Foreign VPN providers could come under fire after Huawei US ban

Image credit: Shutterstock
(Image credit: Shutterstock)

VPNs could be the next major area for political investigations, according to new reprots.

A letter obtained by online security outlet, Cyberscoop, highlights the concerns of a senior US Department of Home Security official about the widespread usage of VPN (Virtual Private Network) software among government device users.

Chris Krebs, director of DHS’s Cybersecurity and Infrastructure Security Agency (CISA), wrote in a May 22 letter to Sen. Ron Wyden, D-Ore that “Open-source reporting indicates nation-state actors have demonstrated intent and capability to leverage VPN services and vulnerable users for malicious purposes.”

He added “Even with the implementation of technical solutions, if a U.S. government employee downloaded a foreign VPN application originating from an adversary nation, foreign exploitation of that data would be somewhat or highly likely.”

The privacy paradox

VPN providers have, for years, tried to avoid having established headquarters in the so-called 14 eyes territories, of which the US and the UK are founding members (as part of the five eyes). Being located in a neutral or non-aligned country like Switzerland or Panama often means more stringent privacy policies and fewer potential legal issues.

The letter was sent two days after Google severed links with Huawei making it impossible for the Chinese tech giant to produce Android-based smartphones. Sen. Marco Rubio, R-Fla, was the co-author of the initial letter that prompted a response by Mr Krebs, which alludes to the fact that foreign VPN is a cross-party concern.

It is therefore likely that closer attention will be paid to foreign ownership of VPN providers. CISA, Krebs mentioned, will continue to monitor the risk posed by foreign VPN apps and work with agencies to mitigate that risk. And it's worth checking out the best US VPNs to use in the USA.

An audit of the 190 free VPN providers on Android carried out by TechRadar discovered that 20 of them claim to be based either in China - whether VPN usage and ownership are forbidden - or Hong Kong, which is a special administrative territory of China. Handy to know if you're wanting the best VPN for China.

Via Cyberscoop