Article
Cyber Security

Cybersecurity companies welcome Europol's latest VPN news

By Vikki Davies
January 19, 2022
undefined mins
Europol has announced several law enforcement authorities dismantled a VPN service that was being utilized by cybercriminals in order to deploy ransomware

Cybersecurity companies have welcomed the news from Europol that several law enforcement authorities dismantled a VPN service that was being utilized by cybercriminals in order to deploy ransomware.

In a co-ordinated operation 12 law enforcement agencies from Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the United States and the United Kingdom - seized or disrupted 15 servers that hosted the service of VPNLab.net.

VPNLab.net has been a highly popular choice for cyber criminals due to the ability to remain undetected from law enforcement. In the past, it has been advertised on the Dark Web as a valuable tool for criminals. 

Neil Jones, Cybersecurity Evangelist, Egnyte, says: "It is a breath of fresh air to see that international law enforcement is focusing their efforts on technology providers that offer cyber-attack-friendly environments and make it easy for Ransomware as a Service (RaaS) providers to perpetrate potential attacks. It is also a positive sign to see that the VPNLab operation spanned multiple European and North American countries, because it is extremely easy for a cyber-crime enterprise to wind down its operations in one country, only to re-emerge in another country. In this particular case, dozens of companies may have thwarted cyber-attacks.

"If a technology solution has a price that's too good to be true, evaluate it carefully before putting it into production at your organisation."

Steve Moore, chief security strategist, Exabeam, adds: "Twelve international organisations were involved in this specific action, and it took 60 meetings to pull off. 

"While we don’t know, it’s possible this VPN platform was used in recent attacks beyond ransomware. In parallel, the FSB claims they have arrested several members of the REvil ransomware gang: 25 homes owned by 14 members in several Russian cities. 

"What does this mean for the corporate defender? You might have felt alone for many years, and you probably still do, however, relationships matter more than ever. Major attacks require the engagement of law enforcement by defenders. Security teams need to educate their leadership on what this means, specifically as it affects the response timeline. Waiting for a more extensive and timed global action can mean a greater good, in short, patience.”  

How to prevent potential ransomware attacks

Egnyte's top four tips for preventing ransomware: 

1) Provide security awareness training to end-users, especially about the danger of phishing messages

2) Always utilise Multi-Factor Authentication (MFA)

3) Restrict users' file access, based on their "Business Need to Know"

4) Evaluate ransomware detection technology

EgnyteExabeamEuropol
Share
Share

Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI