How Hackers Get Through Firewalls – 6 Tactics Cyber Criminals Use to Breach Enterprise-Level Businesses

Once you understand how hackers get around firewalls, you are in a much better position to defend your business from their cyber attacks.

Network security solutions are getting more and more sophisticated every day, offering rapidly increasing levels of protection in ever more efficient and affordable ways. Yet sometimes, cybercriminals can still find a way into the most well-defended IT infrastructures.

Ever wondered how they manage that? What vulnerabilities do hackers use to get around seemingly watertight network security defences? And what security solutions are available to counteract them?

Here are six common methods that cybercriminals use to circumvent network security. But it’s not all doom and gloom – we’ll discuss how to keep these risks at bay too.

how to hack firewalls with code on a computer screen
Hacking networks with code injections

1. Encrypted Injection Attacks

This kind of exploit is particularly dangerous for companies with older firewalls or those that don’t use a feature called “deep packet inspection” or DPI.

Put simply, a firewall with DPI will inspect all of the data packets entering and leaving your network to check for malicious code, malware, and other network security threats.

Encrypted injection attacks are usually delivered via phishing emails. The email will trick the user into clicking a certain link that injects encrypted code onto the machine – this can be regular malware, fileless malware, or some kind of data access backdoor.

The phishing link may also ask the user for login credentials (or other sensitive information) as well as delivering its encrypted payload for a cybercrime double-whammy.

Older software systems are less well equipped to adequately inspect and filter encrypted traffic. Modern DPI-enabled firewalls stand a much better chance of dealing with encrypted threats, but as yet unidentified (“zero-day”) threats can still slip through the net.

The fight against encrypted injection attacks is a great example of how cybersecurity training, modern firewall solutions, and strong antivirus protections work together hand in hand.

2. DNS Leaking

A firewall’s job isn’t just to inspect incoming traffic, it’s there to make sure nothing unexpected leaves the network too.

In our experience, an alarming number of enterprise firewalls are configured to inspect traffic coming in but neglect to keep an eye on the data that’s leaving the network. This is a dream scenario for a cybercriminal!

Although getting into the network may prove a challenge, once they’re in they can leak data back out however they wish. If your firewall isn’t inspecting what’s leaving the network, it won’t detect a problem.

A smaller number of organisations have a slightly savvier network security setup, but one that’s still open to abuse. These networks limit the kinds of traffic that can leave the network, only allowing outgoing traffic via three protocols – HTTP, HTTPS, and DNS which are all necessary for internet access. Though this method means that a hacker wouldn’t have the same choice of exits as in our previous scenario, data can still be leaked through DNS – albeit rather slowly.

If your firewall is allowing all outgoing DNS movement, then this could become an issue. So, make sure that your firewall is covering all of your bases – both incoming and outgoing.

3. Neighbour Wi-Fi Access Points

If your organisation’s Wi-Fi is sometimes a little slow or if staff want to circumvent your network security policies, members of your team may simply switch to an available open Wi-Fi network that’s nearby.

For example, if your office is next door to a coffee shop, it’s likely that your staff will occasionally hop between the coffee shop’s open network and your (hopefully) secure one.

However, this can open up a whole can of cybersecurity worms. When a member of your team joins a network that is outside of your organisation’s direct control, they’re actively circumventing your company’s security policies.

You see, anybody can connect to an open network, including cybercriminals. If a hacker is trying to target your company, they may join a neighbouring open network and wait for one of your team to join that network too.

Once a team member joins the open network, there’s hypothetically nothing in place to stop the hacker from listening in on their communications or even attempting to access your network via the user’s device.

Two cybersecurity systems offer solutions here: Virtual Private Networks (VPNs) and Intrusion Prevention Systems (IPSs).

Virtual Private Networks

VPNs are a must if your staff frequently access external networks as they encrypt all traffic between their device and your network. If someone wanted to snoop in on communications, all they’d see is useless gibberish.

Intrusion Prevention Systems

IPSs continually monitor your network for potentially out of the ordinary or unnecessary network behaviour. Once detected, the IPS will either block this behaviour or alert an engineer to investigate.

4. IoT Attacks

If you use a smartwatch or voice-operated smart speaker, then you’re already somewhat familiar with the “Internet of Things” or IoT.

Many businesses are welcoming internet-enabled devices – of wildly varying complexity – into the workplace, including cloud-enriched access control systems and smart lighting and heating solutions.

Incorporating online features into these devices gives us a level of convenience and control that we would have only dreamed of 20 years ago. Yet, without proper protections, IoT systems have their downsides.

In 2013, US retailer Target suffered a crippling data breach that exposed millions of customer records, including credit card details.

Instead of hacking Target’s networks directly, the cybercriminals responsible infiltrated their air conditioning supplier. The air-con systems used by the retailer were internet-enabled and this – alongside a spot of phishing – is how the hackers made their way into Target’s systems.

The problem with IoT device software is that it’s often lightweight, scarcely including any kind of security measures. With this in mind, you should NEVER connect an IoT device directly to the internet – no matter how small or innocuous the device may be. Always make sure it’s safely “behind” your firewall, IPS, and any other cybersecurity solutions that you use.

5. Social Engineering

Even with the most stringent network security measures in place, hackers can still find a way into your network. Skilled cybercriminals can easily use our psychology against us – leaning on a kind of psychology known as “social engineering”.

Put simply, it’s the study of manipulating people into doing things, through persuasion, coercion, loss aversion, curiosity, or sometimes outright threats and blackmail. It’s almost like “people hacking”.

Sending an authentic-looking phishing email is a common way of extorting information, and is an example of social engineering. A cybercriminal may deliberately leave an infected USB stick in the company car park to tap into our innate, natural curiosity – not to mention our innate, natural sense of “finder’s keepers”; this is called “baiting”.

Attacks can also happen over the phone, with a criminal calling in and pretending to be a supplier needing confidential information to verify someone’s identity, for example. There are numerous social engineering methods out there, so it pays to stay alert.

This video shows how easy it is for an informed, confident social engineer to access worryingly confidential information:

Network security systems always work in logical, predictable ways. Sadly, humans don’t.

Although cybersecurity provisions are essential, there’s no replacement for good cybersecurity awareness training. A well-informed workforce could be the one thing that scuppers a criminal’s plans!

6. Steganography

This is a big word for something quite simple.

Where cryptography is the study of encrypting and decrypting messages, steganography is the study of concealing the fact that a message has been sent at all. Except we’re not just talking about “messages” here – we’re talking about security exploits and malware.

All manner of threats can be hidden in seemingly innocent-looking files. Whether it’s a file purporting to be a legitimate app installer, a video of a cute puppy, or the latest meme doing the rounds, that file could secretly be laden with unknown nasties.

When a payload has been crudely inserted into the innocent “carrier” file, it’s still possible that it will be picked up by up-to-date security software. So hackers need to get a bit smarter.

Some firewalls don’t look at files over a certain size, and some limit sandboxing functionality to smaller files too. With this in mind, hackers will often “pack” the file with useless nonsense, so the firewall overlooks it and lets it slide right through.

However, many modern firewalls feature “stream-based” deep packet inspection. Instead of assessing each file as an assembled whole, these solutions inspect each packet as it comes in – even if you’ve downloaded 99% of the file, it’ll pull the plug if it detects something fishy within it.

Cloud-enabled, unlimited sandboxing is another feature common to modern firewalls that can help here; it runs each new file through a test environment to see if it does anything unexpected or dangerous.


Now you know the main tactics used by cybercriminals to hack a business firewall, you are much better placed to defend against them!

If you’re in the market for a new firewall (or if you’ve had yours for more than 5 years) then give Just Firewalls a call. We proudly supply network security solutions from industry leaders WatchGuard and SonicWall, and offer generous discounts to educators and CICs.

Not looking for a firewall right now? No problem. We also supply Wireless Intrusion Prevention Systems, Multi-Factor Authentication platforms, VPNs, and everything you need to keep your team safe online. Get in touch today for an informal chat and claim your free cybersecurity health check.