On June 5, the Nigerian government announced an indefinite ban on Twitter. Google searches for virtual private networks (VPN) saw a 14X spike on the same day in the African country. Last year, a similar surge in demand for VPNs was observed in Hong Kong after China proposed strict new national security laws.
VPN offers users a secure and private channel to communicate over the internet. It encrypts users’ internet traffic to mask their online identity making it difficult for third parties to track their online activities and steal data. The encryption happens in real-time.
What are VPNs?
A VPN hides the user’s IP address and allows the network to redirect it through a specially configured remote server run by a VPN host: Think of it as a private tunnel over the open network. When a user tries to surf online, the VPN server becomes the source of the data. Some VPNs encrypt the user’s connection to the internet, disguise IP addresses preventing it from getting tracked by internet service providers or even the government about the virtual whereabouts of the user. A VPN also works like a filter that turns all data exchanged on the network gibberish, rendering it unreadable.
Advantages of VPNs:
- VPN hides online activities even on public networks
- VPN servers hide the user’s actual location because the demographic location data comes from servers in a different location.
- Many services and websites are accessible only from certain parts of the world. With VPN location spoofing, a user can switch to a server in another country and virtually ‘change’ their location.
- In remote working environments, VPNs can offer a secure network to access important and confidential files on the company’s network.
Challenges
VPN being entirely secure is a myth. A 2016 study of 283 Andriod VPN apps by the Commonwealth Scientific and Industrial Research Organisation in Australia found that as many as 67% of the apps embedded at least one tracking library in their code to track users’ online activities. 84 percent of these apps were unable to encrypt the online data of the users properly. The study also revealed that these dangers are amplified in cases of free VPN apps.
It is a common misconception that VPN is a free pass for nefarious activities under the cloak of anonymity. While it is difficult to trace the origin to the local address, it is still possible to see what you are doing online.
VPNs can also be hacked. Recently, the Colonial Pipeline came under a ransomware attack disrupting the fuel supplies to the US Southeast. DarkSide broke into the company’s systems by taking advantage of a compromised password for the VPN. This particular VPN account was not in use during the attack but still provided access to Colonial’s network. Company’s CEO Joseph Blount told a US Senate committee, “In the case of this particular legacy VPN, it only had single-factor authentication.”
In April, cybersecurity firm FireEye alleged hackers tried breaking into US and Europe-based government agencies, defence companies, and other financial institutions. The hackers, purportedly from China, took advantage of a vulnerability in the Pulse Secure VPN, a widely used remote connectivity tool.
When it comes to VPNs, an important factor to consider is regional based legality associated with its use. As many as ten countries, including China, Belarus, and North Korea, have banned VPNs for reasons including censorship, information control, and muzzling dissent. Port blocking and deep packet inspection are two main methods of VPN blocking.
Moving beyond VPNs
Zero trust is being increasingly favoured in corporate settings in place of VPNs. Unlike the traditional VPN model that uses a one-time authentication process and automatically assumes that all users within the network are genuine, zero trust authenticates each user or device that accesses the network. This gives zero trust an edge over VPNs in terms of security.
Apple, during its ongoing WWD conference, introduced iCloud Private Relay. Several tech pundits are calling it ‘VPN killer’. This new feature encrypts users’ traffic through two internet relays without letting any entity see the content of the user’s browsing data. It hides user traffic from ISPs, advertisers, and even Apple itself.