What is a VPN? A guide to Virtual Private Networks

 

You may have heard some of your friends talking about using a Virtual Private Network (VPN) but what exactly are they and is it something you should consider?

The news is full of warnings about the need to protect your data from websites, advertisers or cybercriminals. A VPN essentially acts as an extra line of defence on the internet by helping to protect your online privacy and security.

If you're concerned about your online security you're not the only one. The NortonLifeLock 2019 Cyber Safety Insights Report found that two in three people are more alarmed than ever about their privacy while 84% had taken some step to protect their online activities or personal information.

So how can a VPN help? Think of it as a protective shield every time you browse, shop online or check your social media accounts. Every time you connect to the internet, the data you send and receive is encrypted by your VPN so that third parties can't read or access it.

A VPN also allows you to remain anonymous when you're online, making it harder for your online activities to be tracked. It can act like a cloak of invisibility, allowing you to connect to the internet while masking your location and your browsing habits.

To add that line of defence, you can use a standalone VPN like Norton Secure VPN or subscribe to a single solution package like Norton 360 Deluxe that includes device security like antivirus and dark web monitoring.

Here are the top questions you may have about VPNs with the answers you need.

1. How do I choose the right VPN to protect my online privacy?

There are lots of different VPN options on the market so how do you find the right VPN for you? It helps to understand the practical benefits that this technology can offer.

Essentially, a VPN acts as an encrypted data tunnel that helps securely connect your device to an external server, which then connects to the internet. Any information you send is encrypted and sent to an external server, which forwards it on to the internet. The internet then sends a reply back to the server, which encrypts it before sending it back to you. That is designed to keep the data you send and receive secure when online.

So why do people use a VPN and what are the potential benefits for you?

2. Do I need VPN to protect my Wi-Fi connections?

Have you ever logged on to Facebook, checked your bank balance or accessed your emails using the Wi-Fi network in a coffee shop? If so, strangers on the same network could be spying on your online activity. It's like writing a message on a postcard – the intended recipient can read it but so can anyone who picks it up while it's in transit.

The ease with which these public hotspots can be exploited by hackers was famously demonstrated by seven-year-old Betsy Davis in 2015. As part of an ethical hacking experiment, she was challenged to access a laptop on an open Wi-Fi network using whatever information she could find on Google. After just 10 minutes, she was able to carry out a successful 'man in the middle attack'.

That's something you don't need to worry about with a VPN, even if you're using an unsecured Wi-Fi network. Any data you send or receive is encrypted so you're the only one who can access it.

3. Does a VPN make me anonymous online?

A VPN can also help you to preserve your online privacy. This isn't about having something to hide – everyone should be able to connect to the internet without sharing their private data.

Your smartphone or your home network has a unique internet protocol (IP) address that reveals your location. Think of it as the online equivalent of a street address or phone number that pops up when you interact with a site from that internet connection.

A VPN masks your personal IP address and location so you can remain anonymous while you browse. So how does that work?

You'll remember how a VPN sends your data to a server and then on to the internet. As far as a website is concerned, this data is coming from this server's IP address and location. A VPN provider can use multiple servers across the globe so the site has no way of knowing your actual IP address or location.

Masking your IP address also helps prevent third parties from knowing what sites you've visited. You may think that your browsing history is private, but your internet provider can know webpages that you've accessed.

Advertisers, websites and web browsers can also track your search history. They often use this information to target you with relevant ads based on your browsing habits – you might be fine with this but some people find it intrusive.

They do this by keeping a record of the online activity associated with a particular IP address. A VPN keeps this information hidden from your internet provider, your browser and websites by making them think that your activity is coming from a totally different IP address. That means it can't be tracked back to you.

4. Can I access restricted sites via VPN?

Masking your location can have some other benefits. Some people use a VPN to access websites featuring content that may be unavailable in their region.

VPNs have also been used in countries where certain sites have been blocked or banned by the governing regime.

5. Does a VPN help keep my data private and secure?

A common form of cyberattack is identity theft, where cybercriminals access or steal your personal data for criminal purposes. The amount of sensitive information that we now store or access on our devices means that it pays to take additional security precautions.

Encrypting the data that you send and receive from your devices is a good way to help safeguard this sensitive information, especially if you use these devices to make online payments or transactions.

It's not just about protecting your own personal data. If you use your device for work, any potential vulnerability could also leave your company exposed. A data breach can have huge financial or reputational consequences for the company responsible and the biggest breaches can come from a simple security flaw.

Take the example of Sky Brasil, which reported in 2018 that sensitive data belonging to 32 million customers had been left exposed by a misconfigured server which was not password-protected. This vulnerability meant that cybercriminals could easily access their customer's personal information, including payment details.

While most of us can reset a password on our Wi-Fi router at home, having an additional layer of protection like a VPN just gives you peace of mind.

6. Can a VPN help maintain my internet speeds?

Another upside of using a VPN is that it can help prevent bandwidth throttling. Depending on your contract, your internet provider may reduce the speed of your service after you've used a certain amount of data. Since providers can't track your online activity with a VPN, this can help prevent them from throttling the speed of your service.

7. Can a VPN prevent a DDoS attack (and what is DDoS)?

Another good reason to use a VPN is to avoid being involved in a Distributed Denial-of-Service (DDoS) attack, which is one of the most powerful weapons in a hacker's arsenal.

While DDoS attacks usually target businesses or organisations, individuals can also be the target of these cyberattacks. DDoS attacks are on the rise across the globe, with researchers reporting that 2020 has seen an increase in attacks. DDoS are also becoming more powerful, meaning they can take out services or sites with much greater speed.

However, there are steps that can be taken to help prevent these cyberattacks. VPNs can be a useful weapon in your DDoS protection toolkit.

What does DDoS attack mean?

When you hear about a website or online service being brought down by hackers, the chances are that it involved a DDoS attack. DDoS attacks work by flooding a site, server, network or device with so much traffic that it eventually becomes overwhelmed and crashes under the strain.

Cybercriminals usually orchestrate this type of attack with a botnet, which is essentially a network of malware-infected computers or devices. Your computer could be used in a botnet attack without you even knowing that you've been infected with malicious software. A cybercriminal can then use this army of devices to launch a co-ordinated attack at a specific target.

DDoS can be combined with extortion demands, with hackers threatening a repeat of an attack or an escalation unless a company pays a ransom in cryptocurrency.

One of the first recorded DDoS attack was carried out in 2000 by a 15-year-old called Michael Calce, who used the online alias Mafiaboy. By hacking into the networks of various universities, he was able to use their servers to crash a series of major websites that included Amazon, CNN, Yahoo and eBay.

It's not just websites that can be taken out by hackers. Gaming service providers have also been the victim of DDoS attacks, with a hacker called Austin Thompson (AKA DerpTrolling) sentenced to 27 months in prison in 2019 for a series of attacks on Sony's Playstation Network, Microsoft's Xbox, Nintendo and a number of other gaming services.

It's also becoming more common for players on online gaming sites to be hit with DDoS attacks by opponents who want to disrupt their gameplay and gain an in-game advantage. It seems like an extreme way to gain a competitive edge but it's an emerging trend in online gaming.

So what does a DDoS attack look like in this scenario? You might be enjoying your game when you suddenly experience a suspiciously well-timed drop in your connection.

If you think you've been the victim of one of these attacks, you may need to unplug modem/router, leave it off for five minutes and restart your console or computer. If connectivity isn't restored, you might even need to contact your internet provider. This isn't necessarily going to impact on your security but it will be seriously frustrating.

The growth of the Internet of Things (IoT) has also created an opportunity for hackers who want to carry out DDoS attacks. They can exploit the fact that these smart devices often lack the sophisticated security defences of a home computer or laptop.

The 2016 Dyn attack used Mirai malware to create a botnet from smart TVs, printers, baby monitors, cameras and other IoT devices and to take down sites and services that included Twitter, Netflix, PayPal, Spotify, Amazon and Reddit. Worryingly, someone claiming to be the author of the Mirai software released the source code on a number of hacker forums, allowing others to replicate it and create their own versions.

You don't even need to be a hacker to launch a DDoS attack. Some cybercriminals create botnets for sale or even for hire, with DDoS attacks reportedly available on the dark web for as little as $10 per hour.

The ease with which people can now source ready-to-go DDoS kits and the soaring numbers of poorly-secured IoT devices have all helped to contribute to the rise in these types of cyberattacks. That trend only increases the chances of you being a victim or an unwilling participant in this type of attack so it helps to take preventative action.

Can a VPN protect you from DDoS attacks?

The simple answer is yes, a VPN can be useful form of DDoS protection. In order for someone to DDoS you, they need to locate your network. For that, they need to know your IP address.

As we discussed earlier, a VPN diverts all your internet traffic through an encrypted tunnel to a server that masks your IP address. So that's a simple way that can help stop cyberattackers in their tracks.

For gamers who play peer-to-peer gaming services where you're connected directly to another player, that means that an opponent who's DDoSing fellow gamers can't see your IP address and target it mid-game. So you don't have to worry about losing to them by underhanded tactics at least.

There are also some simple steps you can take to avoid being an unwilling participant in an attack. Since unprotected devices can be infected and used in a DDoS attack, we all need to take basic precautions to help prevent our devices from being used in this type of cybercrime.

Ensure that all your devices have all the latest updates and patches helping protect them from malicious software. Make sure that you change the passwords on IoT devices instead of sticking with easily-discoverable default passwords. The Symantec Threat Landscape Trends found that 55% of IoT devices had our old friend 123456 as their password.

DDoS protection starts with knowing how these cyberattacks work and then taking the necessary steps to prevent that you become a victim or unwittingly play a part in one of these cyberattacks.

8. What questions should I ask before deciding on my VPN solution?

1. Does the VPN provider respect your privacy? Make sure that they have a no-log policy so they don't log or track your online activity.
2. What protocol do they use? OpenVPN provides stronger security than the likes of Point-to-Point Tunneling Protocol (PPTP), so make sure a provider runs the most current protocol.
   
3. Can you access the VPN on multiple devices? The chances are that you'll want to use a VPN on your phone, laptop, tablet or other devices at the same time so check if it can be used on multiple devices.
   
4. Are there data limits? Bandwidth could be a factor, depending on the VPN provider, your average internet usage and your broadband contract. Find out if you'll be able to get full, unmetered bandwidth within your data limits.
   
5. Do they offer multiple server locations? This can be a major consideration if you want to be able to access certain sites or services that may be unavailable in your region.
   
6. Are they really free? If you're using a free VPN with in-app ads, do these advertisers get access to your personal data? Free online services may be selling your data as payment for the services they provide.
   
7. Does it work on mobile? Our phones are often our main point of contact with the internet so it's important to get a VPN that supports mobile.. Most paid providers offer this as standard.
   
8. Does it block ads? Some VPNs will block those annoying pop-up ads that can clutter up your screen and cause web pages to take longer to load. These ads can also be used by cybercriminals to infect your device with malware.
9. Does it have a kill switch? This might sound ominous but it's basically a feature that automatically cuts your connection to the internet if your VPN ever disconnects. This ensures that you'll never be left exposed if your VPN's connection to its provider drops.
10. Does the VPN provide everything you need? You may find that some free VPNs don't offer the latest protocols, bandwidth or speed as paid VPNs. They can also offer fewer server locations, provide no support or have a higher disconnection rate. So weigh up what you need and decide if a free or paid option is best for you.

9. What are some of the other security solutions bundled with VPN?

Now that you've found out more about why you need a VPN, when you are doing your research, you may notice that some VPNs come with a wider package of protections, offering more cover for the user in a single solution.

For example you can get Norton secure VPN only or Norton 360 Deluxe which includes Norton Secure VPN, Password Manager and SafeCam among other features.

What is a password manager?

How many times have you forgotten a password? The reality is that most of us can sometimes struggle to remember all our passwords.

You need a password to access your email, your social media channels, e-commerce accounts, messaging apps, online banking, software accounts and the list goes on. As more sites demand that we create a user account to access them, that list is only going to get longer.

That's why a password manager can be a game changer.

Some VPNs come with a free password manager while many password managers utilise a VPN that can encrypt all of your passwords and store them more securely in a place that only you can access. The best part is that you only need to remember one password to access all of your accounts.

What is password protection?

Password protection is a simple way to prevent unwanted access to your online accounts. It's like adding a combination lock to your account to ensure that only you can access it. The key is to come up with a strong combination that you'll be able to remember and one that others can't guess.

Even with the growth of biometrics and the increasing popularity of two-factor authentication, good password hygiene remains your best form of defence from malicious attacks.

Most people have moved on from easy-to-remember passwords like PASSWORD yet the UK's National Cyber Security Centre (NCSC) recently reported that 123456 was the most widely-used password on breached accounts. Always avoid using your child's name or personal information that could be easily guessed.

You should never use a solitary word either. Hackers can also use password crackers to fly through multiple combinations of characters until they hit upon the right combination. There's more chance of this working if you have a short, one-word password.

It's recommended that passwords are a mix of uppercase and lowercase letters, numbers and symbols and that they are at least eight characters long. That's fine in theory but it can be problematic if you have dozens of different passwords to remember!

A common mistake is using the same password across multiple accounts, which has the effect of turning your online security into a house of cards. If one of your passwords becomes compromised by hackers, all your online defences could tumble down at once.

Password phishing is a tactic used by hackers to try to obtain passwords or logins using a social engineering attack. A common approach is to use a fake password reset email telling you that your password has expired and asking you to enter your old password and a new one.

If you fall for it, the hacker now has your actual password. Once a hacker has your email address and password, they could easily access details like your credit card number or other personal data that can be used against you.

Never re-use a password that you think has been compromised. In 2012, 68 million Dropbox user accounts were compromised after an employee re-used a personal password that had previously been compromised during a LinkedIn breach. The result was that hackers were able to use that password to enter Dropbox's corporate network.

The reality is that people are often easier to crack than a computer so there will always be hackers that try to exploit any password weaknesses. Why try to break into a bank when you can steal a key from a sleeping employee?

How to store passwords

So what's the safest way to store passwords, you might ask? You should never write your passwords down and you should change your passwords regularly. Having passwords attached to your computer with a sticky note is obviously a big no-no but it's something that you can still see in many offices.

It's best not to save a password when prompted to do so by a browser but to enter it manually every time you log in. It may be inconvenient but a hacker could potentially access every saved password in your browser, which may not be as secure as you think.

Is a password manager a good idea? The simple answer is yes. Not only can they remember and store all your passwords in an encrypted online vault but some will even help you to choose strong passwords. Others will identify weak or duplicated passwords and recommend which ones you should update.

The upside of this is that you can secure all your accounts with unique, complex passwords that are harder to crack, without worrying about how you'll remember them all. It will auto-fill all of your passwords when you enter a site so it takes the stress out of logging in.

Password managers can even help protect you from certain phishing attempts. 'Typo-squatting' can be used by cybercriminals to create fake websites that look like real ones, trapping people who mistype the URL of a site like PayPal. It's easy to enter your login details without realising your mistake but your password manager won't autofill your details in a fraudulent site.

Another good practice is to add two-factor authentication, which can provide an additional layer of protection to your accounts. With two-factor authentication, you'll log in as normal and then be asked to provide some additional information, such as a pin number that's been sent to your phone. So even if your password is compromised, you'll still be able to prevent unwanted access to your accounts.

Good password hygiene is a simple way to help keep your account protected from hackers or malicious software attacks. You wouldn't leave your door unlocked when you leave the house so why take the risk of unwanted intruders getting access to your online accounts.

Taking password security seriously is a simple way to help protect your accounts from digital break-ins and to keep your data more secure.

How to prevent webcam hacking

Every cybercrime is intrusive, but there's something incredibly scary about the thought of a hacker taking over your webcam and using it to spy on your most unguarded moments.

It might sound like the plot of a movie, but there's a reason that Mark Zuckerberg and former FBI director James Comey put tape over the camera on their laptops. Unfortunately, webcam hacking is a very real thing.

You're never too far away from a camera these days, whether it's on your phone, tablet, laptop or one of the many IoT devices that are commonplace in the home. So how do you make sure that these cameras are not being used against you?

How can a hacker activate my webcam?

It's easier than you think for a hacker to take control of your webcam or microphone and you may be blissfully unaware that it's even happening. Hackers can easily deactivate the light that tells you that your camera is in use.

The most common way that hackers take remote control of your camera is with Remote Access Trojans (RAT) malware that can be easily uploaded by the victim via an email attachment, or an innocent-looking link. Once they have control of a webcam, they can use it to obtain personal information or to blackmail or spy on their victims. In some cases, images of videos of the victim have appeared on voyeurism websites.

In 2018, a man in Ohio was charged with carrying out a 14-year campaign of spying on thousands of people through their devices' cameras. He used 'Fruitfly’ malware to watch and sometimes listen to his victims and record them remotely.

If you use public Wi-Fi, you could also be putting yourself at risk. Devices that are connected to a poorly-secured network can be vulnerable to cyberattack, and hackers can even target your wireless router to gain access to your home network.

It’s not just phones or laptops that can be targeted by hackers. A growing number of baby monitors have been hacked, with cybercriminals taking advantage of the security vulnerabilities in IoT devices to spy on families.

Your smart TV could also be watching you, and the stars of your favourite show may not be the only actors you should worry about. The FBI has previously advised people buying smart TVs to put black tape over the television’s camera to prevent bad actors from accessing it.

Another sinister cybercrime associated with webcam hacking is sextortion attempts, where hackers blackmail their victims with compromising images or videos they obtained through a hacked webcam. Hackers threaten to make this material public unless a payment is made.

Webcam hacking in a time of Coronavirus

Since lockdown, more people than ever are working at home and video conferencing each other with fewer network defences than they would typically have in the office.

With more people working, studying or meeting remotely in a post-Covid world, hackers have also begun targeting video conferencing software. The rise in online video calls has highlighted potential vulnerabilities that could leave users exposed. A security researcher recently found two bugs in Zoom that allowed hackers to take over a user’s Mac and access their camera and microphone.

Another trend that emerged during lockdown was ‘Zoom bombing.’ The FBI revealed that they had received ‘multiple reports’ of video conference calls being hijacked. Hackers have interrupted calls with pornographic/hate images or used threatening language.

There has also been a significant rise in the number of sextortion emails sent during the Covid-19 crisis, with people spending more time indoors and on their devices. Although many of these emails are social engineering attacks that prey on the fears of innocent people, hackers have also been actively targeting webcams during this time.

Simple steps to prevent webcam hacking

All of that may sound very scary, but the good news is that webcam hacking is one of the easiest cyberattacks to defend if you take some simple precautions.

Using a VPN is a smart way to secure your online devices by encrypting everything you do on a public Wi-Fi network, which can be especially vulnerable to hacking. A VPN also prevents your device from being accessed by other people on an open internet connection by keeping your IP address masked.

It’s just one step that can make a difference. Avoid anything that looks suspicious when you’re online and always ensure that all of your devices have the best possible security settings in place.

Here are some simple and effective ways to keep your webcam protected.

1. Use a VPN: This can help protect your devices when using public networks by encrypting your data and masking your IP address.
2. Keep everything with a camera updated: Security updates will patch potential vulnerabilities in your software that can be exploited by hackers.
3. Be careful what you click on: Avoid clicking on links or attachments from untrusted sources. If you receive a strange message or attachment from a friend, talk to them before opening it in case they’ve been hacked.
4. Get antivirus software: It’s a tried and tested way to have protection, and it can identify and help block malware before it can do any damage.
   
5. Secure your wireless network: Check the security settings of your wireless network and change the default password on your router. Remember that good password hygiene is vital.
   
6. Activate your firewall: Your computer probably comes with a firewall, which can prevent unauthorised access to your device. Always have it activated to keep the bad guys out.
   
7. Cover your camera with tape when not in use: It may not be the most high-tech solution, but it’s a pretty effective one! If it’s good enough for an FBI director, it’s good enough for you.
   
8. Use a reputable service provider when getting any devices repaired: Giving someone access to your device can leave you open to a cyberattack, so make sure that you use a reliable provider to carry out repairs.
   
9. Don’t talk to strangers online: It turns out your parents were right about strangers. Some hackers can befriend people online to get personal information that can be used to access their accounts or to get them to download malware inadvertently.
   

The benefits of a VPN

As we spend more and more time online, many of us are trying to reduce our growing digital footprint and to reduce the trail that we leave behind. This information can tell third parties where we’ve been, what we like and paint a detailed picture of who we are. More worryingly, we can’t always control what they do with this information or who they sell it to.

There’s never been a greater awareness of the need to protect our data from prying eyes. That’s why a growing number of people are embracing VPNs and attempting to restore the balance.

The advantage of a VPN is that it can offer you privacy and anonymity when you connect, giving you more control over what information you reveal. That means you can still enjoy all the benefits that the internet has to offer without having to sacrifice your right to online privacy in the process.

The security benefits are clear. Being able to connect through an encrypted data tunnel gives you peace of mind when you connect to public Wi-Fi networks (or even your home network) by masking your location and helping prevent anyone from seeing your private data. So your web activity has protection from malicious or intrusive cyberattacks and third parties who want to monetise your data.

Do you need a VPN? Only you can answer that question, but it’s hard to see the downside of any tool that can give you increased privacy and security when you’re online. As the line between the digital world and physical world blurs, this type of technology is only going to become more important in the future.

The internet has gone through some massive changes since its early days. It’s now a much more sophisticated place, with much more sophisticated threats, and one in which personal data has effectively become a valuable currency. That means that it pays to be mindful of how we interact with the digital world and to take necessary precautions when we do.

If you are thinking about getting a VPN, shop around to look for options that come with a broader package of protections. For instance, Norton 360 includes a VPN, a password manager and antivirus protection. So, you’ll be armed to stay safer, more secure and undetected whenever you’re online.