The US and China tensions continue as the Department of Homeland Security (DHS) seek to tighten their national security against further threats. The use of VPN applications by Governmental Intelligence experts is the latest area subject to checks. This is following fears of other countries intercepting these channels to steal national secrets.
The two US senators are calling for DHS to issue an emergency directive banning intelligence workers from using foreign VPNs. They wrote a letter to DHS director, Christopher Krebs, outlining its widespread use and its risks. One of the dangers described was the connection the applications have with countries not allied with the US.
VPNs act as a tunnel for data to pass through in a way that prying eyes cannot see. However, the companies providing the service can, in some cases, still access the data. This is as it transmits to local servers and potentially surveilled by the government. Read A Look Into Why Free VPN’s Can Cause More Harm Than Good for more information on the risk of using some VPNs.
Past threats to US national security
This call follows many fears of US enemies using individuals and organisations to carry out espionage. In 2015, a suspected Chinese Intelligence Officer attempted to steal technical information by using US Army reservist, Ji Chaoqun, as a spy. The US accused and later found guilty former CIA officer, Kevin Mallory, of sharing US secrets with Chinese agents in 2017. A year later, the US Department of Justice indicted 10 Chinese hackers and intelligence officers for stealing intellectual and business data. The information was on airline engine technology from U.S companies.
The US senators requested a threat assessment on the national security risks around the VPN use by workers. This review is also to include similar foreign apps. The letter further recommended the DHS issue a Binding Operational Directive if findings are in favour of one. The prohibition will be on governmental phones and computers. Huawei, ZTE and Kaspersky Lab are just a few organisations DHS passed similar directives for. For the emergency directive passed ordering governmental agencies to carry out audits following hacks on DNS systems, read DNS Hijacking of Department of Homeland Security Causes Emergency Directives to be Issued.