Zscaler report raises alarm over VPN vulnerabilities in Australia
Cloud security firm Zscaler has announced the release of its 2024 ThreatLabz VPN Risk Report. This comes amidst a surge in VPN use in Australia as they become increasingly seen as a crucial tool to protect online identities in light of a parallel increase in privacy breaches and security issues.
Zscaler's recent findings indicate a rising concern among companies that VPNs jeopardise their capacity to maintain a secure environment, with 88% of companies globally expressing such apprehensions. This concern has been further emphasised by the recent mandate from CISA that ordered a temporary shutdown of Ivanti VPNs across all US government sectors due to possible compromise, touching over 2,200 VPNs.
The report shows that encryption issues such as ransomware attacks (42%), malware infections (35%), and DDoS attacks (30%) are the main threats taking advantage of VPN vulnerabilities. These figures highlight the significant threats organisations face due to inherent weaknesses in traditional VPN setups, an issue that emphasises the need for transitioning to Zero Trust architecture.
Interestingly, Zscaler's report revealed that 78% of surveyed firms plan to actively implement Zero Trust strategies within the next 12 months. The study, reviewed by Cybersecurity Insiders and involving over 600 professionals from the security, IT, and networking sectors, discovered that 56% of organisations have been subjected to cyber attacks exploiting VPN security vulnerabilities in the last year. These incidents underline the emerging imperative to move from traditional perimeter-based defences towards a more robust zero-trust architecture.
This shift towards Zero Trust has been propelled by recent significant breaches and critical vulnerabilities with VPNs. Examples include Ivanti, where remote attackers were able to perform authentication bypass and remote command injection exploits, and Palo Alto Networks OS vulnerability, which saw unauthenticated users manipulate the security vendor's operating system to infiltrate the network. This vulnerability received the maximum severity score of 10.0, emphasising the gravity of these issues.
The Cybersecurity and Infrastructure Security Agency (CISA) also issued an emergency directive for federal agencies to immediately sever connections with the compromised Ivanti VPN devices, which it said could be turned on again after patching. All these events shed light on the growing scale and complexity of cyber threats targeting these networks, marking out VPNs as significant security concerns for their profound weaknesses as entry points in IT infrastructure, as 91% of the surveyed professionals expressed.
Zscaler's CSO, Deepen Desai, stressed the need for enterprises to use Zero Trust architecture and expect an increase in threat actors' exploitation of legacy, vulnerable resources. He urged reducing the attack surface by removing legacy technologies like VPNs and Firewalls, enforcing consistent security controls with TLS inspection, and limiting the blast radius with segmentation and deception.
The top threats exploiting VPN vulnerabilities identified in the report were ransomware attacks (42%), malware infections (35%), and DDoS attacks (30%). The report also revealed that 78% of surveyed firms plan to actively implement Zero Trust strategies within the next 12 months and found that 62% understood that VPNs run contrary to the principles of Zero Trust, highlighting that delivering them via the cloud does not equate to a Zero Trust architecture.