If you work remotely, you might use a Virtual Private Network (VPN). If you don’t use a VPN, you might’ve at least seen this term before. When you use a VPN to browse the internet, the data that would be directly sent to and received from websites is instead routed through a server owned by the VPN provider. As a result, the Internet Protocol (IP) address you use to visit websites is the server’s address, rather than your own. Additionally, data sent to and from the VPN server would be encrypted so that eavesdroppers couldn’t learn about what you’re accessing. VPNs often use public key encryption, which was explored in a previous blog post. Both encryption and IP masking result in increased privacy.
According to Norton, applications of VPNs include accessing streaming services in another country and hiding one’s browsing habits from internet service providers. However, a VPN is particularly useful when you need to connect to an unsecure, password-free public Wi-Fi network, such as one offered by a café or an airport. Bad actors using the same unsecure public network can perform a sniffing attack. This is an attack in which they analyze (or “sniff”) packets of data sent over an unsecured network in order to steal sensitive information, such as browsing habits, login credentials for a bank website, the private contents of emails, etc. By masking your IP address and encrypting your data, the risk of suffering from a sniffing attack is greatly reduced. Thus, in addition to providing privacy for privacy’s sake, VPNs can provide a form of security as well.
However, the technology VPNs are based on isn’t strictly used for security. VPNs rely on tunneling protocols. According to Kaspersky, datagrams of a tunneling protocol (such as IPsec or OpenVPN) are used to contain data packets of different protocols that are used for web browsing or accessing services. These tunneling protocol datagrams can’t be easily analyzed, which means the data they contain is safe, so anyone working or doing business remotely can do so without worry. However, as mentioned by the website of Secure Shell (another tunneling protocol, often abbreviated as SSH), VPNs aren’t the only application for tunnels. In fact, according to Kaspersky and the SSH website, bad actors who manage to gain access to a company’s network can use tunneling to exfiltrate sensitive data and transmit malware. Because the data packets are encapsulated within tunneling protocol datagrams, they can’t be inspected by firewalls or other security-related scanners.