Network security equipment hit by new attack
A new kind of attack is targeting network security equipment, Stonesoft said.
Security firm Stonesoft has found a new threat category – advanced evasion techniques (AETs) – which simultaneously combine different evasions in several layers of networks, and in the process become invisible for security gear.
Advanced evasion techniques work like a master key to anywhere
While such hacks are nothing new, AETs package them in new ways to let attackers bypass most firewalls and intrusion detection and prevention systems (IPS) without being detected.
This could give them access to data on secure corporate networks and allow them to plant further attacks.
“From the point of view of cybercriminals and hackers, advanced evasion techniques work like a master key to anywhere,” said Klaus Majewski, business development chief at Stonesoft.
“Current protection against advanced evasion techniques is next to zero. This is a new thing and there is no protection against it currently,” Majewski said.
Security experts at ICSA Labs have tested the new evasions and have found the risk is real.
“In most of the cases IPSs were unable to detect the attack,” said Jack Walsh, program manager for intrusion detection and prevention at ICSA Labs. “It’s unlikely that really any network security vendor is aware of such evasions.”
The problem with advanced evasion techniques is not just new attacks, but that AETs can create millions of combinations from a few dozen different evasions.
Stonesoft has alerted authorities about its findings, and it thinks others have also likely found similar technologies.
“I am sure there are other research organisations studying this, but if they are on the wrong side of the law, they would not announce this. It’s too good a tool to use,” Majewski said.