A reader had a question about the recent attack on a server used by the Nord VPN security service:
“I didn’t think VPNs could be hacked but I read that Nord VPN was hacked. How is that affecting VPNs?”
Nothing is hacker-proof. Absolutely nothing. That’s reassuring, right? Think of it this way. Shutting your door can help keep some intruders out of your house. Locking your door will do a better job. Adding a deadbolt will make it even harder to break in. Adding a deadbolt, buying a big dog, and installing a loud alarm makes your home even more secure. But none of these can guarantee that no one can get in. Especially if someone leaves the door unlocked.
That’s what happened with Nord VPN. It’s not like a hacker sitting in a coffee shop got into someone’s connection. In this case, a third-party data center in Finland left an old insecure management account active on a server. This allowed a breach on just the one server. Two other VPN companies that were using the same data center were also affected. Nord says no user information was accessed and there were no signs that the hackers attempted to monitor user traffic as the affected server didn’t contain any user logs. Servers with user logs are encrypted and would be extremely difficult to break into.
In this case, the lasting effect seems to be that Nord is improving its security measures. You can click here to read full details about their security audit and how they plan to make sure they don’t have an issue like this again.
One of the major changes is a transition to diskless hardware. The company plans to upgrade their entire network to RAM servers. Nothing, not even the operating system will be stored locally. Even if you hacked into or physically took the servers, you’d end up with an empty piece of hardware with nothing on it.