Twitter Ban in Nigeria: Top 10 Security Risks in Using VPN
By Ya’u Mukhtar

Due to the recent indefinite suspension of Twitter operation in Nigeria by the Federal Government, now the only option left for Twitter users is to bypass this restriction using Virtual Private Network (VPN) in order to quench their thirst.

Meanwhile, the Emergency Digest gathered that using a VPN understandably makes the user feels invisible, but there are still are some potential risks involved from the service that users should keep in mind.

According to cyber experts, users of VPN might be exposed to likely risks and dangers from some VPN providers. Cybersecurity experts including John Anthony of Addictive Tips and Tim Mocan of Cactus VPN who have covered VPN, Internet privacy, and cybersecurity topics raise some concern about VPN for users seeking new ways to secure their online rights.

Below are some of the potential security risks associated with using a VPN.

1. Logging Policies
Using a VPN to hide browsing activities becomes pointless if the provider is now the one who logs the users instead of the ISP. A user becomes exposed to severe VPN security risks simply because the user no longer have control over his/her privacy. Usage logs are the most dangerous ones since they track information about what users do on the web while using a VPN.

2. Data Leaks
A data leak is when a user uses a VPN to hide his/her traffic and IP address, but they still leak through the VPN tunnel. IP leaks, DNS leaks, and Web RTC leaks are all good examples of that. If they occur, they pretty much make using a VPN pointless.

3. Shady Privacy Policies
A VPN provider can claim they respect user’s privacy and offer top-notch security in their marketing copy, while their Privacy Policy tells a completely different story. Free VPNs are the services that do this. Thus, in order to make money, advertisers will pay handsomely to get their hands on users’ data, which they will use to create personalized profiles so that they can spam the users with targeted ads.

4. Poorly Configured Encryption
Some VPNs are very likely to have faulty encryption. The cybercriminals and surveillance agencies might actually manage to intercept the user’s web traffic and decrypt it by exploiting or brute-forcing the weak encryption. A reliable VPN provider won’t have any problem sharing encryption details with their users.

5. Malware Infections
A user might end up dealing with serious VPN risks – like malware being injected into their devices when they download a VPN client, which will start spying on their activities, spamming them with malicious ads, and stealing their personal and financial details. If the users are extremely unlucky, they might expose their device to ransomware which will encrypt their data, and ask for a big ransom in exchange.

6. Being Forced to Use PPTP
The PPTP protocol might be fast and convenient, but it’s extremely dangerous for users who value their privacy. This is because the NSA already managed to decrypt PPTP traffic some time ago. And cybercriminals know that, so they’re more likely to target PPTP traffic when they’re looking for victims. So, a VPN provider that only offers PPTP connections is a very risky choice.

7. The Provider Using Users’ IP Address as an Exit Node
This is when a VPN provider runs their network off of users who “volunteer” their bandwidth and IP address since they don’t read the provider’s ToS and Privacy Policy. Having their IP address used as an exit node is dangerous because a cybercriminal or scammer could do illegal stuff on the Internet while using users’ IP address – like downloading illegal torrents, or sharing child pornography.

8. No Extra Security Features
While a VPN with good encryption and a favourable no-log policy is great, many VPN Providers lack DNS leak protection, Internet Kill Switches, Application-level Kill Switches among other protective applications that are very useful for torrent and email apps.

9. Traffic Restrictions
VPNs have often been caught artificially throttling or blocking traffic of its users. This most commonly presents as firewalls that prevent P2P network access or torrent downloads, both of which can slow down an entire VPN’s service based on the nature of the connection. Occasionally, though, VPNs will cripple a connection if a user downloads or streams too much.

10. Jurisdiction
Where precisely in the world a VPN is registered makes a huge difference in how secure it is. Even if a VPN advertises a strict zero-logging policy, if they’re located in a country whose government requires data retention laws, the VPN can be forced to store user information in secret. In this case, it doesn’t matter what the VPN’s policy is, your data can be compromised.

Ya’u Mukhtar is a Staff Writer with the Emergency Digest


Please enter your comment!
Please enter your name here