Recent research has identified vulnerabilities in four tunneling protocols that have led to the hijacking of approximately 4.2 million internet hosts, including VPN servers, home routers, and enterprise network devices. The findings, published in a report by Top10VPN researchers on January 15, indicate that these security flaws could allow attackers to gain unauthorized access to both corporate and home networks.
According to the report, attackers can exploit these vulnerabilities to use compromised devices as one-way proxies, enabling a range of anonymous cyber activities. These activities include denial-of-service (DoS) attacks, DNS spoofing, TCP hijacking, SYN floods, and potential breaches of Wi-Fi networks. The most affected regions identified in the report include Brazil, China, France, Japan, and the United States.
Security experts warn that these vulnerabilities allow attackers to spoof source addresses and redirect network traffic through unsuspecting hosts, making malicious activities appear legitimate. Jason Soroko, a senior fellow at Sectigo, emphasized the risks posed by these vulnerabilities, highlighting concerns over unauthorized network access, stealthy DDoS attacks, and infiltration of Internet of Things (IoT) devices.
To mitigate these risks, Soroko recommended that organizations ensure tunneled traffic is only accepted from trusted endpoints. He also advised implementing proper source validation, applying security patches from vendors, and enforcing strict firewall rules. Strengthening tunneling configurations and verifying authentication checks can further reduce exposure to potential cyber threats.
Trey Ford, Chief Information Security Officer at Bugcrowd, noted that tunneling and amplification-based attacks have been a persistent issue in cybersecurity. He pointed out that similar techniques have been used in various forms for decades, including early SYN flood DoS attacks and more recent exploits involving DNS recursion and other network protocols.
Ford advised security teams to harden edge devices and limit exposure to external threats. He recommended restricting the scope of listening services and disabling unused network features to minimize the risk of unauthorized access.
As cybersecurity threats continue to evolve, experts stress the importance of proactive security measures and ongoing monitoring to safeguard networks against potential exploits.
Discover supply chain news insights on The Supply Chain Report. Enhance your international trade knowledge at ADAMftd.com with free tools.
#Cybersecurity #NetworkSecurity #TunnelingProtocols #InternetVulnerabilities #DataProtection #ITInfrastructure #ZeroDayExploit
