As the physical world increasingly merges with the digital world, cybersecurity has become a critical concern for individuals and organizations.
We talked to Marijus Briedis, the Chief Technology Officer (CTO) of NordVPN, to discuss the complexities of defending against ever-evolving cyber threats, how threat actors are using artificial intelligence (AI) technology, and cutting-edge advancements in online security.
Marijus told us quite a bit about what’s in store for Nord Security and its NordVPN service in 2024 and beyond!
The Rise of Advanced Cyber Threats
The cybersecurity space has undergone a significant transformation over the last decade.
“We’ve seen cyber threats evolving over the past decade,” Marijus said, highlighting the role of artificial intelligence and quantum computing in this change.
The two things we are talking about a lot now are AI and quantum computing,” he added.
AI has brought about more sophisticated threats, including spear phishing emails with tailored, convincing content and dynamic malware that adapts to evade detection.
In July, HYAS published a report about AI-generated polymorphic malware, warning that it represents a new breed of cyber threats. This malware uses “neural network code synthesis” for unpredictable behavior, challenging contemporary defenses.
Such AI-driven threats underscore the need for advanced cybersecurity strategies and heightened awareness.
“It’s the scale right now. The scale of how these threats can evolve,” Marijus noted.
AI-Powered Malware and Scams
AI technology is not only used to create polymorphic malware, but it also facilitates deepfake scams. With AI, threat actors can create deepfakes, mimicking a person’s facial expressions and voice with uncanny accuracy.
It’s really easy to create fake accounts like on Instagram and Facebook right now with the help of generative AI. You can’t even tell the difference these days. The phishing opportunities there are immense.
Marijus Briedis
CTO at NordVPN
In addition to deepfakes, AI tools like FraudGPT and WormGPT repurpose chatbot technologies for scams. These tools exemplify the increasing trend of AI-enabled fraud and identity theft.
Numerous criminal AI tools are available on the dark web today — with FraudGPT, for instance, offered on a subscription basis. According to a report from Netenrich published in July, FraudGPT is priced at around $200 per month to $1,700 per year. The vendor even entices potential buyers with promotions, such as giving the first 20 buyers a free subscription for a month.
The Quantum Realm
The advent of quantum computing presents new challenges in cybersecurity. Marijus pointed out the potential for “harvest now, decrypt later” attacks, which could undermine current cryptographic standards. Cybercriminals are stealing encrypted data to decode it in the future once quantum computing becomes widely accessible.
The U.S. is actively preparing for these emerging threats. In May, the White House published a national security memorandum signed by President Joe Biden, outlining policies and initiatives to maintain a competitive edge in quantum information science and achieve quantum resistance no later than Dec. 2023.
Marijus also cited the National Institute of Standards and Technology’s (NIST) introduction of post-quantum algorithms as a critical step in defending against quantum threats.
Studies show that many organizations are unprepared for quantum computing threats. In fact, recent advancements in quantum computing, such as a technique displayed by Chinese researchers in Dec. 2022, demonstrate the potential to crack 2048-bit RSA encryption, which is widely used across the internet.
Using a quantum computer with only 372 qubits, researchers could theoretically unravel most current encryption systems, thus the urgent need for quantum-resistant algorithms and the relevance of NIST’s initiatives.
VPNs as a Shield in the Digital World
As cyber threats evolve, VPNs have become essential tools for online safety. A VPN creates a secure, encrypted connection between your device and the internet, hiding your IP address and protecting your data from hackers, government surveillance, or ISPs (internet service providers). This makes it ideal for safeguarding information on public Wi-Fi, accessing restricted content, and maintaining privacy online.
I think, when people realized the amount of threats on the internet, they started to look for easy-to-use tools for their safety. A VPN is one of those tools. Besides that, privacy concerns also sparked VPN usage.
Marijus Briedis
CTO at NordVPN
Discussing NordVPN’s innovations, Marijus highlighted the company’s NordLynx VPN protocol as a technological breakthrough. NordLynx is NordVPN’s proprietary encryption protocol based on WireGuard.
A VPN protocol is essentially a set of rules that determine how data is sent and secured over a VPN tunnel. It allows VPNs to keep your online activities safe and private. Different protocols offer different balances of speed and security.
NordLynx stems from the need to provide users with secure and untraceable connections, Marijus explained. Comparing NordVPN’s NordLynx to other encryption protocols, he emphasizes their unique performance and security features.
We started developing NordLynx to make sure our users could not be identified when connected. Historically, it was OpenVPN, IKEV2, then NordLynx came, and it was new tech on the market. It had really good performance, clean code, and a lot of VPN brands introduced it too for those reasons. Right now NordLynx, or WireGuard, is the number one protocol to go to,” he said.
Navigating the Russian Geopolitical Challenge
We also asked Marijus how geopolitical issues affect NordVPN’s ability to deliver privacy solutions to its users. He reflected on NordVPN’s stance against Russian censorship, recounting the company’s decision to purge its servers from Russia in response to censorship demands.
So, in 2019, we had a letter from Roskomnadzor [Russia’s media regulator]. They were looking into blocking access to websites, and we were on the blocklist. So, ultimately, we had to change our service. But, we couldn’t agree on a solution, because we have a pledge to our customers. So, we purged our servers from Russia. We are about free speech, so this was a no-brainer for us,” Marijus explained.
NordVPN’s decision to remove its servers from Russia highlights its dedication to protecting the privacy of its users.
The Future of NordVPN and Cybersecurity Innovations
Marijus also shared exciting developments following Nord Security’s second $100m funding round — increasing Nord Security’s valuation to $3 billion — hinting at new projects like “PhishingML” and “MalwareML.”
Machine learning (ML) is a branch of artificial intelligence (AI) focused on building systems that learn from and make decisions based on data. Unlike traditional software, which follows explicit instructions to perform tasks, machine learning algorithms improve their performance over time by processing and analyzing large amounts of data.
So, this was the second time we attracted $100 million into the Nord Security umbrella. It opens strategic opportunities for us, especially working with giants like Warburg Pincus. I think this is a good opportunity for Nord Security as a whole to introduce the M&A (merger and acquisition) position and our portfolio may attract products that way. But, it is early to talk about this. We do have the Nord Labs project now. Next, we are looking at not only B2C but B2B environments,” he explained.
Marijus also discussed Nord’s efforts to incorporate AI into its products, like Threat Protection (on the NordVPN macOS and Windows VPN app), and expanded on the company’s NordLabs project.
We try to introduce new tools that use AI, such as project Sonar, which uses an LLM [Large Language Model] in the backend that protects users from phishing emails,” he said.
Commitment to Digital Rights and User Privacy
NordVPN’s advocacy for digital rights goes beyond its services. Marijus discussed the company’s involvement in initiatives like International VPN Day and the VPN Trust Initiative — particularly the VPN Trust Seal accreditation program — emphasizing their dedication to internet freedom and high-security standards.
There is also a cool new thing called the VPN Trust Seal accreditation program. It is a badge that indicates which VPN brands follow best practices and deliver quality service. It was introduced by the VPN Trust Initiative, and with this joint effort, we want to make sure that providers who have this badge are up to the highest standards: the best VPN, regular audits, the best providers in the industry,” Marijus said.
Looking Ahead: NordVPN in 2024
Looking ahead, Marijus revealed plans to expand NordVPN’s offerings, including new features for the NordVPN Meshnet service. NordVPN’s Meshnet service, now freely available, allows users to create a private network by connecting two or more devices directly.
Essentially, it enables users to set up their own personalized VPN. When two Meshnet-enabled devices are connected, one acts as a VPN server, routing internet traffic through the other device and creating an encrypted tunnel between them. This ensures a secure and private connection. It can also help a lot with streaming restrictions.
Marijus hinted at exploring post-quantum cryptography, showcasing NordVPN’s commitment to staying at the bleeding edge in cybersecurity.
We may roll it out [a post-quantum cryptography system] this quarter as a beta for our Linux users,” he said.
Conclusion
Concluding the interview, Marijus stressed the importance of maintaining good cyber hygiene. He urged netizens to conduct regular software updates, use password managers, and learn about the signs of phishing threats.
Resilience is very important in your digital life,” he said.
Our mission was always to bring a more secure internet, and spreading cybersecurity awareness. Honestly, this is just half of the job. The other half is to provide a quality product. That’s why we are doing our best everyday, working hard, so our users have the best software out there.
Marijus Briedis
CTO at NordVPN
As threats become more sophisticated, the role of advanced technologies and informed digital practices becomes increasingly paramount. NordVPN’s ongoing efforts to enhance security and advocate for digital rights are a testament to the company’s commitment to navigating these challenges.
Try out NordVPN today! Use the link below to get a massive Black Friday discount on NordVPN.
Over the past three years, Mirza has distinguished himself as an expert tech journalist at VPNOverview. Backed by a degree in Global Communications, his meticulous writing encompasses the evolving realms of generative AI and quantum computing, while also illuminating vital facets of malware, scams, and cybersecurity awareness. His articles have found acclaim on prestigious platforms, ranging from cybersecurity portals like Heimdal Security to broader channels such as the official EU portal. Furthermore, he is constantly engaging with other experts in cybersecurity and privacy, enriching his detailed research.
