Modern Day Attacks against Firewalls and VPN’s

Introduction
Today computer technology has undergone through a period of tremendous growth and in the process transforming how things are done on a daily basis. Computers have become an important aspect of our daily lives with personal and office computers being connected to each other through the internet or other forms of network connections. These changes have brought about flexibility allowing people to coordinate their activities from anywhere as long as they have a good internet connection. Despite all these developments, computer technology also comes with flaws which influence its user. One of these flaws is the cyber security dilemma which has become a growing concern given the fact that there’s absolutely no device that’s immune to cyber attacks (Stewart, 2012). In other words, all electronic or computer devices connected to the network are prone to experiencing cyber attacks. Modern organizations are spending a lot of resources to employ different techniques that might prevent these cyber attacks occurring in the computer network systems. Among the common techniques used to curb these cyber security threats is the use of multiple layers of firewalls and VPNs. These Firewalls are meant to act as a shield that safeguards an organization computer network from cyber attacks and in the process maintaining information security of a given organization (Stewart, 2012). However, though firewalls and VPNs offer a strong shield to guard against cyber attacks, they do not eliminate cyber security threats entirely as attackers often device new ways to beat their security framework. This study discusses the technology involved in VPNs and Firewall to understand how modern day cyber attacks against them occur, and to establish the future trends of computer network security threats, and their implication globally.

The Technology and Threats Involved
A Firewall can be described as the computer security safety feature that’s in charge of the incoming and outgoing traffic within a given network (Ramanujan, Kaddoura, Wu, Sanders & Millikin, 2003). Firewalls create a barrier between the trusted network and the suspicious network which in most cases tends to external. As such, firewalls function by preventing unauthorized devices accessing a particular network which safeguards against potential security bleaches on the computers within that network. However, though firewalls have proven to be effective tools to guard against network security bleaches, cyber criminals are using different tactics to try and beat the security measures existing within a given firewall security framework.
One of the common technique attackers apply on a given firewall is the use network traffic flood. This technique involves using some programs over the targeted network to send numerous flooders to a given computer network with the intention of overwhelming the capacity of the personal computer to withstand the huge traffic flowing through it (Holm & Ekstedt, 2013). By flooding a given computer network with a lot of traffic that the firewall protecting it would find hard to handle, attackers then look for any flaws that might result from this process so that they can take advantage of it as an opening into the network. Once the attackers have bleached through the network firewall through flooding it with huge traffic, they can access the database of the computers within this network and manipulate information within them as they would wish (Holm & Ekstedt, 2013). This posses a great threat to users of such a computer network especially in a situation where the network belongs to an organization because confidential information may be stolen or manipulated leading huge lose in terms of finance or customer’s confidentiality.
Cyber criminals also commonly use malformed network packets to attack the firewall of a given network. This form of firewall attacks involves sending malformed network packets to a given network such that when this kind of data is sent through a network, the computer will try to reassemble these malformed data packets (Makiou, Begriche & Serhrouchni, 2014). In most cases, computers tend to reject such data packets by requesting for a retransmission of another packet form the source, a process that might take quite long time to execute. Attackers take advantage of this waiting period when the computer is waiting for a resubmission of the data packets, to execute their attacks on the computers within that network (Makiou, Begriche & Serhrouchni, 2014).. As such, sending malformed data packets is a tactic attackers will use to delay the cause confusion within a given network so that they can find a way through which to maneuver through the firewall security undetected, and execute their attacks. Under such circumstances, most network security managers tend to realize about the firewall security bleach once it has already occurred. This technique can also be used closely with the IP spoofing strategy to beat a given network’s firewall security. In this case, attackers usually send a malicious IP address that confusing the firewall by making it appear that this malicious address originated from within the network, thus failing to take any action against it (Makiou, Begriche & Serhrouchni, 2014).. As such, intruders are now able to gain access to the network with very little resistance from the firewall.
On the other hand, attacker also target VPNs to carry out attacks on a given network. Virtual private networks are designed to protect networks users from cyber attacks during their online transactions. Today there are many different types of VPNs that are used to enhance network security with the common ones being the NordVPN, ExpressVPN and Hotspot Shield (Aboelela, 2012). Though these types of virtual private networks have been used successfully to safeguard against cyber attacks, they do have their own flaws just like the firewalls. One common fault that is common with VPNs is the use of session hijacking by attackers, which involves sending malicious data across the network with the aim of initiating a cyber attack. In this form of VPN attack, it happens when clients log into a server such that the intruder is able to obtain the IP address and number sequence of the data being submitted to a given network, after which they use this information to initiate flaws within a given computer network (Aboelela, 2012). By sending forged data packets through a virtual private network, the attackers are able to conceal their identity and gain access through the network’s security, a situation that leads to attackers taking advantage to launch full blown attacks. These factors highlight that though VPNs have traditionally been used as effective network security tools; modern cyber attackers have devised new techniques to beat their security framework, an issue that should be taken into serious consideration.
Malware programs are also used to initiative attacks on virtual private networks where attacks look for ways to install malicious software within the network with the aim of breaching the security measures installed to safeguard it (Amanullah, Kalam & Zayegh, 2005). By installing a malicious program or virus on a given computer network, attacker are able to gain access to computers within a given network, where they can steal sensitive and confidential information from them. In most cases, these malware programs are designed in such a way that when they get inti a given computer network, the multiple rapidly and spread out to almost every computer within the network, a factor that ensures that the attackers are in full control of the network and they can launch their attacks from different angles within the network (Amanullah, Kalam & Zayegh, 2005). Spoofing and DDO attacks apply the same technique when targeting virtual private networks and they can expose computers within a given network to huge security threats if they are not detected and acted upon in good time (Amanullah, Kalam & Zayegh, 2005).
From the foregoing, despite VPNs and firewalls being used as the traditional tools for safeguarding against cyber attacks of computer network, attackers have been able to devise new techniques to overcome the security measures in place. Experts suggest that the reason why cyber criminals have been able to take launch attacks on firewall and VPN protected network is because of the existing policies which have created loopholes that intruders are able to take advantage of. Several solution have been suggested on how to overcome some of these security challenges with the common ones being that a new policy that ensures that data packets are broken down before they can reach to their targeted destination should be put in place so as to avoid attackers sending malicious data packers that are later used to create confusion within the network as attackers looks for way to capitalise on any flaws that might result from this process. More research should be done to establish new and better ways to deal with these flaws that are hampering VPNs and firewalls from executing their security functions appropriately.
Future Trends and Global Implication
Today technological advancements continue to expand rapidly, a factor that is very exciting because it means that it will be easier to execute most transactions more effectively and easily. Though the field of computer technology is projected to experience huge growth going into the future, the emerging network security trends pause a great threat to these developments. As such, a number of network security considerations will have to be made if these threats are to be overcome going into the future.
Among the security features that organizations can adopt to overcome the security challenges arising for the current VPN and firewall security frameworks include the applying trusted encryption algorithms that have a very long key strength so that they can be able to support data security effectively (Dutta, & McCrohan, 2002). Moreover, network administrator should look to install more advanced and updated antivirus software with the capability of detecting any malicious activity around the VPN and firewalls so that appropriate defensive mechanisms can be applied in good time (Vacca, & Ellis, 2004). Other security measures that should be considered going forward includes the use of sturdy default security that should be applied to all maintenance and administration ports as they will be able to detect any malicious data packets or activity that might lead to a bleach of a given network’s security (Wesinger & Coley,2005). In addition, site-to-site authentication measures should be applied in collaboration with digital certificates so that any unidentified data packet or traffic trying to access a given network is scrutinized before it can cause any serious harm on the network.
Today security experts are applying firewalls with VPNs together with other network security measures such as the use of encryption, to enhance the existing network security measures. By applying these multiple network security features together, it makes it hard for cyber attackers to access penetrate through such a network security framework because it will be hard for them to penetrate through these multiple network security layers (Makiou, Begriche & Serhrouchni, 2014). Moreover, more training on network administrators and other supporting staff should be done so that they are made aware of any emerging network security trends that they should be keener on, as well as advancing their overall knowledge of the subject. Putting these measures in place will be crucial to ensure that the dangers associated with the emerging network security threats are detected and overcome early before they can happen.
Conclusion
From the facts raised in this discussion, it is quite clear that though firewalls and VPNs offer a strong shield to guard against cyber attacks, they do not eliminate cyber security threats entirely as attackers often device new ways to beat their security framework. For instance firewalls can be breaches using network traffic flood and malformed data packets to launch attacks on a given network with the intention of overwhelming the capacity of the personal computer to withstand the huge traffic flowing through it. Moreover, VPN’s are also attacked using different forms of malwares to breach through their security measures. In fitre, network administrators should seek more knowledge on how to deal with the emerging network security threats while applying a layer of multiple network security threats together would also be necessary to overcome these threats. There is no doubt that more effort need to be made to device new strategies that can overcome the VPN and firewall security threats because attackers are also developing new tactics to beat the existing security measures in place.

References
Aboelela, E. (2012). Firewalls and VPN. Network Simulation Experiments Manual, 137-145. doi:10.1016/b978-0-12-385210-6.00013-3
Amanullah, M. T. O., Kalam, A., & Zayegh, A. (2005). Network Security Vulnerabilities in SCADA and EMS. In 2005 IEEE/PES Transmission Distribution Conference Exposition: Asia and Pacific (pp. 1–6). https://doi.org/10.1109/TDC.2005.1546981
Dutta, A., & McCrohan, K. (2002). Management’s Role in Information Security in a Cyber Economy: California Management Review. https://doi.org/10.2307/41166154
Holm, H., & Ekstedt, M. (2013). Estimates on the effectiveness of web application firewalls against targeted attacks. Information Management & Computer Security, 21(4), 250-265. doi:10.1108/imcs-11-2012-0064
Makiou, A., Begriche, Y., & Serhrouchni, A. (2014). Improving Web Application Firewalls to detect advanced SQL injection attacks. 2014 10th International Conference on Information Assurance and Security. doi:10.1109/isias.2014.7064617
Ramanujan, R., Kaddoura, M., Wu, J., Sanders, C., & Millikin, K. (n.d.). VPNshield: Protecting VPN services from denial-of-service (DoS) attacks. Proceedings DARPA Information Survivability Conference and Exposition. doi:10.1109/discex.2003.1194950
Stewart, J. M. (2012). Network Security, Firewalls and VPNs. Retrieved from https://books.google.com/books/about/Network_Security_Firewalls_and_VPNs.html?id=qZgtAAAAQBAJ
Vacca, J. R., & Ellis, S. (2004). Firewalls: Jumpstart for Network and Systems Administrators. Elsevier.
Wack, J., Cutler, K., & Pole, J. (2002). Guidelines on Firewalls and Firewall Policy. BOOZ-ALLEN AND HAMILTON INC MCLEAN VA. Retrieved from https://apps.dtic.mil/docs/citations/ADA399879
Wesinger, R., & Coley, C. (2005). Method for providing a virtual private network connection. Retrieved from https://patents.google.com/patent/US20060053486A1/en

Published by
Essays
View all posts