Data protection scandals, as well as security breaches, hacking and various mass surveillance scenarios, have led users to worry about their privacy on the Internet. That makes sense, too. However, users often seek their salvation in VPN encryption, which is usually aggressively advertised. “Anonymous surfing”, “secure online streaming”, “100 percent anonymity” or other promises are commonplace. However, it is important to check how secure this VPN encryption really is in the modern World Wide Web.
VPN connection? What is that anyway?
Virtual private network or virtual private network: This is what the abbreviation “VPN” stands for. In this VPN, data remains protected during transport. If you use VPN software, you first connect to your VPN provider in encrypted form, which then forwards you to the Internet – in other words, you do not use a direct connection to the Internet. There are a lot of providers on the market, one of the most popular is the privateinternetaccess vpn.
During the process, your data is anonymized. The connection request goes through a server of your VPN provider (node). You as a user will be assigned a new IP address. This has the background to protect your actual IP address. The IP address serves as a recognition number of your device. Thus, it can be summarized that a VPN aims to make your computer invisible on the web.
You often hear the term “VPN tunnel”. The comparison of a tunnel fits quite well with the way VPNs work: only those driving through the tunnel can see and influence the traffic – a driver outside the tunnel cannot see what is happening inside. It’s a similar story with VPN connections: Because VPN encryption is used to transmit data, a potential attacker might be able to see that a connection is being established through that tunnel. However, he cannot see what is being transmitted and to where.
There is a lot of confusion regarding VPN and Smart DNS. What is smartdns? It is similar to a VPN, can also bypass geo restrictions and it works by rerouting the DNS of a user.
Security on the Internet or empty promises: What can a VPN do?
As you read in the previous paragraph, VPN endpoints are protected – that means: VPN encryption only protects traffic from the user to the provider’s VPN servers. Thus, if a connection is established, the possible point of attack simply shifts. If the data sent is not protected in any other way, it can still be read between the VPN server and the actual destination.
Another problem is that users may end up with dubious VPN providers. The providers may want to follow the trend and only offer insufficiently mature software. Or providers disguise their software as a VPN tool, but behind it are viruses or Trojans. Especially with free tools, one should be careful. The magazine digitalwelt.org has done the work of compiling a list of reputable
And what about data protection?
VPNs are also often advertised with the topic of data protection – after all, in times of mass surveillance, metadata must also be protected. Metadata is information about other information resources – for example, when an e-mail is sent: In addition to the content of the message, there is the metadata, which consists of the sender, the recipient, the sending time, date and other information. Are VPNs a good solution for this?
One must not lose sight of the way VPNs work in this regard. It leads to a centralization of all data connections at one point. If an intelligence agency wants to efficiently monitor data traffic, it would make the most sense to do so strategically close to the VPN access nodes.
VPN security risk: How to do it better
Instead of encrypting only the path between the VPN client (the user) and the VPN server (the provider), it makes sense to encrypt the entire path from sender to destination.
This is also standard nowadays: Using SSL certificates, numerous websites are already end-to-end encrypted. Via HTTPS, a large number of all websites are delivered with TLS encryption. This not only protects against curious third parties, but also against data manipulation. Technologies such as HSTS ensure that unencrypted HTTP connections are not possible.
When does VPN encryption make sense at all?
We don’t want to demonize VPNs at all – there are very useful application scenarios! VPNs were not originally designed for surfing the World Wide Web “100 percent anonymously” and without traces. It was intended for other uses, in which VPNs are still useful:
- If you are in a public WLAN and would like to protect yourself from unwanted access, use VPNs. VPN encryption also makes sense if external employees are connected to the company network. In countries where the Internet is censored, these geoblocking blocks can be circumvented using VPN. Of course, the risk of incomplete VPN encryption remains.
- In addition to SSL encryption on the Internet, the use of Tor Browser also ensures strong data protection. This combination is sensible and secure for the normal web user.
Cybercrime: numerous servers seized as part of “Operation Nova”
As part of a cooperative effort with numerous international security agencies, a total of nearly 50 servers belonging to a globally active network of cybercriminals have been taken out of operation and, in some cases, seized on the basis of court orders. The former homepage of the network, which formerly operated under the name “insorg” and currently under “Safe-Inet,” was blocked and a corresponding notice of the seizure was posted.
Those responsible for the network are said to have made their IT structure, which is equipped with technical anonymization options, available to a wide variety of users in return for payment. The criminal customers allegedly relied on the protection promised by the network operators against access by the investigating authorities and used the infrastructure to commit serious cybercrimes and conduct other illegal business.
With the seizure of the servers, data and accounts of these users have now also been secured.
The current, international “Operation Nova” was preceded by lengthy and extensive investigations, which had their origins in an investigation by the Stuttgart public prosecutor’s office – focal point department for cybercrime – and the Reutlingen police headquarters.
The cyber specialists of the Esslingen Criminal Investigation Department and an investigation group set up there to combat organized cyber extortion had succeeded in penetrating the criminal IT infrastructure and tracing the trail back to the servers that had now been seized. A key component of this success was the excellent, international cooperation of the security authorities – in particular with EUROPOL, the FBI, the Aargau Cantonal Police, the Swiss Federal Office of Police fedpol, the police of the Netherlands, the French Police Nationale and the respective judicial authorities.
During the successive evaluation of the data material already secured during the previous investigations, the Esslingen cybercriminologists, supported by experts from the “Operative IT” unit of the State Criminal Police Office of Baden-Württemberg, repeatedly came across indications of cyberattacks that had already been going on for some time to the detriment of a large number of companies. In the case of quite a few of the attacked companies, the encryption of their data and thus a complete breakdown of their IT systems was imminent. In total, around 250 companies worldwide that had already been spied on by the perpetrators were identified, most of which were warned about encryption in good time and thus saved from losing their data and the blackmail that usually follows. In individual cases where the encryption of data was already underway, the companies were able to take protective measures, thus stopping the attack and at least limiting the damage.
The evaluation of the seized data material and the international investigations to identify those responsible and users of the network are continuing.