đ CloudSEK has raised $19M Series B1 Round â Powering the Future of Predictive Cybersecurity
Read More
Protect your organization from external threats like data leaks, brand threats, dark web originated threats and more. Schedule a demo today!
Schedule a DemoAt the beginning of this month, the Indian Home Ministry made a startling proposal to ban VPN services such as NordVPN, ExpressVPN, etc., which sent shock waves across the digital community.Â
A virtual private network (VPN) extends a private network across a public network, allowing users to send and receive data as if their computers were physically linked to the private network. It is simply an encrypted connection between a device and a network over the Internet.Â
VPN is used widely across the globe by people both within and outside the information security community. Primarily, VPN allows users to stream blocked content, secure remote work, surf the web anonymously and maintain data privacy. According to the data gathered by Atlas VPN, India ranks fourth on VPN adoption rate.
In its latest proposal released by the Parliamentary Standing Committee on Home Affairs, the ministry urges the government to permanently ban VPNs in India owing to their extensive application in various cybercriminal activities, circumventing security protocols while avoiding detection. This article delves into the possibility of blocking VPNs permanently and the potential consequences of the same.Â
Yes, it is possible to restrict VPNs, but the more relevant question is whether or not it would be 100% effective. For instance, when the Indian government banned TikTok and PUBG, it wasnât enough to prohibit public individuals from using these applications. Through alternate routes they were able to easily bypass the ban on these Chinese applications. If amateurs are capable of evading state-imposed bans such as these, cyber crooks who are armed with sophisticated tools and technology.
Popular techniques such as Deep Packet Inspection helps to resolve this issue. Deep Packet Inspection or DPI is a type of data processing technique by which the data being sent over a computer network is inspected in detail. This system detects, alerts, blocks, re-routes, or logs malicious traffic. In addition to DPI, IP address or port blocking techniques can also be leveraged to efficiently block VPN usage.Â
China uses QoS (Quality of Service) filtering along with DPI, to slow down network traffic for unwanted connections that eventually lead to a timeout error and/ or dropping of the connection. Previously, Reliance JIO has used a packet filtering technique based on Server Name Indication (SNI) inspection to block access to certain websites.
If the VPN ban were to take effect in India, the government would release a mandate for Internet Service Providers (ISPs) to block commonly used VPN protocols along with the various ports used by these VPN services. However, less technical ISPs will still have a difficulty while implementing an effective blanket ban over VPN services.
The pandemic has forced more businesses to opt for remote work than ever before. And this caused VPN adoption rates to skyrocket across the globe, to combat security concerns that come with the territory. However, this begs the question: Will a VPN block jeopardize the security of large corporations and businesses?Â
From the information we have gathered, it is safe to assume that these restrictions do not apply to VPN tunnels used by huge firms or businesses, but rather to VPN companies that help commoners circumvent the current internet restrictions enacted in India to combat cybercrime. We also think the government would allow companies that comply with Indian data protection laws and regulations, to use VPN as and when necessary.
Regulating VPNs without blocking their services is a laborious task. As mentioned earlier, the primary targets of the Indian government would be VPN service providers. Thus, forcing an offshore company to comply with the local data laws and share user information could strain relations with large MNCs and investors from other countries.
Imposing this ban isnât an effective way to prevent individuals from using VPN. Those who intend to use it can easily find a way around the ban. Instead of banning VPNs, India should focus on increasing its diplomatic relations around the world. This will facilitate easier data sharing and eventually lead to a much larger pool of information which can be made useful. The EuroPol Joint Cybercrime Action Taskforce’s recent arrests, which effectively took down a large cybercrime syndicate, demonstrates the effectiveness and coordination of such diplomatic connections.
The primary concern of any government would be to protect its citizens and their individual rights. This leads to an important question: Would the state rather ban VPN altogether and curb cybercriminal activities targeting such services or prioritize privacy protection of its citizens? Both these conditions are mutually exclusive and cannot occur simultaneously.
It is our understanding that the Indian government would implement the ban with the primary objective of preventing cybercriminal activities. However, cyber crooks operating today are very skilled and use highly sophisticated techniques besides VPN services to avoid being traced back to their original identity or IP address. This is especially true of state-sponsored threat actors or experienced cybercriminals who employ a variety of approaches and operational security tactics to avoid being traced.
For instance, an experienced cybercriminal wouldn’t use their own personal computer to carry out an attack. Instead, they would use secure tunnels or Remote Desktop Protocol (RDP) to gain access to an already compromised computer located in a different country that has poor diplomatic relations with India, to carry out the attack. In that case, the investigating officers will still have trouble tracing back the original attackers or perpetrators to their sources.
RBI guidelines for banks to combat escalating cyber attacks
Top open source resources to stay vigilant against COVID-themed cyber attacks
Take action now
CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.
Digital Risk Protection platform which gives Initial Attack Vector Protection for employees and customers.
Software and Supply chain Monitoring providing Initial Attack Vector Protection for Software Supply Chain risks.
Creates a blueprint of an organization's external attack surface including the core infrastructure and the software components.
Instant Security Score for any Android Mobile App on your phone. Search for any app to get an instant risk score.