It happened again! Russian cyber-spies carried out a wide-spread hack of several U. S. government agencies. While details are still coming in, it is believed that the attacks were carried out last spring using a software update vulnerability. The cyber-spies installed malware that created backdoors into several agencies, including the Pentagon and the Treasury Department. Although the following scenario is only speculation at this point, Russian cyber-spies may have used email phishing techniques to find vulnerabilities, like, for instance, a software company with less than adequate security.
Last March, Security Week published an article about Pawn Storm’s shift in “tactics, techniques, and procedures (TTP).”[i] Pawn Storm is a cyberespionage group reportedly linked to GRU, a Russian intelligence agency. According to the article, Pawn Storm had been sending phishing attacks to Middle East-based defense companies. Cyber-spies had been looking for high-profile credentials.
While there is no (as of yet) connection between Pawn Storm’s phishing attacks and the recent cyberattacks on U.S. agencies, both happened around the same time last spring. Is this coincidence? Perhaps. At the very least, these two cyberattacks should not be seen as happening in isolation, particularly given one very simple security threat—un-encrypted email.
Email Encryption with Trustifi
The ability to encrypt email is not new. Since sending the first email in the seventies, tech companies have been looking for ways to secure emails. Today, companies like Trustifi offer NSA-grade email encryption solutions. This includes advanced threat protection and data loss prevention across any public or private email server. Simply put, Trustifi provides the most comprehensive and easiest email security solution on the market. And when you pair Trustifi’s unmatched email security with a VPN, your data is as safe and secure as possible.
What is a VPN?
A virtual private network (VPN) is a software client and server that protects your data while on the internet. Think of it as a tunnel to the internet that only you can access. The software gets installed on your computer or other devices, which in turn connects to a “secret” server that encrypts everything you do online. This includes the sending and receiving of emails, what websites you visit, and even what you download. It is not as if the public internet doesn’t know an email was sent, it just can’t tell who sent it. Consequently, VPNs also mask your internet protocol (IP) address.
Institutional and Public Privacy
The simplest answer to why someone would want to use a VPN is privacy. Trustifi’s email encryption solution, for example, is 100% compliant with government privacy specifications such as HIPAA and HITECH. Trustifi email encryption gives users more control. With certified delivery and tracking, you will know exactly when your email has been opened and read. Running a VPN alongside Trustifi’s email encryption gives users an added layer of security. Any agency or private company that must send and receive sensitive data wants to avoid the hefty fines that come with privacy violations.
Another thing to consider about using a VPN is the availability of Wi-Fi hotspots throughout the public domain. From going to get your coffee in the morning to a visit to the grocery store, people are never far from a Wi-Fi hotspot. Although, in many cases, one needs a username and password to join hotspots, they are still in the public domain. This means what you do online can be seen by a potential cybercriminal. Indeed, these cybercriminals know this and look for exploitable internet users. The best security, in this case, is a VPN.
Using a VPN keeps what you do online away from others that might want to know what you are doing. For example, a journalist researching and writing a story about government corruption. If the government finds out about the story, it may try to shut it down before it gets published. This is especially true if the journalist communicates regularly while on the go with her publisher. Alongside Trustifi’s public/private key encryption, the publisher and journalist would be able to send and receive securely encrypted email messages.
Without a VPN, your internet service provider (ISP) knows everything you do online. Let’s say you have an embarrassing medical condition, and you want to go online to do some research. Because your ISP knows your browsing history, Google, Facebook, and others can now micro-target focused ads for products related to your embarrassing medical condition. Later a family member uses your device, and those embarrassing ads pop up. VPNs make it impossible to collect personal web browsing habits.
VPNs hide your IP address while a user is online. That said, without a VPN, someone can track where you are in real-time. An IP address is like a return address on a letter. When matched with mapping software, virtually anyone can trace where that IP address is while logged into the internet. When you use a VPN, you are assigned an IP address that isn’t yours. The tracker would still be able to trace the IP address. However, it would not be yours.
One of the best things about VPNs is you can choose your location. Let’s say you purchased a streaming sports service that only works if you’re in the U.S. However, you have to travel for work in Germany. Technically the stream sports service should not be able to work. All you have to do is tell the VPN that you’re in the U.S. This works the other way too. For example, during Cycling season, a popular streaming service only works while in Europe. But living in the U.S., a cycling fan cannot use the service without a VPN that tells the service you live in Europe.
Using Trustifi’s unbreakable email encryption solution, coupled with a VPN service client and software, will keep your data safe and secure no matter where you go. Send and receive an email with confidence to know that your sensitive data and other information is double encrypted. This unmatched privacy cannot get any better.
[i] Ionut Arghire. “Russian Cyberspies Hacked High-Profile Email Accounts for Phishing.” Security Week 20 March 2020. https://www.securityweek.com/russian-cyberspies-hacked-high-profile-email-accounts-phishing
Try Trustifi Today
Our Free Trial Is Forever Free
See if Trustifi Is Right for Your Organization