Professional Documents
Culture Documents
Executive Summary
[4283/FIREWALLWP/20140814/LH]
White Paper
Introduction
Barely a week goes by without the media reporting a new cyber threat which is capable
of causing havoc. There are constant warnings of various forms of sophisticated malware
which have already infected thousands of computers across the UK. GameOver Zeus,
Cryptolocker and Shylock are just a few to hit the headlines this year.
Once networks are infected, these types of malware can give cybercriminals the ability
to steal corporate, personal or financial details, encrypt files and hold them for ransom or
extort money from companies through denial of service (DoS) attacks.
The exact nature of the threats detailed in these media reports may change but the
accompanying quote from a relevant security expert is always the same, in order to
protect yourself, keep your security defences up to date. The three core pillars of
those defences include end point protection, gateway defence and software
patch updates.
of SMBs lack
knowledge of
firewall refresh
cycles
Companies may be updating their client anti-virus and are regularly patching software,
but the Icomm Technologies Survey 2014 has revealed too many organisations are failing
to address the final pillar by not upgrading their firewalls as part of their internet
gateway security.
In recent years cybercriminals have evolved their tactics in order to evade detection by
traditional firewall defences. Yet in many cases, the companies they target have not all
kept pace with this and some are still relying on legacy solutions which are no longer fit
for purpose.
These organisations now need a next generation firewall which has the capability to
go deeper and inspect all traffic, regardless of the port and protocol. A modern firewall
solution can inspect even encrypted traffic and detect those threats.
Next generation firewalls are now also protecting businesses against the potential
security impact of modern technology trends, such as the consumerisation of IT and cloud
computing. These solutions can also provide granular control over website and application
usage, to ensure bandwidth is always available for the most critical business functions.
Approximately
782,240
UK businesses are at risk with old or
untested firewall technology
one sixth
of companies
have never tested their firewall
White Paper
A firewall older
than 3 years is
not fit for purpose
It is not just large companies being targeted, however. Research, by security firm
Symantec, has shown that 30% of all global cyber attacks are actually aimed at small
businesses - where defences are perceived to be weaker. Smaller targets may be less
lucrative to cybercriminals but it requires less effort to attack several soft targets than one
which is large and well protected.
No one is
100%
If you have not refreshed your firewall within the last three years the chances are that you
are using a legacy firewall which is no longer fit for purpose.
In response to these evolving threats, security firms have rolled out firewalls in the last
few years which offer a more advanced defence. As cybercriminals are now capable of
smuggling malware passed traditional firewalls by burying it within encrypted traffic,
these solutions now provide SSL decryption and inspection.
Today, up to 35% of enterprise traffic is secured using the Secure Sockets Layer (SSL)
protocol. Cybercriminals know this, and they have begun to use SSL to hide their attacks.
Organisations which are still relying on legacy firewalls with no or limited SSL Inspection
capabilities can be compromised, said Florian Malecki, International Product Marketing
Director at Dell Security.
30%
small
BUSINESSES
White Paper
Case Study
One potential consequence of
sticking with your legacy firewall
Icomm Technologies was privy to a damaging cyber attack on a small
business, which had been taking an if its not broke, dont fix it approach
to firewalls. With a legacy solution in place, which was incapable of deep
packet inspection, the companys defences proved ineffectual against the
attack. The company later approached Icomm for help.
The business found itself at the mercy of an aggressive hacker who
encrypted vital files and promised to expose sensitive information to the
companys entire email contact book unless 500 was paid into a specified
bank account.
A word file left on the business owners computer read, You have been
hacked. Inside a menacing message threatened: I do not require to do
much more work on my part to ruin you.
The hacker, who was clearly well practised in this form of extortion,
cheekily demanded that the business quote a reference number when
making their payment.
This situation could have been avoided if the business had upgraded to a
next generation firewall beforehand.
29
White Paper
one
in six
SMBs have never
The survey found 14% of organisations have not, or are unsure whether they have,
upgraded their firewall since 2009. This means one in every seven SMBs in the UK is likely
to have inadequate protection against the attack methods currently being deployed by
cyber criminals.
Testing
It is one thing to deploy a next generation firewall but it is another checking the solution
is actually doing its job. It is recommended that companies check their firewall with
penetration testing at least once a year on average. For companies storing sensitive
information, such as their customers personal or financial details, this might take place
quarterly.
A lot of people seem to think because they have a firewall they are fully protected when
they might not have the right policies in place. Penetration testing is important to ensure
everything is working as it should, said Malecki.
one seven
in
SMBs have inadequate protection
As Verizons recent Data Breach survey has shown, when a business is compromised it can
be a long time before that is discovered and quite often it is the third parties doing these
penetration tests that are the ones who are finding these breaches.
The Icomm survey found that more than three quarters (77%) of SMBs do carry out a
penetration test at least once a year - almost half (48%) test twice a year or even more
frequently. However, the study found that a worrying 16% have never tested their
firewall. This means that nearly one in every six SMBs in the UK has no way of knowing
whether their firewall is working or not.
White Paper
Many refresh
their firewall
every five years
If you have a traditional firewall it will not be protecting you in the same way it was when
you bought it - so in my eyes it is already broken.
White Paper
have no plans to
upgrade at all
Lomas said: We would always advocate a consultancy led approach to firewalls as some
vendors do offer a greater depth of solution than others. For some, security is their main
focus but there are others which are just filling out their portfolios.
Protecting productivity
Organisations should also consider technology trends, such as the consumerisation of IT
and cloud computing, which can impact on internet bandwidth. Next generation firewalls
are capable of protecting an organisations bandwidth performance by providing a
granular level of control.
This allows organisations to manage behaviour on certain websites or applications
and specify which teams or individuals are given access. For example, the marketing
department may be given permission to promote the business on consumer websites
such as Facebook and YouTube but at the same time a next generation firewall can curtail
any excessive video streaming or gaming on these platforms.
At times when there is excessive demand placed on the internet, a next generation firewall
can also take action to protect vital cloud applications and reduce the bandwidth available
to non-essential functions.
Malecki explains: If an England football game is on, some companies will be happy to let
their staff stream this but if this affected bandwidth it could prevent access to essential
applications such as Salesforce.com or another CRM system. A next generation firewall
will, however, allow you to reserve a percentage of the bandwidth for critical applications
to ensure the business remains productive at these times.
White Paper
Conclusion
Firewall manufacturers have been forced into taking some great strides forward in recent years, in response to
the nefarious activities of cybercriminals. But with approximately one in seven SMBs still likely to be deploying
traditional solutions, it is clear many organisations are still leaving themselves vulnerable to attack.
Furthermore, as IT consumerisation and cloud computing threaten to impact on crucial functionality, businesses
could well be losing competitive advantage by not deploying next generation solutions which protect
productivity.
With cyber attacks and internet usage both destined to grow rapidly in the coming years, the third of
businesses who have no plans to upgrade their firewall will also need to rethink their approach. Otherwise their
performance will suffer, or worse still they could leave themselves at the mercy of increasingly sophisticated
cybercriminals.
For further information and support on refreshing, testing and upgrading your
firewall, please get in touch with Icomm Technologies on 0121 248 7931 or at
www.icomm.co.uk