New, advanced evasion techniques (AET) that can pose a serious threat to existing network security systems worldwide, according to Stonesoft. These AET threats significantly extend what is known today about evasion techniques. The details of this discovery have been shared with CERT-FI in Finland for vulnerability coordination purposes and validated by ICSA Labs.
Essentially, AETs provide today’s cyber criminals with a master key to access any vulnerable system such as ERP and CRM applications by bypassing today’s network security systems. As a result, companies may suffer a significant data breach including the loss of confidential corporate information.
Additionally, these types of AETs could be used by organized crime and cyber terrorists to conduct illegal and potentially damaging activities.
Stonesoft reported the discovery and sent samples of AETs to the national computer security incident response team CERT-FI as well as ICSA Labs, an independent division of Verizon Business that offers third-party testing and certification of security products and network-connected devices. Charged with globally coordinating the remediation of the identified vulnerabilities with network security vendors, CERT-FI issued a vulnerability statement about advanced evasion techniques on October 4, and also plans to update it today.
“The issues identified by Stonesoft affect a range of content inspection technology. Continuous cooperation among CERT-FI, Stonesoft and other network security vendors is essential for remediating the identified vulnerabilities. CERT-FI strives to facilitate this process,” said Jussi Eronen, head of vulnerability coordination at CERT-FI.
“We have reason to believe that we have seen just the tip of the iceberg,” said Juha Kivikoski, COO at Stonesoft. “The dynamic and undetectable nature of these advanced evasion techniques has the potential to directly affect the network security landscape. The industry is facing a non-stop race against this type of advanced threats and we believe only dynamic solutions can address this vulnerability.”
“Stonesoft has discovered new ways AETs can evade many network security systems,” said Jack Walsh, intrusion detection and prevention program manager at ICSA Labs. “We were able to validate Stonesoft’s research and believe that these advanced evasion techniques can result in lost corporate assets with potentially serious consequences for breached organizations.”
AETs in the wild
Stonesoft experts discovered the new threats while testing their own StoneGate network security solution with the latest and most advanced attacks. Field tests and experimental data show many of the existing network security solutions fail to detect AETs and thus fail to block the attack inside.
Stonesoft cautions that attackers across the globe may already be using AETs in advanced, targeted attacks. With only a select few products available to provide protection, organizations may be challenged to protect their systems quickly.