Industrial control-focused security programs depend on firewalls to minimize the threat of intrusion into operations networks, but security practitioners often fail to account for their limitations. Most firewalls are deployed in many layers, but attackers can move through them one at a time using an extensive toolbox of methods. An article from Andrew Ginter for the International Society of Automation reviews 13 classes of firewall attacks, along with several mitigating actions available to security professionals.
The first class of firewall attack is phishing. Phishing attacks involve sending emails through a firewall, persuading the recipient to forfeit passwords or unknowingly download malware. To prevent phishing attacks, security professionals should use unidirectional gates to prevent externally generated emails into firewall-secured industrial networks.