Over the past few months, cyberattacks against devices protected by Pulse Secure VPN have surged. These attacks happened in the aftermath of the SolarWinds breach, which affected, among others, numerous government agencies.
Government agencies use VPN technology to shield themselves from threats in the online environment. VPN risks come with high stakes for government agencies: malicious actors can steal personal information, access credentials, and cause widespread damage.
What the Pulse Secure incident means
Since the beginning of the COVID-19 pandemic, working from home has been on the rise and VPN attacks have followed suit. According to a report from Digital Shadows, organizations should regularly patch VPN and other entry-point devices and software, as attacks could allow threat groups to gain access to target networks. This threat vector is so valuable to cybercriminals that it’s in the top three most-listed items for sale on hacker forums.
Several groups were identified as the perpetrators of the cyberattack against Pulse Secure VPN devices, some with potential links to the Russian and Chinese governments. What the Pulse Secure VPN indicates is that VPNs, although a handy solution, have exploitable vulnerabilities that can impact the public sector severely.
How governments unwittingly allow malicious actors to hack their networks
These incidents highlight two crucial threat vectors for that are often targeted: technology, and personnel.
The Pulse Secure incident exposed technical issues that can be exploited by attackers: logging policies, poorly-configured encryptions, the presence of malware, the lack of additional security features, among other examples.
Another security risk is posed by the level of access people have in an organization. The incidents mentioned above have exposed the dangers of overprivileged user accounts and software processes. Such a wide network penetration by attackers was possible due to the abundant presence of privileged accounts. Such accounts can be used later to compromise even more networks.
According to the KPMG and Oracle Cloud Threat Report 2020, 59% of the surveyed organizations suffered an attack where privileged credentials were phished. That is often not a personnel problem, so much as it’s a problem with legacy applications requiring access levels that are higher than needed.
This issue’s negative effects can be intensified by using a VPN. VPN connections don’t provide siloed access so when this point of entry is bypassed, it can open up access to significant parts of the network.
How Impero Connect can help government agencies secure their networks
Impero’s remote access software allows teams to only grant access to specified devices or networks. Access can be restricted to individual users, who are then limited to specific device groups, locations, or even time windows, depending on organizational structure and configuration needs.
Moreover, Impero Connect is a solution developed with security in mind. The cutting-edge security features built into this product are designed to exceed compliance standards where VPNs often come up short. That includes 256-bit encryption, multi-factor authentication, complete logging with audit trails, access restrictions, and customizable security roles. Learn more about premium security features.
One of the biggest benefits of Impero Connect is its multi-layer approach to security. This means with this product, organizations can manage remote access through their own servers, ensuring that security policies are maintained.
Impero Connect enables organizations to define user rights across networks and devices and manage them centrally, with all activity documented with unalterable audit logs and video recordings of remote control sessions.
Government organizations benefit from using Impero Connect instead of, or along with, a VPN. Access to networks and devices is limited to strictly the users allowed to access certain locations or devices.
If you’re ready to improve your access security with Impero Connect, contact us for your free trial today.