It doesn’t matter if you have the best cybersecurity software on the planet. The most recent stats around incidents cropping up for experts on the front line battling cyber security remind us that only those who take a proactive approach to firewall management can truly sleep soundly at night. For everyone else, it’s a game of Russian roulette – no geo-politically incorrect humor intended.
The first half of 2023 has been full of news of firewall and network vendors fixing security issues in their products and associated software. It’s not all bad, the transparency of these experts revealing these challenges serves to remind us that no one is safe, and all businesses need to be hyper-vigilant.
In The News:
17 January 2023 – Over 4,000 Sophos Firewall devices vulnerable to RCE attacks (bleepingcomputer.com)
31 May 2023 – Hackers exploit critical Zyxel firewall flaw in ongoing attacks (bleepingcomputer.com)
1 June 2023 – Zyxel Customers Urged to Patch Exploited Bug (infosecurity-magazine.com)
11 June 2023 – Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now (bleepingcomputer.com)
16 June 2023 – Barracuda Zero-Day Exploited by Chinese Actor (infosecurity-magazine.com)
Why It’s Harder Than It Looks
The reality is that all modern firewalls are complex pieces of equipment with firmware running full operating systems doing many things to protect an organisation. Software is often a combination of millions of lines of code. They often say that complexity is the enemy of security and, with modern firewalls being so complex, it is not surprising that when security researchers or cybercriminals look hard enough, they find problems that can be exploited. This also applies to consumer/home Wi-Fi routers.
Behind the news headlines above are what are known as CVEs. A CVE, also known as a ‘Common Vulnerability and Exposure’, publishes and rates software issues in terms of how bad an impact it has on security (including device firmware). The widely used CVE database tracks these issues and their ratings. Ratings range from 1 to 10, with 10 being the worst. Typically, anything above 9 is considered critical and should be urgently dealt with, as they are generally remote code execution issues or authentication bypass and can allow an attacker to take over a system.
Recent Security Issue Ratings
Fortinet – 5 reported CVE issues over a 9.0 in 2023
Cisco – 17 reported CVE issues over a 9.0 in 2023
SonicWall – 6 reported CVE issues over a 9.0 in 2023
Zyxel – 6 reported CVE issues over a 9.0 in 2023
Sophos – 1 reported CVE issue over a 9.0 in 2023
Business leaders are at risk of developing a false sense of security when outdated firewalls and antivirus software fail to keep up with the sophisticated tactics of modern cybercriminals. This danger isn’t specific to any one industry; it affects all sectors that rely on digital infrastructure. Most SMEs either don’t have full time IT staff or if they do, they are over worked and its easy for something like updating a firewall that otherwise remains invisible to be overlooked. This is where having a Managed Firewall service in place can provide a true sense of security.
It’s important to get help from a professional when it comes to managing, updating, and configuring your firewall. This could be for something you already own, or it could be a totally out-of-the-box type of service where you pay a monthly fee that includes the firewall, any upgrades, and any replacements.
