With most people having a near-constant connection to the internet in one form or another, it’s imperative to understand the associated data privacy implications and take appropriate actions to protect sensitive information. Whether you’re using a mobile phone, tablet, laptop or desktop computer, our devices are always in communication with the internet, sometimes even without our knowledge.

Our email, file transfer services, social media sites, music and video streaming services, and so much more all regularly communicate with internet-connected devices on a regular basis. And with constant communications underway, nefarious individuals have a lot more entry points available to snoop, modify and steal our data, whether it’s personal or owned. According to IBM’s Deb Dey, “Convenience of online connectivity definitely comes at the cost of personal privacy and web security.” The good news is that an advanced virtual private network (VPN) can help prevent spying on internet and other network traffic and substantially enhance end user privacy and security.

Who Wants Your Data, and Why Do They Want It?

Governments, threat actors, private companies and others with malicious intent have a desire to intercept private communications. Some do so for political reasons, others for profit, and others to simply harass, extort and embarrass unsuspecting victims. Even simply browsing the internet on a lunch break puts a user at risk as advertisers, in partnership with corporate websites, often track who visits their sites in the hopes of acquiring personal data and/or finding ways to target specific advertisements to the casual browser.

Ever wonder how a browser on one computer knows what you searched on a different computer? Cookies and other hooks grab data when you are logged in to Google Chrome, Facebook or similar connection and carry that data over to another device. There are many ways to enhance data privacy in these cases, but one of the best methods is the consistent use of a VPN.

While a VPN does not inherently prevent advertisements, proper use of a VPN blocks outside users from seeing the source and destination of online communication. Additionally, a VPN encrypts all traffic so that even email, file transfers via File Transfer Protocol (FTP) and remote communications using Telnet will show up as gobbledygook to malicious actors. Blocking the destination of a network transmission protects an end user from a government, internet service provider (ISP) or threat actor that is trying to see where the user is going and what data they are transmitting.

Comparing Sample Traffic With and Without a VPN

The following images show network traffic from Wireshark traces of communications between a system with and without a VPN connection established while transmitting data over the internet.

The above traffic, with a VPN disabled, shows the computer sourcing the communication and the destination. Snoopers will know the exact system that initiated the traffic and where that user accessed and/or transmitted data. Also, depending on where in the network architecture the bad actor accesses the trace, he or she can find the home or device IP address as well (note: both traces herein came from an interface snooping internal network traffic). Additional tools can trace an IP to the exact geographic location of the system accessing data. The destination IP can be identified by a simple WHOIS search, as shown below:

In contrast, the trace below, with a VPN enabled, shows only traffic to and from the VPN provider. We don’t see the destination computer at all.

Since this trace was performed on the inside of a network, we see the source of the transmission. If a threat actor sat outside the network being snooped, he or she would only see a public IP address owned by a corporation or internet service provider (ISP). If a corporate administrator or ISP received a request, such as a subpoena or other court-ordered demand, to identify where the source computer was communicating from, he or she would have no idea and no way to answer the inquiry.

Looking in detail at the destination IP address, we see it’s owned by Web2Objects in New York:

In delving deeper into Web2Objects, we found the following and quickly realized this is a leapfrog, shell or hidden company — typical behavior of VPN providers.

Changing Geography on the Fly

Furthermore, certain VPN providers allow users to routinely drop and reconnect to different VPN systems in their environment, which enables end users to change their geography on a regular basis. The VPN provider I use, for example, allows me to travel virtually at the click of a button: Facebook has seen me in Tel Aviv one moment and on another device in Dallas the next moment. This will typically trigger a security feature at Facebook that requires me to log in again to prove my identity — a small price to pay for enhanced privacy.

We All Deserve Data Privacy

Data privacy matters, and we all deserve respect and consideration from those we visit on the internet. As shown by the numerous data breaches that have affected companies and individual users around the world, individuals and governments, however, we must also look out for our own personal data and privacy. Using a VPN to obfuscate your location and encrypt data is a powerful way to prevent the tracking, stalking and theft of personal and private data.

More from Data Protection

Data never dies: The immortal battle of data privacy

4 min read - More than two hundred years ago, Benjamin Franklin said there is nothing certain but death and taxes. If Franklin were alive today, he would add one more certainty to his list: your digital profile. Between the data compiled and stored by employers, private businesses, government agencies and social media sites, the personal information of nearly every single individual is anywhere and everywhere. When someone dies, that data becomes the responsibility of the estate; but what happens to the privacy rights…

Vulnerability resolution enhanced by integrations

2 min read - Why speed is of the essence in today's cybersecurity landscape? How are you quickly achieving vulnerability resolution? Identifying vulnerabilities should be part of the daily process within an organization. It's an important piece of maintaining an organization’s security posture. However, the complicated nature of modern technologies — and the pace of change — often make vulnerability management a challenging task. In the past, many organizations had to support manual integration work to get different security systems to ‘talk’ to each…

Cost of a data breach 2023: Geographical breakdowns

4 min read - Data breaches can occur anywhere in the world, but they are historically more common in specific countries. Typically, countries with high internet usage and digital services are more prone to data breaches. To that end, IBM’s Cost of a Data Breach Report 2023 looked at 553 organizations of various sizes across 16 countries and geographic regions, and 17 industries. In the report, the top five costs of a data breach by country or region (measured in USD millions) for 2023…

Cost of a data breach 2023: Pharmaceutical industry impacts

3 min read - Data breaches are both commonplace and costly in the medical industry.  Two industry verticals that fall under the medical umbrella — healthcare and pharmaceuticals — sit at the top of the list of the highest average cost of a data breach, according to IBM’s Cost of a Data Breach Report 2023. The health industry’s place at the top spot of most costly data breaches is probably not a surprise. With its sensitive and valuable data assets, it is one of…