CISA Lead Christopher Krebs Says VPN May Help Hackers Spy on US

Christopher Krebs

Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency and 2019 Wash100 Award recipient, confirmed that other countries like Russia and China could use virtual private network apps to spy on the U.S. He said in a letter issued on May 22 that some nation-state actors are trying to leverage VPN services for malicious purposes.

“If a U.S. government employee downloaded a foreign VPN application originating from an adversary nation, foreign exploitation of that data would be somewhat or highly likely,” Krebs said. “This exploitation could lead to loss of data integrity and confidentiality of communications transmitted over the application.” He noted hackers may gain access to phone contacts, user history, photographs and geolocation.

Krebs made the remarks in a letter to Sen. Ron Wyden, D-Ore., who had asked the Department of Homeland Security to analyze potential threats of foreign-owned VPN applications. However, the letter did not detail evidence of cyber espionage that used VPN apps. Krebs noted DHS considers spying risk from VPN as a “low to moderate impact.”

Check Also


NSWC Crane Team Receives Naval Aviation Enterprise Award

The U.S. Navy has honored a team from Naval Surface Warfare Center Crane with the Naval Aviation Enterprise Award for the design, development, testing and rollout of a $13M fix for the P-8A Poseidon aircraft's turret deployment unit issue.