How to Check a Virtual Private Network For Data Leakage

Credit: ID 105121826 © Farbentek | Dreamstime.com

If your virtual private network (VPN) leaks, there’s no point in even turning it on.

You might as well take that monthly fee and hand it to a random person on the street. We’re not kidding. The reality is that a lot people use VPNs today - overall usage increased to 26% in 2018, making this tool one of the fastest technical adoptions in recent memory. But are they using it correctly?

The joke, and it’s a bad and frequent one, is on anyone who turns on their VPN without checking it for data leaks.

An improperly configured service can leave you vulnerable to WebRTC leaks or DNS hijacking (more on these later). Either is essentially an engraved invitation to any passing hacker to jump into your life and screw it up. Luckily, there is a quick way to check if your VPN is, in fact, broadcasting your whereabouts. More on that later too.

The Weak Link in the Chain

You might have already noticed that the internet is inherently insecure, and we’re not talking about emotional issues. In the early days, it was designed to reliably send data chunks called packets anywhere in the world, rerouting itself around failed connections as needed.

In other words, the online environment was built for adaptability, not security. By the time anyone thought it might be a good idea to implement privacy protocols, hackers already had a strong toehold. One of the most recent and promising tools to try to take back control are VPNs, which work great.

Except when they don’t.

WebRTC Leaks

While a VPN connection is active, websites and outside entities should never be able to detect the true IP address assigned by your ISP. However, this is not always the case due to a known deficiency within browsers like Google Chrome and Mozilla Firefox which can lead to an issue known as WebRTC leaks.

Many of the most popular websites in the world rely on WebRTC, which stands for Web Real Time Communication, to populate webpages with dynamic content that can be updated live without reloading. This type of data is transmitted through a different mechanism than traditional HTTP traffic.

WebRTC leaks occur at the browser level when a website is able to expose a user's source IP address while bypassing the VPN protection. When this happens, you no longer are truly anonymous online and could have private information exposed.

DNS Hijacking

If a cyberattacker is able to retrieve your true IP address through a WebRTC leak, it means they may be able to determine your geographic location or even infiltrate your local network. The worst case scenario is a type of attack known as DNS hijacking, which leaves your entire network at risk.

All computers, including “smart” devices and wearable tech, rely on the Domain Name System (DNS) to help translate web URLs into IP addresses. That information is what allows data on the internet to be routed so quickly. Each time you load a webpage in your browser, the computer checks DNS to find out where to send the request.

When hijacking the DNS, the hacker changes your device's DNS settings and intercepts - or redirects - all outgoing traffic. As a result, you might open a bookmark or type in the URL of a common website, but instead of loading the correct content, your browser will point to a rogue webpage that seeks to steal your personal information.

Such was the case in a recent attempt by cyberattackers to hijack the domain names of several U.S. government websites.In the wake of the attacks, the US Department of Homeland Security (DHS) issued an emergency directive tightening DNS security.

Testing VPN Vulnerabilities

If you are concerned about the possibility that your VPN client is leaking your primary IP address, then you need to be proactive about testing its vulnerability. Otherwise, it might be too late and a hacker could already be intercepting your web traffic and using it for nefarious purposes.

Many tools are available online that will simulate WebRTC traffic and let you see whether your VPN client is vulnerable. A popular one is the BrowserLeaks website, which will show you whether your current browser supports WebRTC connections and what IP addresses are shared.

If you run the test and see your ISP's address and country listed in the "Public IP Address" section, then it means you are affected by a WebRTC leak. Since these leaks occur at the browser layer, make sure to run the test in every browser that your operating system supports.

For Google Chrome users, there are third-party plugins available, like WebRTC Control, which can quickly test your system for WebRTC leaks and let you deactivate such connections. Just be sure any plugin you download is from a reputable developer, as these tools could actually be disguised by hackers looking to install malware on your computer.

For protecting against DNS leaks, the best tool to use is DNSLeak.com, which will check your current IP address and then let you run a diagnostic tool to check your current DNS servers. If your DNS server addresses differ from your VPN's IP address, then your settings may have been hijacked. At that point, it's important to quickly reset your DNS addresses using a free, safe service like Google DNS.

Finding a Reliable Service Provider

VPN's typically involve a monthly or yearly cost and are somewhat more expensive than your regular ISP provider - and, yes, you will need both.

Therefore, you have a right to ensure that the product is doing what it claims to and delivers true protection and anonymity online. If that's not the case, then it is time to move on to a different solution.

Cyberattacks continue to evolve, so even if your VPN passes leak tests in its current state, you must continue to watch for new threats while keeping your VPN software up to date.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags password protectiondata securitycyber attacksdata leakVPNscybersecurity

More about GoogleMozilla

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Sam Bocetta

Latest Videos

More videos

Blog Posts