How Are Those Cyber Security Vendors Performing? (Yes, That Is the Correct Word)
April 30, 2021
This sounds like old news. This is really new news. The trust outfit Thomson Reuters published “U.S. Government Probes VPN Hack within Federal Agencies, Races to Find Clues.” The main idea is that despite the amped up cyber security efforts, another somewhat minor issue has been discovered. The trust outfit reports:
The new government breaches involve a popular virtual private network (VPN) known as Pulse Connect Secure, which hackers were able to break into as customers used it. More than a dozen federal agencies run Pulse Secure on their networks, according to public contract records.
What’s up with VPNs? Here’s the trusted news source’s slick prose answering this question:
The use of VPNs, which create encrypted tunnels for connecting remotely to corporate networks, has skyrocketed during the COVID-19 pandemic. Yet with the growth in VPN usage so too has the associated risk.
Some questions:
- Do existing cyber security systems ignore VPN traffic?
- Do existing monitoring systems provided by vendors like Microsoft have a “certain blindness”?
- In the aftermath of the SolarWinds and Microsoft Exchange Server stubbed toes, have systems been enhanced to deal with threats which appear to operate in an undetectable manner?
Answers? No good ones its seems. Ads and speeches. Oh, yeah! Marketing is performance art.
Stephen E Arnold, April 30, 2021, 942 am US Eastern