While Qihoo 360 is confident that DarkHotel is behind the campaign, others are not so sure. Some security researchers have pointed out that Qihoo’s analysis is very light on supporting evidence and heavy on confirmation bias. None are going so far as to say that Qihoo is wrong, only that more supporting evidence is needed to make a claim of attribution. VPNs have become a vital part of the global infrastructure as much of the world’s workforce shifts to working from home. While instances like the one involving Sangfor can be difficult to prepare for, there are basic security steps which can be taken to protect remote workers and organizations during this unusual time. Ensuring that VPNs are being properly configured and kept up-to-date with current security patches is an important first step. Endpoint monitoring and detection can also aid in defending against intrusion by detecting suspicious activity on workstations and servers, should malicious software find its way onto a worker’s machine. More information on this incident can be found at https://www.techradar.com/news/this-major-chinese-vpn-provider-has-been-hacked