Dirty Networks and Security: It’s Time We Had a Chat

By Bill Kleyman, EVP of Digital Solutions, Switch

You know the feeling. You need to connect, there are emails to be checked, and you just need some reliable connectivity. What’s that? An open and unsecured WiFi? Score! Right?

Before we dive into the fun conversation of unsecured networks and security, let’s examine why connectivity in today’s age is fundamentally different and riskier. If 2020 taught us one thing, it’s that we are deeply dependent on connectivity. We even learned that it’s less about physical infrastructure and more about our ability to connect using whatever device we can. And that’s where we need to realize how quickly our connected world is evolving. According to IDC, there will be more than 80 billion devices connected to the internet by 2025. IoT mobile statistics show that around 152,000 IoT devices will connect to the internet every minute.

In our homes and personal lives, we remain just as connected. A new report from Deloitte states that In 2022, U.S. households will remain filled with technology devices, and on average, U.S. households now have a total of 22 connected devices.

From that Deloitte report, we saw that more than half of those surveyed worry about their smartphones’ security vulnerability (54%) and smart home devices (52%).

At our workplace, security isn’t always a given, either. A report from Webroot indicates that an astounding 20 percent of respondents admit to not having, or not knowing if they have, endpoint protection in place within their organization. This is a good segway into our conversation: dirty networks, you, and your devices.

What is a Dirty Network?

A dirty network, or one that is known as a porous network, is a connected network that you either have very little knowledge about or are presented as unsecured. But that’s not the end of it. Even if you see a little encryption lock and punch in a wireless key to get in, that doesn’t mean you’re connecting to a secured environment. Let me explain.

Let’s look at wireless networks specifically. Because of the design and nature of a wireless network, a malicious actor would basically need to be close to an access point to begin to eavesdrop and even see traffic bits flowing through the network. If the access point or device is poorly configured or missing critical updates, the malicious actor can absolutely exploit that. In some cases, poor configuration means that you may be using services that allow data to be sent without encryption, posing a severe threat to your data.

A recent study of 32 million WiFi hotspots indicated that approximately 24.7% of WiFi hotspots worldwide do not use encryption. This means that by using an antenna capable of sending and receiving data at 2.4 GHz, any individual located near an access point can easily intercept and store all user traffic and then browse it for interesting data. The reality is that if you connect to a poorly configured or insecure wireless network, you open your device to anyone who is also connected to that same wireless network. Why is this so scary?

Not every application or service on your device encrypts your data. Be sure to read that statement one more time. If you’re connected to an insecure network, you may be submitting your username, email, password, and other pieces of information in wide open and easily accessible plain text. However, any data you send or receive is encrypted when encryption is used, making it challenging to read. So, unless you are 100% sure that all your apps and services are using it, you’re sending plain text over a network that anyone can access. In that scenario, a malicious actor would use a sniffer to intercept your plain-text data packets and have all the necessary access. By the way, those tools used to capture those packages are readily available to anyone, even hacking novices.

A lot has changed in how we connect and leverage connected devices at home and work. The bad news is that malicious actors have become bolder, and everyone has become a target. The good news is that security technologies have also come a long way.

VPNs are cool, but …

There are definitely some limitations with modern VPN solutions. And we learned quite a bit about that during 2020. A recent DarkReading article did a nice job outlining some of the challenges with today’s VPN systems, and I will expand on a few of their thoughts.

  1. VPNs Fail to Balance Productivity, Security, and Efficiency. This is a legit issue for many. While security, in some sense, is provided, user productivity and WAN optimization might fall short. Do organizations enable productivity and allow access, effectively endangering security? Or is all traffic routed through the security infrastructure so it can be filtered, overloading the VPN, Web gateways, and firewalls while negatively affecting productivity because of the resulting substandard user experience? 
  2. VPNs are still limited on mobile devices. As the DarkReading post points out, VPNs were designed to use a resource-intensive protocol on the setup — it takes a bit of time to connect, but the assumption is that the connection will stay alive for the duration of the user’s needs. This all changes with mobile. Every time your device goes to sleep, or you change networks, the VPN gets interrupted and has to reconnect. Furthermore, mobile apps are not built to be VPN-aware; when the VPN has to reconnect, app responsiveness suffers, and user experience suffers.
  3. VPNs are challenged with supporting modern workforces. Consider this, according to a 2016 research report, the average company’s network is accessed by 89 different vendors — contractors, partners, freelancers, etc. — every week, a figure that’s likely grown given the rapid digital transformation across industries. 

Having spent quite a bit of time in the consulting space working with load balancers, VPNs, firewalls, and other security technology, I’ve seen this industry evolve to create unique solutions to modern problems. These advancements include innovations around VPNs and connectivity. And so, let’s dive into what’s on the horizon for secure connectivity. 

Dispersed Connectivity

OK. I know that subheading is confusing but follow me for a minute. I’ve had the chance to work with many different VPN solutions and still feel that certain types of VPNs have a place in our world. But looking at what’s next is what has been exciting. I’ve been working with a new connectivity solution that focuses on a patented multi-path software architecture that goes well beyond any current security option.

I was a bit skeptical at first. But then I installed it and started testing the solution—no more skepticism. 

I started looking into the Dispersive connectivity solution and found that this tech creates a split-session multi-path, making the data stream un-hackable. You remove man-in-the-middle attacks with a uniquely encrypted multi-path VPN. There’s literally no single stream to capture. So, EVEN if you get into one stream, you’ll only have bits and pieces of data you could never use. Digging deeper, it became clear that because of this level of security and efficiency, the U.S. Army, U.S. Air Force, the Department of Defense, and the U.S. Intelligence Community all use Dispersive as their connectivity tool. 

But here’s what got me to do a double-take with this design. Not only is this a secure connectivity solution, but it also directly improves user experiences and maximizes bandwidth. After diving deeper, I saw that Dispersive creates one large, logical pipe that aggregates and utilizes all your connections: broadband, MPLS, LTE, WiFi, etc. This allows you to maximize your bandwidth across all connections. You can connect to local resources, cloud architectures, hybrid data centers, and more while securing users and their data and improving their experience. 

Why is this so special and important?

We face malicious actors every single day. And every single day, we see new targets emerge. You, your device, your organization, and your networks are all targets. Adversaries are no longer lone wolves but have become a community that tries new techniques, trades intellectual property, and sometimes works together. This next part is essential: Every organization directly encounters malicious content or actors. While some interactions do not result in harm, adversaries do not lack opportunity.

Here’s the other fact. Malicious actors persistently update their attack vectors and tools. While VPNs are great, they’ve also been around for a while and don’t often account for performance, efficiency, productivity, and even emerging security issues. 

So … if the bad guys are evolving, why shouldn’t you?

I’m not saying you need to dump your entire VPN architecture. However, taking an introspective look at your security architecture is critical, and understanding where you can make updates and improvements. In reviewing Dispersive, I found a solution that overcomes many challenges facing legacy security and VPN architectures. 

Please don’t make it easier for malicious actors to get into your devices or network. Start to look beyond traditional security solutions and see what leaders in the data security community are leveraging to stay safe.

Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.