Why Secure Remote Access Is Like The Emperors New Clothes – Charl van der Walt, Wicus Ross – BH2020

Our research for Black Hat demonstrates that the Secure Remote Access or so-called ‘VPN’ technologies typically used by enterprises to facilitate access to their networks for remote employees are poorly understood, improperly configured and don’t provide the full level of protection typically expected of them. This isn’t because of bugs in the technology, but rather due to a ubiquitous scenario in which the remote worker is connected to Wi-Fi that is is untrusted, insecure or compromised. We demonstrate that in this common use-case ‘VPN’ technologies do not act as we expect them to and therefore expose several opportunities to an attack with control over the Wi-Fi access point.

To get access to the most recent results from our studies, updates, additional demos and other resources on our research, visit: https://orangecyberdefense.com/global/insecure-remote-access/. Visit https://securityweekly.com/summercamp2020 to view the Live Stream and previously recorded micro-interviews.

Chat live with the Security Weekly Staff, Hosts, and Guests in our Discord Server: https://discord.gg/pqSwWm4

Full Episode Show Notes

Why Secure Remote Access Is Like The Emperors New Clothes



Paul Asadoorian
Paul Asadoorian – Founder & CTO


Charl van der Walt
Charl van der Walt – Global Head of Security Research
Wicus Ross
Wicus Ross – Senior Security Researcher