Are VPNs Compromising Cybersecurity?
This post is also available in: 
עברית (Hebrew)
A report released by CrowdSec details the landscape of the behavior of malicious cyber actors in which it analyzed data regarding IP addresses that were identified as malicious.
They concluded that most of the malicious activity is currently coming from Russia, the US, and India, with over a million IP addresses reported as malicious in each country. They emphasized, however, that it represented a “localization” rather than the actor’s nationality.
So what are these malicious Ips and why should we worry about them?
According to Cybernews, the majority of what is considered “malicious activity” is attributed to scanning, which that a threat actor actively scanning the internet looking for flaws they could exploit for unauthorized access, DDoS, or any other type of attacks.
The report further details that nearly 60% of malicious IP addresses engage in scanning, while over 23% are trying to exploit known vulnerabilities, and CrowdSec claims that this is the most dangerous threat.
The third most common threat is brute force, where threat actors go after the most common and weak passwords – usually set by default.
With the high adoption of IPv6 (Internet Protocol version 6), cybersecurity experts and researchers began registering increased new threats linked to IPv6 addresses- 20% of reported IPs are currently linked to IPv6.
CrowdSec responded to raised concerns that criminals rely on VPNs to fake their location and throw law enforcement off track, saying it is not a reason for worry. “VPN’s rise in popularity over the past few years sounded the alarm to many organizations. The joint action by Europol and ten other countries in January 2022 to take down VPNLab.net – a VPN provider whose services were being used in support of serious criminal acts – seemed to reinforce the concern that VPNs are a convenient tool for cybercriminals.”
According to CrowdSec data, only 5% of reported IP addresses are flagged as VPN or proxy users.
This information was provided by Cybernews.
