Security Experts:

Connect with us

Hi, what are you looking for?



Senators Concerned Over DHS Employees Using Foreign VPNs

United States senators have voiced concerns over the use of foreign-made Virtual Private Network (VPN) applications within the Department of Homeland Security (DHS). 

United States senators have voiced concerns over the use of foreign-made Virtual Private Network (VPN) applications within the Department of Homeland Security (DHS). 

VPN services promise improved security and privacy when browsing the Internet by routing all of the user’s traffic through the provider’s servers, and a large number of people, including mobile users, have adopted such services for increased online privacy.

Furthermore, users are also adopting data-saving apps, including mobile browsers such as Dolphin, Yandex, and Opera, which route traffic through their servers and compress it before serving them to the user, to provide data-saving functionality.

It is the growing adoption of mobile apps that could expose U.S. government employees’ web browsing data and the routing of users’ traffic on foreign servers is worrisome, Senators Marco Rubio (R-FL) and Ron Wyden (D-OR) told Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher Krebs in a letter dated February 7. 

“We are particularly concerned about the potential threat posed by foreign-made apps that are affiliated with countries of national security concern and urge you to examine the national security risk they pose,” the letter reads (PDF). 

The Senators point out that some of these applications, many which have been downloaded by millions of users, are developed by “foreign companies in countries that do not share American interests or values.”

“Because these foreign apps transmit users’ web-browsing data to servers located in or controlled by countries that have an interest in targeting U.S. government employees, their use raises the risk that user data will be surveilled by those foreign governments. The compromise of that data could harm U.S. national security,” the Senators say. 

The letter also notes that the U.S. government has already recognized the national security risks posed the use of foreign technologies. 

The House Intelligence Committee has already recommended the U. S. should view with suspicion the increased presence of Chinese companies on the U.S. telecommunications market and the DHS last year ordered all federal agencies to remove products from Kaspersky Lab from their networks, the Senators say.

“If U.S. intelligence experts believe Beijing and Moscow are leveraging Chinese and Russian-made technology to surveil Americans, surely DHS should also be concerned about Americans sending their web browsing data directly to China and Russia,” the letter reads. 

The Sens. urge for “a threat assessment on the national security risks associated with the continued use by U.S. government employees of VPNs, mobile data proxies, and other similar apps that are vulnerable to foreign government surveillance.”

Furthermore, the Senators say that, should these services be found to pose a risk to the national security, a Binding Operational Directive should be issued, to prohibit their use on federal government smartphones and computers.

Related: Marco Rubio Proposes New Federal Data Privacy Bill

Related: Senator Urges Federal Agencies to Ditch Adobe Flash

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.


The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...


The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...


Cybersecurity firm Group-IB is raising the alarm on a newly identified advanced persistent threat (APT) actor targeting government and military organizations in Asia and...