With Coronavirus reaching over 330,000 cases (and counting), VPNs are the last thing you'd expect to be on people's minds. Yet here we are - because of the Coronavirus, VPN usage actually increased significantly over the past days and weeks.
This is the main source we came across. It's from AtlasVPN, and - according to their research - they saw a huge increase in traffic on their servers. Here are some highlights:
- 112% in Italy;
- 53% in the US;
- 38% in Iran;
- 36% in Spain;
Of course, that source alone isn't 100% reliable. We're not saying AtlasVPN is not trustworthy, but they are a relatively new VPN service. Also, they ran a Coronavirus promotion recently that offered users three free months of the premium service. That likely contributed to their traffic boost.
So, we dug around for more info, and successfully managed to find other sources to back up the VPN usage boost during the Coronavirus pandemic:
- According to this article, NordVPN also reported a 165% increase in the number of average daily users. Google also saw a six-to-tenfold increase in VPN-related searches since the start of the year.
- The founder and CEO of OpenVPN Technologies Inc. said they saw an increase in new customers and the activity of existing customers. The CMO of Pulse Secure also reported an increase in sales and customer activity.
So yeah, overall it's pretty safe to say that more and more people are starting to use VPNs right now. In this article, we're going to take a look at why that's happening, and also answer some questions you might have.
So Coronavirus Caused a Surge in VPN Traffic, But Why Exactly?
Alright, so what exactly influenced this surge in VPN traffic during this crisis? Well, here are three reasons we think contributed to this:
1. More People Are Working From Home Now
Most businesses are starting to switch to a work-from-home model. It's not possible for everyone, of course, but enough are doing it that some argue we might see a revolution in the work-from-home model in the future.
Speculations aside, right now, a lot more people are working from home than before. And while that is convenient for some, it's pretty risky for businesses.
Because most people don't secure their home networks. They don't even bother to change the default admin credentials. Which would explain why cybercriminals had an easy time compromising thousands of routers back in 2018.
And hackers are taking advantage of that. In fact, according to data, 40% of businesses saw an increase in cyber attacks after having employees work from home.
It's no surprise why that's so concerning. We're not just talking about DDoS attacks that take down servers (though, those are costly too). Instead, the problem is hackers can compromise network vulnerabilities to monitor employee traffic. The end result is obvious - they'll get away with valuable company data.
And that very likely contributed to a huge increase in VPN traffic during the Coronavirus crisis. Since VPNs encrypt Internet traffic, cybercriminals can't monitor online communications. If they try, they'll just see random strings of symbols - gibberish, basically. So they're a must-have.
Businesses have either started using their own corporate VPNs, or they've started buying enterprise or commercial VPN licenses for their users. If you don't know what those terms mean, here's a quick brief:
- Corporate VPNs - VPNs that large businesses normally build in-house and run independently.
- Commercial VPNs - Third-party VPN services people buy for individual use. Some examples include NordVPN and ExpressVPN.
- Enterprise VPNs - They're similar to commercial VPNs, but are tailored to businesses instead of individual users. Perimeter 81, NordVPN Teams and OpenVPN Access Server are good examples.
If you're not 100% sure about getting a VPN for your employees when they work from home, here are six good reasons you should do that. In case you're a freelancer who works from home, here is an article detailing why you should get a VPN too.
2. People in Quarantine Are Bored at Home
Due to the Coronavirus, VPN traffic also likely increased because more and more people are stuck in their homes now. They need t
o self-quarantine for around two weeks if they are sick, work from home, take a mandatory paid (or sometimes unpaid) leave, or comply with laws that now require them to stay at home most of the time.
Whichever the case, they're left with a lot of free time on their hands, and no way to spend it. We have actually seen tons of threads on Reddit where people ask what movies, books, or video games they can use to pass the time. There are also dozens of online articles (like this one) offering people suggestions on how to pass the time.
While we're on the topic, if you're having a hard time deciding what streaming services to pass the time with, here is a little help:
- A comprehensive article talking about the best streaming services.
- A quick and in-depth overview of the best Live TV streaming platforms.
3. People Stuck at Home Want to Prevent Bandwidth Throttling
However, there is really no guarantee your ISP might not try any shady stuff to get rid of some network congestion - which is actually a pretty big problem now. Plus if you're not in the EU, the law doesn't really prevent your ISP from intentionally slowing down your speeds.
So, to protect themselves against potential bandwidth throttling, people likely started using VPNs. Since they encrypt traffic, ISPs can't monitor it to see what specific online services people use. Also, a VPN stops ISPs from seeing what websites their users connect to. They'll only see the IP address of the VPN server.
Overall, that prevents ISPs from throttle data for specific online services.
Should All Businesses Use Corporate VPNs?
Not really. It's mostly large businesses that use them. In fact, most of them likely already have a corporate VPN in place.
But if you're a small or mid-sized business, a corporate VPN might not be an ideal investment.
Because it doesn't come very cheap. Even if you use OpenVPN which is open-source and free, you'll still have to pay for your own servers. And considering how much of an issue bandwidth will be, you'll likely have to pay extra for it.
All in all, it can add up to paying $1,000+ per month (per server), if not more.
And that's not all. You'll also have to:
- Train your employees how to use the VPNs. They tend to be less user-friendly than commercial/enterprise VPNs.
- Your IT team will need to set up VPN connections on office computers and employees' personal devices.
- Your IT team will also have to regularly monitor VPN connections.
- If you have your own physical servers, they'll need regular maintenance.
So yeah, just a ton of more expenses.
But that's not all. If your IT staff doesn't have enough experience with corporate VPNs, they could put all your company data at risk.
Last year, some of the most popular corporate VPN solutions (Fortinet, Pulse Secure, and Palo Alto Networks) had serious security flaws. If your staff doesn't properly patch your servers with the right updates, hackers could exploit all your data.
What's more, cybercriminals might try to target your VPN servers with DDoS attacks. If they're successful, they'll cause serious financial damage by forcing your business into downtime. You can use DDoS protection, sure, but that's yet another expense to deal with.
All in all, it's much easier and cost-efficient to use an enterprise VPN like Perimeter 81 or NordVPN Teams or OpenVPN Access Server. Or even a commercial VPN if you're a small business with only 10 employees or less.
What About Hardware VPNs?
These are devices that offer VPN functionality alongside a dedicated processor and hardware firewall features. Unlike software VPNs, hardware VPNs take care of everything on their own.
To give you an example of how a hardware VPN looks, here's one from Zyxel.
Like corporate VPNs, hardware VPNs are usually a good option for large businesses that also have very skilled IT teams. They can cost up to $500, and sometimes even over $1,000 (not to mention add-ons for scalability), and require a lot of maintenance and know-how to keep connections secure.
For example, remote access is trickier, so errors can easily occur if your IT staff isn't used to hardware VPNs.
So enterprise or commercial VPNs are still better for smaller businesses.
Do You Need to Use a Commercial VPN If You Already Have a Corporate VPN?
Can't you just use the VPN your company gave you while you're at home? It's not like they'll know you're doing it, right?
Your boss and the company's IT team will most certainly know you're using the corporate VPN to indulge in "extra curricular" activities. Unlike a commercial VPN, corporate VPNs don't really encrypt your traffic end-to-end. By that, we mean the IT team will actually monitor VPN connections to make sure people aren't using them for something else.
Let's face it - the last thing you want is your employer finding out you're using the company's limited bandwidth to watch porn, play an online game, or binge your favorite series on Netflix.
But let's say they don't spy on your VPN usage, or they just don't care. You're in the clear then, right?
Not if they use split tunneling - basically, routing only traffic intended for the corporate network through the VPN, and ignoring anything else.
So if you use the VPN to handle your personal finances, chat with friends, or browse the web, hackers, your ISP, and advertisers can exploit your traffic since it's not encrypted.
Really, the risk isn't worth it. Always log off the corporate VPN, and log into a commercial VPN account when you want some personal time online.
What VPNs Should You Use During the Coronavirus Crisis?
To not mix things up and make everything too confusing, we're going to offer separate recommendations - a list for commercial VPNs and a list for enterprise VPNs.
Whether you want to unblock content and secure your data during this crisis or in general, here are some of the best VPN services:
If you need more recommendations or want to see some comparisons, check out our guide on the best VPN services on the market right now.
To make sure an enterprise VPN is right for your business, it should allow you to integrate MFA (Multi-Factor Authentication), offer endpoint security, and provide access control. Here are some pretty decent options:
Want more information about this? Check out our list of the best VPNs for businesses.
Just Using a VPN Isn't Enough (Other Security Tips)
A VPN offers decent security, but businesses need to take more measures to make sure their company data isn't compromised at all. Regular VPN users can also use some of these tips to stay safe online right now.
So, let's get started:
Learn How to Avoid Phishing Attacks
When people work from home, they're more relaxed, so they're more likely to answer calls from unknown numbers which might actually be phishing attacks. After all, they might just think it's a work colleague whose number they don't have.
What's more, people are also more likely to fall for phishing emails - especially Coronavirus scams that take advantage of their panic and fear.
Here are some tips to help you out:
- Phishing messages will usually ask you to share personal or financial information - like your Social Security Number or credit card details. That information isn't needed to sign up for a Coronavirus test.
- If you notice shady shortened links, or weird destinations if you hover over the link, you're likely dealing with a phishing attempt.
- Phishing messages will usually contain weird attachments - like a Word doc with an .exe extension.
- Hackers who use phishing will try to claim they're someone in a position of authority - like the CEO, a police officer, or someone from the CDC in this case.
- Don't answer calls from numbers you don't recognize. If your colleagues have a question, they can chat with you on the company's encrypted messaging channels.
- Phishing messages will almost always contain obvious spelling errors. Also, they will come from weird addresses that try to copy legit ones. For example, if company emails at your workplace are [name]@finance.com, a scammer would use something like [name]@f1nance.org.
- Phishing emails will have very generic opening lines (like "Greetings Sir or Madam"), and they will always have a tone of urgency that insists you act on the spot.
- Use Stanford's Anti-Phishing Browser Extensions to improve your odds. Consider using uMatrix and uBlock Origin too since they can prevent harmful scripts from starting up.
For more information on Coronavirus phishing scams, follow this link.
Use Security Software
VPNs are great for security, but they can't protect you against malware. And hackers love to use that - especially Coronavirus-themed malware like malicious live maps or fake apps that use tracking malware.
Use Password Managers
Password managers are software that act as a digital vault for your login credentials. They secure them behind one Master Password, and even offer password generators to help you come up with strong passwords.
Your company should already use a password manager. If it doesn't, though, 1Password Business and Dashlane Business are good options. If you're a regular user and don't have one, try one of the services on this list.
Secure Home Networks
One very easy way to do this that's also free is to change the default login credentials on the router. You should train your employees to do this, and you should also do this even if you don't work from home.
Because hackers can actually look up PDF manuals for routers on the Internet. They can google the model, find the manual, and just use the admin username and password in it to hack into your router.
How do they know the model? From the SSID most of the time (the name of the WiFi network). So change that too.
Patch Your VPN Servers
This mostly applies to Palo Alto Networks, Fortinet, and Pulse Secure users since those services had vulnerabilities before. You can find all the right updates in this article from ZDNet.
Even if you use a different service, you should still make sure the servers are up-to-date.
Enable MFA on All Accounts
MFA means you'll need to enter a randomly generated code to complete the login process. It might seem like a hassle, but according to Microsoft, it can block 99.9% of account takeovers. Yes, even if the hacker has the user's login credentials.
Ideally, you should turn on this feature on all your accounts. If you run a business, you should turn it on or integrate it into your VPN accounts too if possible.
Will the VPN Surge in Traffic Continue?
It's hard to say how long this crisis will last. Vaccines are already being developed and tested, and some speculate that things should start getting better by summer. On the other hand, some experts actually think the pandemic will last until next spring (at least in the UK).
In any case, due to the Coronavirus, VPN usage will likely increase even more in the coming weeks - especially if more and more businesses move to the work-from-home model. Whether or not this trend will continue once the crisis is over remains to be seen.
What's your take on this, though? Do you think people will start relying more and more on VPNs, or is this just a temporary thing? Let us know in the comments below.
Also, please remember to share this article with your friends on social media if you found it helpful.