VPN abuse needs to be stamped out

VPN
(Image credit: Shutterstock / Elaine333)

It is fair to say that any technology (most of which are created for the good of the people) can be abused or used in ways its creators did not intend. A drug dealer, for example, can easily encrypt a communications device so that they can carry out their business without fear of detection, or an arms dealer or a people smuggler.

And this can equally apply to VPN services. The overwhelming majority of VPN usage is for legal and legitimate purposes, with many millions of consumers and businesses relying on VPNs for essential online protection. However, it is always very concerning to hear about advertising practices by a small number of service providers who willingly focus on criminals, advertising in underground forums with bad faith, which can ultimately result in criminal liability.

Just a few weeks ago, we saw law enforcement agencies from a multi-country taskforce seizing the web domains and server infrastructure of three VPN services that had provided a safe haven for cybercriminals to attack their victims. These services had been active for more than a decade and were extensively advertised on both Russian and English-speaking underground cybercrime forums. Post-lockdown, reports from the authorities detailed how this provider’s servers were often used to mask the real identities of ransomware gangs, Magecart groups, hackers and other nefarious entities. Using these illicit services had allowed cybercriminal gangs to operate very deeply behind a proxy network and carry out their illegal activities.

About the author

Sebastian Schaub is CEO at hide.me

The investigation revealed that three domains— INSORG.ORG; SAFE-INET.COM; SAFE-INET.NET.— offered “bulletproof hosting services'' to website visitors. There were three countries involved in the action - US, Germany, France and Switzerland.

This practice of “bulletproof hosting” by shady providers has also been linked to the dark web, but is actually entirely unrelated. Anyone who sets out to run "bulletproof hosting" services for websites, is effectively offering clients the opportunity to run secret online operations - and we are not talking about harmless cloak and dagger stuff. Only last year, German authorities shut down a bulletproof hosting service purportedly involved in hundreds of thousands of illegal online transactions involving drugs, contract killings, money laundering and images of child abuse. This is why we need absolute transparency in our industry and why we should promote consumer safety and privacy online wherever possible.

Bulletproof hosting services can also be described whereby web companies don't take down criminal content despite repeated requests by law enforcement officials. In this case, the service provider might choose to ignore any inbound communication or even make up excuses to hide any complaints made by users who find themselves abused by the service. The dodgy service provider might even move their customer accounts or data from one IP address to another to help prevent detection. And it is highly unlikely that they would maintain any kind of logs that could serve to incriminate them if reviewed by enforcement agencies.

As a VPN service provider we want to provide internet users with important privacy and security protections against cybercrime. This is why we are proud members of the i2Coalition and its VPN Trust Initiative (VTI). Specifically, VTI (an industry-led consortium) promotes consumer safety and privacy online by increasing understanding of VPNs and strengthening business practices. All of this serves to strengthen trust and transparency and mitigates risk for end users.

Any technology can be misused, but the overwhelming majority of VPN usage is for legal and legitimate purposes. If you are considering signing up for a VPN service, take a look at initiatives such as the i2 coalition and choose safely.

Sebastian Schaub

Sebastian Schaub, CEO, hide.me