Sugar once used to be so valuable people locked it in a safe and only the privileged knew how it tasted. Likewise, VPN (virtual private network) is a tool developed in 1996 – originally created for a safe file transfer between offices of big corporations and military agencies – but today it’s growing to become a commodity for anyone using the Internet.
The global VPN market is predicted to reach $35,73 billion in 2022, and a CAGR of 12% is expected between 2020 and 2026.
The results of a NordVPN survey suggest that no less than a third of the population in the US, Canada, UK, Germany, France, and Belgium are already familiar with the notion of a VPN service.
“I expect demand for VPNs will grow as people become more conscious of increasing cybercrime issues. That combined with greater awareness of the privacy issues of browsing the Web without a VPN will increase adoption rates.” writes Troy Hunt, Web security expert known for public education and outreach on security topics, in his blog post.
The times when VPN was exclusively meant for businesses and tech geeks are long gone. There are three main reasons for stimulating this growth: cybercrime, advertising, and government surveillance.
Cybercrime
The number of malware and ransomware attacks spiked by 25% between Q4 2019 and Q1 2020. Cybercriminals have been successfully targeting financial services too. For instance, just recently NTT Docomo reported that the total amount of money confirmed to have been stolen in recent hacks of its Japanese e-money service has increased to 25,42 million yen in 120 cases.
Troy Hunt tested the trustworthiness of his banking service and found that “the initial request from the browser is still sent insecurely over HTTP so everyone along the way not only sees where the traffic is going, but can also read and modify the contents of it so again, from a privacy perspective, not good.”
The go-to-market rush results in unstitched security holes on platforms that Internet users are entrusting their private data to. “Security shortages of online services, in combination with users’ poor cyberhygiene habits, create the perfect conditions for cybercrime to blossom,” says Tom Okman, founder of NordSec, the company behind NordVPN.
Increasing surveillance
NordVPN surveys show that 80% of VPN subscribers use the app primarily for privacy and security reasons. This comes as no surprise: people are getting more and more concerned with the startling number of governments deploying advanced tools to identify and monitor users.
Of the 65 countries assessed by FreedomHouse, 33 have been on an overall internet freedom decline since June 2018. And this applies not only to China and other repressive regimes: Internet freedom has been declining in the US for three consecutive years, as law enforcement and immigration agencies have expanded their surveillance and the Internet has been flooded with disinformation.
Hunt states: “It’s hard for a VPN to protect you from disinformation, but it goes a long way to mitigating the risks of being surveilled.”
The policies and transparency of VPN service providers are becoming more and more important. “If a VPN provider is true to its policies and meets certain standards, there is a big chance it will take care of privacy and security better than an ISP, which collects detailed information on users’ online presence and must submit it to the government if the latter requests so,” says Okman.
Abusive advertising
90% of users find targeted ads annoying. Targeting requires a thorough analysis of the user’s behavior and interests. And sometimes it can go overboard. For example, Target, a wholesaler, managed to find out a teen girl was pregnant before her father did just by identifying a shift in her purchase behavior and sent her a pregnancy clothing coupon. Unconscious overexposure and extensive tracking online can be protected with premium VPN solutions equipped with ad-blocking features.
“The privacy implications don’t stop with the site you’re visiting, they cascade all the way down the stack of requests that follow that initial one. The point is that the privacy rights assured by a VPN are about a lot more than just protecting your source IP from being exposed to the website you’re visiting; it goes well beyond that,” writes Hunt.
The new hot place in town
The VPN industry is becoming more precise in its value proposition and tries to expand the benefits of a VPN beyond the already established privacy and security. Tech brands are working towards becoming all-around cybersecurity solutions for their customers. Even Apple has made privacy-as-a-service their strategic goal. Covid-19 has also brought new players to the market — Google has recently launched a VPN challenger, BeyondCorp.
In Okman’s opinion, new players contribute to the growth of the VPN industry and make everyone else want to improve. The bigger the number of competitors, the more cybersecurity awareness they spread among Internet users. Big names like Google entering the VPN arena attests to the market’s solidity and importance.
“I believe that VPN will become a default service integrated into devices, requiring no additional effort from users. However, there are many decisions to be made before that happens. Businesses will have to find a balance between maintaining user privacy and not losing the ability to speak to their customers through advertising. Mainstream use of VPN services will make it harder to monopolise personal data and will leave at least certain aspects of privacy to the people. The solutions to these challenges will determine the pace, but not the course of the development of the VPN industry,” says Okman.
When choosing a VPN vendor, one must always think whom they are entrusting their privacy to. Hunt has a simple piece of advice: “VPN doesn’t remove DNS or the ability to inspect SNI traffic, it simply removes that ability from your ISP and grants it to NordVPN instead. But then again, I’ve always said I’d much rather trust a reputable VPN to keep my traffic secure, private and not logged, especially one that’s been independently audited to that effect.”
