New cyber threats bypass most network security systems,


Cybercriminals are using new, advanced evasion techniques that can pose a serious threat to existing network security systems worldwide, says security firm Stonesoft.

Companies may suffer a significant data breach including the loss of confidential corporate information, the firm warned.

According to the Stonesoft's Helsinki research labs, the threats significantly extend what was previously known about evasion techniques.

The researchers found that the new techniques provide cybercriminals with a master key to any vulnerable system such as ERP by bypassing network security systems.

"It does not matter what intrusion prevention systems are in place, because these master keys can bypass most of them," said Ilkka Hiidenheimo, chief executive at Stonesoft.
200 evasion techniques

Cybercriminals are now using 200 different evasion techniques in combination to create an almost infinite number of different attack methods, he told Computer Weekly.

A range of content inspection technologies are affected, said researchers, which means cybercriminals can use them to evade many network security systems.

Field tests and experimental data show many of the existing network security solutions fail to detect these techniques and thus fail to block the attack inside.

The details of this discovery have been shared with CERT-FI in Finland for vulnerability co-ordination purposes and validated by ICSA Labs.

CERT-FI said it would work with Stonesoft and other network security suppliers to remediate the vulnerabilities exposed by the new evasion techniques.

ICSA Labs said the advanced evasion techniques could result in lost corporate assets with potentially serious consequences for breached organisations.

The dynamic and undetectable nature of these advanced evasion techniques could have a direct effect on the network security landscape, said Juha Kivikoski, chief operating officer at Stonesoft.

"The industry is facing a non-stop race against this type of advanced threats and we believe only dynamic solutions can address this vulnerability," he said.
Defence

The best defence against these evasion techniques is through flexible, software-based security systems with remote update and centralised management capabilities, said Ash Patel, country manager for UK and Ireland at Stonesoft

However, most organisations today use static hardware-based solutions, which can be difficult or even impossible to update against rapidly evolving and dynamic threats, he said.

"By working at different layers in the TCP/IP stack, cybercriminals can set up invisible communication channels in which they can embed attacks," he said.

According to Patel, 99% of network security systems are vulnerable to these techniques, and it is therefore important for all organisations to identify all their critical data assets and find out as much as they can about the threat to ensure they are protected.

Stonesoft has published detailed information and a video on the advanced evasion techniques, and called on the network security industry to collaborate on combating them.