November 2, 2018 By Security Intelligence Staff 4 min read

With most people having a near-constant connection to the internet in one form or another, it’s imperative to understand the associated data privacy implications and take appropriate actions to protect sensitive information. Whether you’re using a mobile phone, tablet, laptop or desktop computer, our devices are always in communication with the internet, sometimes even without our knowledge.

Our email, file transfer services, social media sites, music and video streaming services, and so much more all regularly communicate with internet-connected devices on a regular basis. And with constant communications underway, nefarious individuals have a lot more entry points available to snoop, modify and steal our data, whether it’s personal or owned. According to IBM’s Deb Dey, “Convenience of online connectivity definitely comes at the cost of personal privacy and web security.” The good news is that an advanced virtual private network (VPN) can help prevent spying on internet and other network traffic and substantially enhance end user privacy and security.

Who Wants Your Data, and Why Do They Want It?

Governments, threat actors, private companies and others with malicious intent have a desire to intercept private communications. Some do so for political reasons, others for profit, and others to simply harass, extort and embarrass unsuspecting victims. Even simply browsing the internet on a lunch break puts a user at risk as advertisers, in partnership with corporate websites, often track who visits their sites in the hopes of acquiring personal data and/or finding ways to target specific advertisements to the casual browser.

Ever wonder how a browser on one computer knows what you searched on a different computer? Cookies and other hooks grab data when you are logged in to Google Chrome, Facebook or similar connection and carry that data over to another device. There are many ways to enhance data privacy in these cases, but one of the best methods is the consistent use of a VPN.

While a VPN does not inherently prevent advertisements, proper use of a VPN blocks outside users from seeing the source and destination of online communication. Additionally, a VPN encrypts all traffic so that even email, file transfers via File Transfer Protocol (FTP) and remote communications using Telnet will show up as gobbledygook to malicious actors. Blocking the destination of a network transmission protects an end user from a government, internet service provider (ISP) or threat actor that is trying to see where the user is going and what data they are transmitting.

Comparing Sample Traffic With and Without a VPN

The following images show network traffic from Wireshark traces of communications between a system with and without a VPN connection established while transmitting data over the internet.

The above traffic, with a VPN disabled, shows the computer sourcing the communication and the destination. Snoopers will know the exact system that initiated the traffic and where that user accessed and/or transmitted data. Also, depending on where in the network architecture the bad actor accesses the trace, he or she can find the home or device IP address as well (note: both traces herein came from an interface snooping internal network traffic). Additional tools can trace an IP to the exact geographic location of the system accessing data. The destination IP can be identified by a simple WHOIS search, as shown below:

In contrast, the trace below, with a VPN enabled, shows only traffic to and from the VPN provider. We don’t see the destination computer at all.

Since this trace was performed on the inside of a network, we see the source of the transmission. If a threat actor sat outside the network being snooped, he or she would only see a public IP address owned by a corporation or internet service provider (ISP). If a corporate administrator or ISP received a request, such as a subpoena or other court-ordered demand, to identify where the source computer was communicating from, he or she would have no idea and no way to answer the inquiry.

Looking in detail at the destination IP address, we see it’s owned by Web2Objects in New York:

In delving deeper into Web2Objects, we found the following and quickly realized this is a leapfrog, shell or hidden company — typical behavior of VPN providers.

Changing Geography on the Fly

Furthermore, certain VPN providers allow users to routinely drop and reconnect to different VPN systems in their environment, which enables end users to change their geography on a regular basis. The VPN provider I use, for example, allows me to travel virtually at the click of a button: Facebook has seen me in Tel Aviv one moment and on another device in Dallas the next moment. This will typically trigger a security feature at Facebook that requires me to log in again to prove my identity — a small price to pay for enhanced privacy.

We All Deserve Data Privacy

Data privacy matters, and we all deserve respect and consideration from those we visit on the internet. As shown by the numerous data breaches that have affected companies and individual users around the world, individuals and governments, however, we must also look out for our own personal data and privacy. Using a VPN to obfuscate your location and encrypt data is a powerful way to prevent the tracking, stalking and theft of personal and private data.

More from Data Protection

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Skills shortage directly tied to financial loss in data breaches

2 min read - The cybersecurity skills gap continues to widen, with serious consequences for organizations worldwide. According to IBM's 2024 Cost Of A Data Breach Report, more than half of breached organizations now face severe security staffing shortages, a whopping 26.2% increase from the previous year.And that's expensive. This skills deficit adds an average of $1.76 million in additional breach costs.The shortage spans both technical cybersecurity skills and adjacent competencies. Cloud security, threat intelligence analysis and incident response capabilities are in high demand. Equally…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today