Home / News / CISA Lead Christopher Krebs Says VPN May Help Hackers Spy on US

CISA Lead Christopher Krebs Says VPN May Help Hackers Spy on US

Christopher Krebs

Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency and 2019 Wash100 Award recipient, confirmed that other countries like Russia and China could use virtual private network apps to spy on the U.S. He said in a letter issued on May 22 that some nation-state actors are trying to leverage VPN services for malicious purposes.

“If a U.S. government employee downloaded a foreign VPN application originating from an adversary nation, foreign exploitation of that data would be somewhat or highly likely,” Krebs said. “This exploitation could lead to loss of data integrity and confidentiality of communications transmitted over the application.” He noted hackers may gain access to phone contacts, user history, photographs and geolocation.

Krebs made the remarks in a letter to Sen. Ron Wyden, D-Ore., who had asked the Department of Homeland Security to analyze potential threats of foreign-owned VPN applications. However, the letter did not detail evidence of cyber espionage that used VPN apps. Krebs noted DHS considers spying risk from VPN as a “low to moderate impact.”

Check Also

USCIS Launching System Modernization, Supply Chain Security Initiatives

The U.S. Citizenship and Immigration Services is working on modernizing its systems and fortifying software security at the supply chain level, Federal Times reported Friday. Adrian Monza, chief of the Department of Homeland Security component's cyber defense branch, told the publication that USCIS is launching “very significant” modernization efforts and that other agencies must be able to defend their networks against threats to financial databases.