One of the most popular and highly recommended virtual network providers, NordVPN, confirmed last week that one of its data centres in Finland was breached in March 2018. To prevent the same from happening again, the company has partnered with Versprite, a US-based cybersecurity consulting and solutions firm founded in 2018.
Versprite will be pen testing and optimising the security infrastructure of NordVPN to safeguard user data to ensure that their database isn’t breached again.
The attacker gained access to the server by exploiting an insecure remote management system. The company rented its servers in this data centre and said that they were unaware that the provider had such a remote management system in place. NordVPN said that none of the other data centres was affected by the breach. The company learnt about the breach earlier this year and terminated their contract with the said data centre provider soon thereafter.
According to a statement by the company, “The partnership will include threat and vulnerability management, penetration testing, compliance management and assessment services. VerSprite will also help to form an independent cybersecurity advisory committee, which will consist of selected experts and oversee NordVPN’s security practices.”
You can check out the timeline of the NordVPN breach in this article.
“We are planning to use not only our own knowledge, but to also take advice from the best cybersecurity experts and implement the best cybersecurity practices there are, and this is the first of many steps we are going to take in order to bring the security of our service to a whole new level,” says Laura Tyrell, Head of PR, NordVPN. “The changes we’ve outlined will make you significantly safer every time you use our service. Every part of NordVPN will become faster, stronger, and more secure – from our infrastructure and code to our teams and our partners.”
Last Wednesday, in an email to Candid.Technology, NordVPN said that that it wasn’t a targeted attack on them and at least two other VPN services were impacted by the same intruder. The company also believes that other services that were renting servers from the data centre, which was breached, might have been affected too.
The company also mentioned that they’ll be starting a bug bounty program soon and now they’ve announced that the program will be started over the next few weeks.
In addition to the partnership with Versprite and the aforementioned bug bounty program, NordVPN also plans to complete a full-scale third-party independent security audit in 2020, which will test the company’s hardware, software, backend architecture, source code and internal procedures.
Also, the company is planning to move its entire infrastructure of 5100 servers to RAM servers, which according to the company will enable them “to create a centrally controlled network where nothing is stored locally — not even an operating system”.