taking place against VPN technologies, based on attempted attacks it was seeing among its customers. As a result of the information provided by Cyemptive, DHS initiated their own research, culminating in the announcement by DHS that there are specific vulnerabilities with VPN technology and publication of an article based on that information from Cyemptive.
“When Cyemptive detected hackers breaking into their VPNs, it was a very disturbing scenario to realize what we were dealing with in one of the most advanced back doors into practically all corporate networks,” said Rob Pike, CEO and founder of Cyemptive Technologies. “Most companies leverage VPN technology to securely join multiple office locations or enable remote users to connect into corporate offices, not realizing the risks they have now enabled against the corporate network.”
According to Cyemptive, although the market has responded quickly to the DHS announcement and has patched the VPNs, more security issues relating to VPNs continue to arise that organizations should be aware of. These include attacks from foreign governments and hacking groups, vulnerabilities from extending the network perimeter to any external connections and “Metamorphic” attacks with malware that automatically re-codes itself each time it propagates or is distributed.
“One of the most concerning scenarios is extending your network perimeter to any external networks, which will completely open your whole network up to the world in almost all solutions seen to date and allows hackers direct access into the backend of your networks,” said Pike. “Metamorphic attacks are rarely caught by machine learning – the technology employed by most cybersecurity solutions – and Embedded Metamorphic Attacks will never be caught by the latest and greatest AI / Machine learning technologies.” Pike also noted that “although VPN’s still provide better security than SSL connectivity, neither connection scenario provides anywhere near the level of security that users thought existed in today’s environments.”
About Cyemptive Technologies
Founded in 2014, Cyemptive is a provider of preemptive cybersecurity products and technology. With a leadership team comprised of executives from several of the world’s most powerful technology and security organizations, including the former CIO of Microsoft and the former Chief Computer Architect for the National Security Agency, the company’s focus is on delivering an alternative approach to security. It is winner of the Department of Homeland Security’s Border Security Technology Consortium (BSTC) competition for most innovative border security-related solution in the market. More information about Cyemptive Technologies is available at www.cyemptive.com.