January and December can be among the most vulnerable times for VPN connections

Winter is the most popular time of the year for hackers to take advantage of staff holidays and a lack of emphasis on security to access and manipulate a company’s VPN, it has been claimed.

Research by US company Tufin Technologie, carried out on a group of hackers, revealed that as many as 81% of them viewed the winter period as the best time to gain access to business VPN connections.

Whether the motive is simple high jinks or something more criminally minded, many companies find that low levels of staff over the Christmas period and into the New Year prompt hackers to take advantage by breaking into VPNs, with common effects such as disrupted content and sensitive data being viewed by unauthorised people.

The research also revealed that weekday evenings are the most popular times for hackers to gain access to company VPNs. One of the biggest weaknesses highlighted by those surveyed was the firewalls, specifically installed to protect the VPN, with 86% of hackers claiming they could gain access to any system via the firewall.

To help businesses protect themselves and their VPNs over quiet staffing periods, Tufin Technologies offered some advice on measures that can be taken, which include testing the system regularly, restricting access only to certain IP addresses, logging all failed attempts to access the VPN and firewall and making sure that all updates and patches are as recent as possible.

$120 million extension keeps AT&T in charge of the US Postal Service’s managed VPN

The US Postal Service has renewed its managed VPN contract with AT&T, which provides them with one of the biggest managed VPN networks in the world.

The contract was originally won in 2003 and sees the provision of a massive managed VPN network throughout the United States, with over 5,500 US Postal Service facilities installed with managed VPN hardware and services.

The project as a whole has been named PATN, for Postal Advanced Telecommunications Network, and the managed VPN is supplied using AT&T’s Multiprotocol Label Switching (MPLS) network, alongside firewall, IP address and router management services. Also in the contract are interactive voice response, engineering and network design services.

One of the biggest challenges of this particular managed VPN contract is providing network access to thousands of retail points of sale throughout the country, and making sure they are all connected and running smoothly on a day to day basis.

The US Postal Service also provides Blackberry 8800 handsets to 5,400 of its employees, providing additional flexibility to the managed VPN.

The renewal of this contract, at a cost of $120 million for four years, means The Postal Service becomes one of AT&T’s biggest customers worldwide. This is just part of an estimated $600 million spent by the US Postal Service each year on telecommunications services, including the managed VPN, data and video services.

Such a large managed VPN will require a huge amount of resource to maintain its security and integrity and AT&T will be hoping to maintain this over the next four years.

Tech-savvy teenagers are increasingly turning to proxy servers to access banned websites

Recent figures suggest that many school pupils are using proxy servers to bypass school VPNs to help them gain access to banned websites, such as gaming sites and social networking sites.

The research shows that use of ‘proxies’ has risen sharply in recent years with young pupils becoming ever more tech savvy and finding ways around the restrictions installed on school VPN connections.

Many schools set their VPN configuration to restrict access to certain non-educational sites but proxy server sites allow them to simply type the URL of the site they want to visit into their page and then view the site anyway. Any monitoring facility built into the school’s VPN would show the computer as viewing only one site – the proxy site – and not any further web activity.

As well as the issue of pupils using their learning time effectively, there are also security concerns, with large VPNs, such as those used in schools, being prone to attack from malicious software and viruses. Accessing banned sites through proxy servers opens the VPN up to potential software threats and even cyber criminals, who can manipulate or even damage machines or whole VPNs.

It is possible to block certain proxy servers but there are so many of them as to render a complete block impossible – M86 Security, who monitor such sites, counted just over 7,000 in 2006, a figure that has risen to around 91,000 in 2009. New innovations in VPN security are beginning to curb this trend, however, and pupils have reported that they are finding it more and more difficult to get around VPN restrictions.