13 Ways to Break a Firewall
Firewalls are a go-to for OT security—but how much protection do they really offer? In this report, we explore 13+ real-world attack scenarios that defeat firewalls, share mitigations for each kind of attack, and look at smarter, stronger designs for (that still include firewalls) for protecting industrial systems.
Firewalls are almost always the second technical step taken to secure industrial / OT automation systems. But how much security do firewalls impart?
One way to compare the strength of different defensive technologies and designs is to compare the attacks those designs defeat reliably, vs. the attacks they do not defeat. In this report, we look at firewalls, at attacks that defeat firewalls, and at mitigations, compensating measures and alternatives for and to firewalls.
And yes, the number “13” is a lucky ‘marketing’ number. The report in fact touches on closer to 18 or 19 kinds of attacks/scenarios.
Get the report to understand:
Which types of cyberattacks firewalls can and can’t stop in industrial environments
Real-world examples of firewall failures
Practical alternatives that strengthen OT security when firewalls fall short
About the author
Waterfall team
FAQs About Firewalls
What is a Firewall?
A firewall is a combination of software-based filtering and routing functionality that controls the flow of data between networks. While some firewalls come as hardware appliances, all firewalls rely on software to inspect and make decisions about each network message.
In practice:
Firewalls route traffic (e.g., from your home network to the internet)
They also filter that traffic based on rules — asking: “Is this message allowed?”
Every modern operating system — including those on laptops and phones — comes with built-in firewall capabilities.
What are the First 3 Laws of OT Security?
The foundational truths of OT (Operational Technology) cybersecurity are:
Nothing is secure. Security is a moving target — it’s never absolute, only more or less secure.
All software can be hacked. Every application has flaws, and some of those become security risks.
All cyber-sabotage is information. Any flow of information — even seemingly harmless — can be an attack vector.
These laws help shift your mindset toward continuous risk reduction rather than assuming absolute protection.
Why Should I Download This eBook?
This free eBook gives you a realistic perspective on firewalls in industrial environments:
Learn which types of cyberattacks firewalls are unable to stop
Discover real-world cases where firewalls failed to protect OT systems
Explore practical alternatives that can enhance security beyond traditional firewalls
If you’re serious about protecting your OT environment, this guide will help you ask better questions — and build stronger defenses.