Paper Example. Breach of Firewall

In the modern days, many people consider data as the most essential asset of any given organization with digital innovations. However, statistics show that data breaches take every second and it has become rampant that affects the privacy and confidentiality of the data stored in the systems. Breaches due to firewall is a widespread challenge in the modern era of information and communication technology with the advent of the internet. When firewall breaches happens, it implies that somebody was not critically paying attention to essential logs or taking time to assess firm's security. Firewall breaches have become an important concern for many companies regarding the security of their data (Vacca & Ellis, 2005). The majority of the firewall breaches occur due to configuration errors but not because of software failures. Therefore, recognizing a firewall breach is essential in guaranteeing the security of a system in an organization. The paper will analyze the breaches due to firewall and one with a firewall and how firewall breaches can be mitigated using different security tools/features.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

Analyze breaches due to firewall and one with a firewall

Analysis of breaches due to firewall

With increased cases of cyber attacks, appropriate firewall configuration is more essential at the moment than before. Because the majority of the breaches are due to configuration mistakes, the firewall is significant to secure the data of an organization. While the majority of security experts emphasize on identifying along with fixing vulnerabilities, the actual emphasis must be on the firewall's configuration (Rossi, 2015). Thus, a misconfigured firewall not only leaves the data vulnerable to attack, but it may also damage the company in many ways.

Firewalls are important component of the network security and a misconfigured firewall can harm the organization and give easy access to a hacker or attacker. There are many causes of breaches due to firewall and it is tempting to presume that hacking methods have become so stylish that they are pushing information technology (IT) security to its limits or that vulnerabilities are prevalent. The actual rationale is that breaches due to firewall is caused by firewall misconfigurations. For example, through 2020, 99% of firewall breaches could be due to simple firewall misconfigurations. According to a survey by Gartner, over 95% of firewall breaches could be due to firewall misconfigurations and not firewall faults. Thus, configuration errors not only represent the risk affecting the performance of network, but more significantly embody a probable threat to the network. Firewall administrators can potentially prevent a revenue generating service from functioning appropriately by incorrectly configuring a firewall policy (Vacca & Ellis, 2005). This implies that a bigger risk though is the potential of permitting connectivity from external networks to a portion of the internal network, which must not have access. Therefore, misconfiguration of the firewall policy is a severe security risk.

Furthermore, the lack of automation is a primary challenge for security teams due to breaches because of firewall. The main breaches due to firewall is firewall misconfigurations that results from human error. Human error has become an important flaw because of the misconfigurations of the firewall by personnel. Thus, significant dependence on manual processes, which lead to misconfigurations, as well as inaccuracies, which need rework are placing additional burden on resource-strapped security staff. The majority of the firewall breaches are established to be due to misconfigurations and not firewall flaws. Gartner argues that by 2021, 50 percent of businesses would mistakenly have some IaaS storage services, networks segments, and applications or APIs directly exposed to public internet, which is 25 percent up as compared to 2018. A survey by Gartner established that 65% of responds are not utilizing automation to manage their IT environment, whilst 36% stated that inaccuracies, misconfigurations or network issues account between 10 and 24 percent of the change, which need rework (Lasky, 2019). The survey also found that 45% of participants process between 10 and 99 change requests every week, as well as 57% confirmed that manual processes are utilized as part of the firewall change. Hence, these manual processes are usually part of an extensive, ad-hoc change management procedure, which entail email requests to firewall spreadsheets along with administrators.

Also, utilizing non-standard techniques may pose a higher risk of cyber-security breach. In the absence of a single standard authentication technique, firewall breaches will likely to occur. It will result to authentication problems in an attempt for a user to log in the system from a different locations, as well as devices. For instance, a non-standard authentication technique can permit weaker passwords or place less-stringent restrictions on the number of login attempts on a network. These security problems are linked to breaches due firewall that create opportunities for attackers to access the network because non-standard authentication methods of the firewall.

Analysis of breaches in one with firewall

Capital One case illustrates how breaches in one system with firewall can be accessed and attacked. The attack on Capital One system happened because of misconfiguration mistake at the app layer of firewall that was fitted by the bank, which worsened by permissions set by the company, which were probable wider than planned. After obtaining access via the misconfigured firewall plus having wider authorizations to access resources. The hacking of Capital One system took place since the hacker used vulnerability in a firewall application to access privileged account. After gaining access, the hacker proceeded to use server commands to get personally identification information (PIN) that belonged to the applicants of a Capital One credit card product (Vacca & Ellis, 2005). The court documents on the Capital One case found that a misconfigured firewall permitting commands to reach plus operate on the banks server was the main cause of breach of firewall. The commands were able to obtain security credentials to access storage repositories. This shows a breach of firewall that had vital information of clients and this breach was seen as a major in history of security breaches in the United States.

One latest case of capacity constraints on the firewall was the breach of Cisco's firewalls, switches and routers. A hacker team, Shadow Brokers found previously unknown vulnerability, which has been an essential tool for NSA's hacking group. No longer following exposing the vulnerability on the web, it was utilized to breach Cisco's firewalls, which compromised customer information. While Cisco would soon have a patch accessible for this particular vulnerability, using it to firewall appliance across distributed enterprises is a resource intensive procedure (Lasky, 2019). This is basically one instance of several where the capacity constraints linked to managing firewall along with UTM appliances become an anchor, which weighs on the resources and compels the IT to compromise on security of the system with firewall. Additionally, a 2015 report on data breaches performed by Verizon established that 99% of exploited vulnerabilities were compromised over a year.

The recent incident in the United States (US) power grid system was a breach of firewall. The vulnerability of the firewall was linked to the problem that caused problems in the grid system. The attackers continually made firewalls to reboot for around 10 hours that was connected to the breach of firewalls. This incident affected firewalls positioned at many power production locations ran by a "low-impact" operator, but did not led to interruption in the supply of electricity. The incident affected network perimeter firewalls that were inexplicably going down for around five minutes (Rossi, 2015). Thus, the firewall reboots persisted for many hours that prompted the power grid operative to initiate an investigation concerning firewall breach. The operative ultimately established that they had not used firmware renews for the firewalls, which were attacked resulting in breach of firewalls. The reboots stopped when the power grid operator applied appropriate patches. There was a lack of the use of the firewall defense updates on the absence of firewall appraisal procedure to inspect security updates prior to deployment.

Distributed Denial of Service (DDoS) attacks has been found to affect the network. DDoS attacks are often-utilized attack method acknowledged for being exceedingly efficient and comparatively inexpensive to implement. The primary objective is to overpower a defender's assets and result in blackout or extended incapacity to deliver services. Consequently, one type of attack is tailored to drain the firewall, as well as load balancer resources to keep them off from processing genuine traffic. Whilst firewalls may alleviate some kinds of DDoS attacks, they may still be overloaded by procedure attacks (Rossi, 2015).

Understanding how breaches of can be mitigated using different security tools

Meaning of mitigation of breach of firewall

The mitigation of breach of firewall entails security measures and controls designed to reduce vulnerabilities to the network system. Although security data plus event organization products may assist make sense of the overpowering quantity of data, as well as offer information to alleviate the risks of attacks, mitigation is part of business's security controls. Mitigation of breach of firewall entails reducing the damage since it may not be completely eradicated. For instance Distributed Denial of Service (DDOS) mitigation of breach of firewall routes distrustful traffic to a centralized location that will be filtered. It is important to understand that mitigation is generally less preferable as threats, which cannot be totally eradicated are most expensive to manage. Therefore, the mitigation of breach of firewall entails all the security strategies and tools towards minimizing the attack on network of the organization (Oz, 2009).

Explain how firewall breaches can be mitigated using different security tools/features

Firewall configurations

It is essential for firewall configurations to be frequently appraised, as well as autonomously audited to ensure that only the absolutely necessary configuration is active. Many cases of breaches of firewall have been linked to misconfigurations of the firewall exposing data to third-parties. While carrying out external penetration testing, it is usually common to see remote supervision services exposed to the public internet other than being rightly filtered to allow admittance from "trusted" networks, like LAN or VPN. Together with the firewall arrangement, it is vital to ensure that segregation is functioning well across all network outlet and entrance points. Therefore, organizations must check for network irregularities emanating from the separation between clients and servers that will mitigate risks of breach of firewall (Vacca & Ellis, 2005). If cardholder data settings, or other safe places, are inadequately segregated, a hacker would access them by stepping across via compromised networks-as the case of Target breach that occurred in 2013. In this case, the hackers originally affected a third-party supplier's network prior jumping across onto Targets and ultimately contravened the POS network (Rossi, 2015).