Hackers are targeting VPNs to gain access to enterprise systems

A hand typing at a computer in a dark room, lit up by the laptop's keyboard LEDs and red LED light
(Image credit: Getty Images)

Software company Check Point has warned that hackers are targeting its Remote Access VPN devices in order to gain access to enterprise networks.

This discovery comes shortly after cyber insurance company At-Bay published research that remote access tools were the intrusion point for 58% of ransomware attacks in 2023.

In an advisory published on May 27, the software company explained that the cyber attacks were discovered after a "small number" of login attempts were flagged. These login attempts targeted old local VPN accounts that used insecure password-only authentication. 

The company also said that it had recently witnessed VPNs becoming compromised, including cyber security providers.

In its advisory, Check Point said that hackers were targeting remote access tools in an attempt "discover relevant enterprise assets and users, seeking for vulnerabilities in order to gain persistence on key enterprise assets".

The company has released a solution that automatically prevents unauthorized access by local accounts with password-only authentication to its customers' VPNs. This solution aims to address these unauthorized login attempts, and prevent them from happening in the future.

In order to improve their security, Check Point has recommended that its customers check their local accounts to see both if they have them, and to see if they have been used and who has used them. If users have local accounts they're not using, Check Point says it's best to just disable them. 

Check Point also suggests adding another layer of authentication, for example certificates, to any local accounts that its customers are using, but are currently using password-only authentication. Finally, they urged customers to deploy its preventative solutions across their Security Gateways.

Note that these vulnerabilities apply only to remote access VPNs, and not to the consumer products we primarily feature on Tom's Guide on pages like our guide to the best VPN services

Olivia Powell
Tech Software Commissioning Editor

Olivia joined Tom's Guide in October 2023 as part of the core Future Tech Software team, and is the Commissioning Editor for Tech Software. With a background in cybersecurity, Olivia stays up-to-date with all things cyber and creates content across TechRadar Pro, TechRadar and Tom’s Guide. She is particularly interested in threat intelligence, detection and response, data security, fraud prevention and the ever-evolving threat landscape.

Read more
Red computer security warning
2.8 million IP addresses being used in brute force attack on VPNs
Graphic of red warning sign
Critical VPN vulnerabilities continue to impact businesses
Image of technical screen displaying system hacked warning
SonicWall VPN hit with second vulnerability
Graphic of fibre optic cables attacking code
An estimated 46,000 VPN servers are vulnerable to being hijacked
Hacker typing on laptop in darkened room
Hackers create "BRUTED" tool to attack VPNs – how to stay safe
Surfshark graphic of 2024 data breaches
Nearly 700 million American records were leaked in 2024
Latest in VPNs
Large group of protesters in Turkey following Instanbul mayor's arrest
Turkey sees huge VPN usage spike amid reports of social media crackdown
NordVPN logo on a blue background
NordVPN drops to its lowest price this year – here's what you need to know
ExpressVPN logo above mobile devices
ExpressVPN lays off undisclosed number of employees
The outline of a hand holding a phone, wrapped in barbed wire to indicate censorship
What are anti-censorship features and how is Proton VPN leading the way?
Hacker typing on laptop in darkened room
Hackers create "BRUTED" tool to attack VPNs – how to stay safe
NordProtect logo on black background
NordVPN's NordProtect cyber insurance goes solo – and adds a key new feature
Latest in News
Rendered images of rumored foldable iPhone.
Foldable iPhone report just revealed key details — here's what we know
NYT Strands on a cellphone
NYT Strands today — hints, spangram and answers for game #385 (Sunday, March 23 2025)
Nintendo Switch 2
Nintendo Switch 2 rumored specs — here’s what we know so far
iPhone 17 Pro render
iPhone 17 Pro — 7 biggest rumored upgrades
CAD renderings of the Google Pixel 10 Pro XL
Pixel 10 leak could be good news for all Android phones
A magnifying glass on top of the Steam logo in a web browser
Valve just pulled a malicious game demo spreading info-stealing malware from Steam