Security firm warns of advanced evasion techniques

By on

Many may ignore threat.

Advanced evasion techniques (AET) have managed to bypass all major existing firewall and intrusion prevention solutions (IPS) and pose a serious network security issue, according to Stonesoft.

Research from Stonesoft claimed that the techniques can pose a serious threat to existing network security systems worldwide and significantly extend what is known today about evasion techniques.

It said that evasion techniques are a means to disguise and/or modify cyber attacks to avoid detection and blocking by information security systems. They enable cyber criminals to deliver malicious content and exploit or attack a vulnerable system without detection.

These challenges gave Stonesoft reasons to investigate evasions further, as the AET challenged all the dominant rules, principles and thinking. Stonesoft claimed that it is likely that many companies will try to ignore evasions, saying this threat is only theoretical and not real.

Discovered in Stonesoft's research labs in Helsinki, it reported the discovery and sent samples of AETs to the country's national computer security incident response team CERT-FI, as well as to ICSA Labs, an independent division of Verizon Business that offers third-party testing and certification of security products and network-connected devices.

Ash Patel, country manager UK and Ireland at Stonesoft, explained that such techniques have been known about since 1998 and there has been a lot of discussion in the black hat community.

He said: “The AET is not a vulnerability, it is the delivery mechanism. Stuxnet is out there but some companies cannot patch so will do virtual patching with an IPS and the AET will be disguised and carry out its actions in secret. It will render the patch useless if it cannot be protected.

“With the latest and most advanced attacks we showed the holes in our own technology and fixed them, but we were concerned that the security sector has missed the trick, so we purchased every major firewall in the Gartner magic quadrant and set them to their highest capability and tested them and saw traffic that contained the payloads. This means that critical systems and servers will be vulnerable to this type of attack.”

Jack Walsh, intrusion detection and prevention program manager at ICSA Labs, said: “Stonesoft has discovered new ways AETs can evade many network security systems. We were able to validate Stonesoft's research and believe that these advanced evasion techniques can result in lost corporate assets, with potentially serious consequences for breached organisations.”

See original article on scmagazineuk.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
advanced are evasion networks of penetrate security techniques that to undercover used warnings
In Partnership With

Most Read Articles

NBN Co says fibre-to-the-curb build is more complex than it hoped

NBN Co says fibre-to-the-curb build is more complex than it hoped
How Woolworths landed in 'really bad shape' with Salesforce

How Woolworths landed in 'really bad shape' with Salesforce
NBN Co explores 'FTTN in a box' for emergency network fixes

NBN Co explores 'FTTN in a box' for emergency network fixes
Don't bother with blockchain: databases or email may be better

Don't bother with blockchain: databases or email may be better
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Intro to AI for Security Professionals
Intro to AI for Security Professionals
Digital Transformation: Hope, or Hype?
Digital Transformation: Hope, or Hype?
How to choose a trusted IT provider
How to choose a trusted IT provider
Why Business Process Modelling Matters
Why Business Process Modelling Matters
Report: ANZ IT Decision Makers - Top Priorities for Endpoint Security 2018
Report: ANZ IT Decision Makers - Top Priorities for Endpoint Security 2018

Events

Log In

Username / Email:
Password:
  |  Forgot your password?