The question whether the NSA can crack a VPN seems to have been answered by the Edward Snowden case. Snowden said that the NSA’s XKeyscore system can crack anything, even data encrypted by VPNs.
For most consumers this thought is an alarming fact. One of the main reasons to sign with a VPN is when people have concerns about online security and government eavesdropping is one major issue of worry. However, further thought on the matter could lead to thinking along different lines, many VPN providers have several years experience within the field of security, often government security issues. Internet security is an ongoing factor with continued developments. In much the same way that some private companies are beginning to block VPNS, the issue of eavesdropping and cracking of VPNs is something that VPN providers will be handling and monitoring day to day.
One hacking tool operated by the NSA is Turbulence, a system that can launch attacks on a global or industrial scale. Turbulence can crack any system it is targeted towards, via network surveillance or injecting malware. The malware tool is the one used to crack VPNs or VOIP traffic.
Where VPN providers offer older protocols, it’s known the NSA has cracked the encryption. OpenVPN is still considered safe, though. Although the NSA can inject malware into OpenVPN, the program will speedily remove it. It is known from the Snowden revelations that VPN networks are prime targets for attack by the NSA and GCHQ. So where consumers do have legitimate concerns about security they must ensure their provider allows Open VPN protocol. Devices that are unable to run OpenVPN should be run using L2TP/IPSec protocols, but these are not considered truly safe.
One added factor to for consumers to consider is that many VPN providers write their own trademarked programs which offer even greater security protections and control and they also operate their own individual servers. Shopping around for the most secure provider is essential for any consumer with concerns about government eavesdropping issues.
An added security consider for any consumer is where VPN provider is based and the exact company policy on logging of user activities. Where the providers to record and log user activity, then it’s possible government agencies could access user information by this channel.
So, yes it’s a fact the NSA can crack VPNS, however each provider is working on its own security measures to combat government surveillance.