Censys: The World of Attack Surface Management
Photo credit: kovop58 - stock.adobe.com
The days of the VPN have long been numbered. What was once a way to allow one or two employees to access applications outside of the office is now being used across entire workforces, more so now during the pandemic. However, as Tarun Desikan at Banyan Security outlined in our most recent Tech Chat, any network engineer present at the advent of VPNs will tell you: VPNs were never supposed to get this far. Specifically, they were never designed to accommodate entire companies, and certainly not the entire working-from-home population.
Thus, as VPNs soared in popularity, they also became subject to higher scrutiny. Increasingly, businesses began to encounter the shortfalls of VPNs, including its inherent latency issues, as well as encryption and anonymity concerns. Before long, attitudes towards VPNs began to change. In fact, when we polled our LinkedIn followers on whether VPNs should be retired, 63% voted yes.
However, despite the end being seemingly nigh, an unexpected source appears to have bought VPNs some more time before their retirement: TikTok.
TikTok is the video-sharing social networking site responsible for some of the catchiest songs and dance routines of the year. As you’ll likely know by now, countries around the world have banned (India) or are threatening to ban (USA) the app due to concerns surrounding inappropriate content and/or national security. However, with a reported user base of over 1 billion, not all will be inclined to go quietly.
In countries where the app is banned, users take advantage of VPNs. By ‘geo-spoofing’ their IP address, users can change their location, which in turn allows them to access apps and content as though they reside overseas. Many young internet users will already be familiar with VPNs. For some, it's a sneaky way to get around internet parental controls which block sites unsuitable for children. Others may use VPNs to access streaming content not available in their country, such as accessing Netflix USA rather than UK, where the viewer lives. Of course, TikTok's user base is of a younger demographic, so the likelihood is that they are already familiar with what they need to do to keep enjoying the app.
However, given the drastic measures governments are taking of keeping the app out of the country, VPNs may be no match for the ban. In particular, governments may wish to remove VPNs from local app stores or even criminalise its usage to deter people from getting past the rules. Therefore, we won't see the true correlation between the ban and VPN usage until we know exactly how the ban will be enforced.
In turn, it's probably inaccurate to say that VPNs are becoming obsolete. Rather, the business need for VPNs will likely deteriorate, but for personal use, it's here to stay.