Virtual private networks (VPNs) are supposed to be used as an added security feature. However, it has recently been observed that attackers are increasingly using VPNs to gain access to networks. Using remote access VPNs allows hackers easy access into an organization’s IT environment, rather than having to exploit a public server or zero-day. Hackers are easily able to gain access to VPN connections through insufficiently protected VPN accounts. It is recommended that organizations employ multiple levels of authentication checks when using VPNs, rather than just username and password authentication.