Skip to content

5G WIRELESS

  • Home
  • News
  • Videos
  • Contact Us
  • About Us

NordVPN strengthens security measures following server breach

October 31, 2019 by admin

NordVPN strengthens security measures following server breach

Sponsored Links


scanrail via Getty Images

NordVPN is taking steps to ensure customers that it can stay true to its promise of providing “secure and private access to the internet” after admitting that an attacker breached one of its servers. To start with, its in-house team of penetration testers will now be working with cybersecurity firm VerSprite to conduct comprehensive penetration testing, intrusion handling and source code analysis. The firm will also help NordVPN form an independent cybersecurity advisory committee as part of their long-term partnership.

In an effort to find vulnerabilities before a bad actor does again, it’s also launching a bug bounty program over the next few weeks. NordVPN also promises to undergo a complete a full-scale third-party independent security audit covering its hardware, software, backend architecture, backend source code and internal procedures in 2020.

The company says it’s planning to build a network of collocated servers — or servers it will fully own even though they’re located in a rented data center space — as well. It’s just currently finishing its infrastructure review to look for and remove any exploitable vulnerabilities left by third-party server providers. Finally, NordVPN says it’s planning replace its entire infrastructure with diskless servers so that nothing will be stored locally. That way, even if an infiltrator seizes a server, they won’t find anything in it.

NordVPN admitted last week that an unauthorized person accessed a server it rented from a data center in Finland back in March 2018. That data center spotted the infiltrator and removed their access without informing the company, but NordVPN found out about the incident a few months ago and ended its contract with the provider.

The company says it’s sure that the infiltrator wasn’t able to access customer data, since the compromised server didn’t contain any activity logs, usernames or passwords. An Ars Technica report says the hackers were able to steal encryption keys that could be used to stage decryption attacks on some customers. But NordVPN maintains that the “service as a whole was not hacked, the code was not hacked, the VPN tunnel was not breached and the NordVPN apps stayed unaffected.”

In this article:

gear, NordVPN, security, server breach
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Comment


Comments

Share

Tweet

Share

Save

Published at Wed, 30 Oct 2019 07:05:00 +0000

Post navigation

Previous Post:

Facebook’s Preventive Health tool urges you to take screening tests

Next Post:

PSA LIFESAVER SILHOUETTE 5800ACF flush smoke alarm

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search

Recent Posts

  • DOD Announces $600M For 5G Testing, Including At Naval Base San Diego
  • COVID lockdown increases pressure on network operators
  • Watch Google’s Pixel 5 event with us here at 2PM ET!
  • The Morning After: What the app store ‘ban’ means for TikTok and WeChat
  • You’ll need more than $299 to truly enjoy next-gen gaming

Categories

  • News
  • Videos
© 2021 5G WIRELESS | WordPress Theme by Superb Themes