The director of information for ExpressVPN has already helped the UAE orchestrate a massive cyber espionage campaign on computers around the world.
According to at the Justice Department, ExpressVPN 's CIO Daniel Gericke and two others worked as hackers on behalf of the UAE to develop zero click attacks capable of breaking into accounts and devices Internet, including those in the United States.
All three previously worked for the US intelligence community. However, by offering their hacking expertise to a foreign country from 2016 to 2019, the trio violated US export controls, which required them to obtain a license from the State Department toprovide such services. Reuters originally reported on the hire-for-hacking plan with the UAE, and said espionage tricked iPhones and Internet accounts belonging to activists, political rivals and even Americans.
Cyber espionage naturally raises questions about the security around ExpressVPN. However, the VPN service stays with Gericke, who quit working with the UAE after joining ExpressVPN in December 2019.
"We know the key facts about Daniel's employment history even before we were hiring him because he has blog pos t Wednesday. expertise that has made him an invaluable employee in our mission of protecting user privacy and security. curity. ”
Despite violating US laws with hacking, the Department of Justice refrains from accusing Gericke of a felony. Instead, he struck a deal that never again bans him from carrying out "computer network exploitation" operations on behalf of a employer. He also agreed to pay a fine of $ 335,000.
ExpressVPN adds that it constantly checks its VPN service for safety. "Of course, we don't just rely on trust of our employees to protect our users, "he wrote in Wednesday's blog." We have robust security systems and controls in place in all of our systems or products. We commit and fWe also provide extensive access to numerous independent third parties to perform audits, security assessments and penetration tests on our systems and products.
ExpressVPN The VPN service can encrypt your internet connection to prevent snooping, but that assumes its employees aren't doing any fun business on the backend. By routing your Internet through a VPN, you are also pushing your browsing history to a server under someone else's control. This may allow them to connect and collect your data.
However, ExpressVPN says Gericke used her expertise to improve the VPN service. “Daniel has a deep understanding of the tools and techniques used by opponents against thesquels we aim to protect users and, as such, are an expert uniquely qualified to advise on defense against such threats. Our product and infrastructure have already benefited from this understanding to better secure user data, ”the company adds.
The news comes after ExpressVPN sold out to the software vendor this week. Anglo-Israeli digital security firm Kape Technologies for a carries over $ 936 million. "With their support and resources, we'll be able to innovate faster and protect you against a wider range of threats," says ExpressVPN. Security Watch newsletter for our top privacy stories and security files delivered directly to your inbox. ", " created_at ": null, " updated_at ": null}) " x-show = "showEmailSignUp () "class = " rounded bg-gray-lightest text- md: px -32 md: py-8 p-4 font-brand mt-8 container-xs ">
Do you like what you read?
Subscribe to Security Watch Newsletter for our best privacy and security stories delivered straight to your inbox.
Thank you for your inion!
Your subion has been confirmed. Keep an eye on your inbox! Sign for other newsletters