Skip to content
Imran ViraniOct 2, 20225 min read

Cyber Primers: VPNs and Network Security

Accessing the Internet without the proper protection can be a risky proposition. When you browse the Web with an insecure public network, you leave your IP, activity, and data open to malicious threat actors. Network security, an essential part of cybersecurity, can help manage such risk by implementing technologies that enforce privacy and limit exposure to hackers. How can this be done?

What is an IP address, and how does it work?

First, let’s explain IP addresses, how they work, and how they can be used for tracking purposes.

Internet Protocol (IP) addresses are unique 32-bit addresses that allow for bidirectional communications across the Internet through routing, and are assigned to your online devices by your internet service provider (ISP). Each device has a unique IP, which is required for internet access. As addresses, they can potentially reveal your geolocation, a general address identifier (often a ZIP or area code), and your ISP. When you are online, the sites you visit are able to know your IP address, with it acting as primary evidence of your digital footprint. While the information an IP provides may not seem excessively personal or private, it can still be used for a number of nefarious purposes, including the spoofing of IP addresses to commit Distributed Denial of Service (DDoS) attacks.

Why shouldn’t I connect to a public Wi-Fi network?

For people that are on the go and do not want to use up their cellular data, the allure of public Wi-Fi is understandable. More than that, it is increasingly common, with restaurants, airports, shopping malls, and other commercial areas offering free public networks for their patrons. Despite this convenience, not all public Wi-Fi is created equal, and people should always be conscious of the risks associated with connecting to public Wi-Fi. Firstly, there is the possibility that a public network is not being provided by the party it claims to be, as public networks can be easily cloned by savvy attackers (known as “wifi spoofing”), causing unsuspecting users to fall into a hacker’s lap. For insecure networks that do not employ encryption, users are left open to the possibility of Man in the Middle (MITM) eavesdropping attacks. In the case that a public Wi-Fi network is both genuine and encrypted, other problems exist as well. Firstly, many of these networks require personal identifiers (name, phone number, email address) for connecting, making you provide information that will clog up your inbox and make you a potential target for spam/phishing scams if this information is sold online. Beyond this, these networks are overseen by third parties, which track your activity. In short, even legitimate, well-encrypted public networks present problems. Whether these problems are too significant for you to use public Wi-Fi depends on your risk tolerance level and willingness to leverage VPNs.

What does a Virtual Private Network (VPN) do?

By far, the best source of action for ensuring you have a secure connection to the Internet is to utilize a Virtual Private Network, or VPN. VPNs provide a secure internet connection by encrypting your connection to the Internet and routing it to a different location, hiding your online activity from prying eyes and obfuscating locational cues. On top of hiding your online activity from third parties and changing your IP address to one that can be thousands of miles from your location, a VPN also changes your Domain Name System (DNS). A DNS translates addresses typed into a browser into an IP address that routes internet traffic. This is a concern with public Wi-Fi, as the DNS will inform the network of every website you visit. VPNs remedy this by changing it from one attached to your ISP (the default for many online users) to a unique DNS given by your VPN provider. In effect, VPNs allow you to browse the internet without having to look over your shoulder to see who might be tracking your online activity.

Beyond safety, VPNs are also helpful for people who wish to bypass geo-blocking. Geo-blocking is when an entity (often a streaming or content platform) limits the availability of web content to a user based on geolocation. With a VPN, users can choose their online locations. This allows them to circumvent geo-blocking and access the streaming content of whatever country they wish. While this has made VPNs popular for people who stream digital content unavailable in their regions, it has also fostered freedom of information and expression. In countries that block social media companies and internet browser results, VPNs allow citizens to bypass these blocks and access an internet unfiltered by governmental restrictions. In this capacity, VPNs protect what you are doing online and what you can do online. While VPNs are not perfect (our partner KnowBe4 has an excellent series of articles tracking the exploits of hackers that have circumvented or directly targeted VPNs), they are a good option for network security.

How do you ensure a secure home network?

Even if you utilize a VPN and steer clear of public networks, there are dangers inherent to browsing on your home network as well. Namely, keeping the default password from your router leaves your network open to anyone who can get access to it, including hackers that can hijack your network, lock you out, access your files, and introduce malware on your connected devices. Easy ways to prevent this include turning on wireless encryption to prevent outside infiltration, changing your Wi-Fi password to something unique and complex, limiting who has access to your Wi-Fi by removing unknown or unused devices, and regularly updating your router to make sure it carries the latest software.

With the variety of threats one must be cautious of when engaging in online activity, your network should be the least of your worries. By following these tips, people and organizations alike will be able to ensure that, at the very least, their networks are secure, reliable, and can be utilized for their intended purpose.

Tips for secure networks

  1. Avoid using public networks, these are often unsecured and put you in prime visibility for malicious actors.

  2. Use a reputable Virtual Private Network (VPN) to keep your IP protected and reduce the amount of browsing data your ISP can log, but remember that they aren’t a perfect fix.

  3. Anyone connected to your WiFi is able to listen to network traffic, so in order to prevent people you don't know from connecting, change your router’s default password and set a strong new one.