Given the rapidly increasing number of employees who work from home, VPN (virtual private network) infrastructures are particularly at risk.
The focus is on so-called VPN concentrators. A VPN concentrator is in the ‘middle’ of the network, i.e. at the hub; it concentrates VPN connections and forwards traffic. This is usually hardware for cryptographic processes that can bundle or serve a large number of VPN processes. As a result of the increase in VPN traffic in the corporate network as a whole, these systems are becoming increasingly stressed. In addition, there are insufficiently secure operating processes and internal company systems that create new targets.
Like any network infrastructure, a VPN is an attractive target for attackers, because such a ‘tunnel’ is a trustworthy way to get into the company network. If attackers compromise the VPN infrastructure, they could potentially access the internal network and management infrastructure. This includes important assets such as logging and even Active Directory.
Read the full article by Joe Weidner, Regional Director DACH at Attivo Networks, to learn how deception is an effective tool for threat detection when it comes to effectively detecting both normal and critical cyber threats in networks.