Insecurity outfit Sophos has poured water on a “new kind of attack”, which Finnish security provider Stonesoft says is the latest to target network security equipment.
Stonesoft said that it found a new threat category – advanced evasion techniques (AETs) – which simultaneously combined different evasions in several layers of networks, and in the process become invisible for security gear.
It said it let attackers bypass most firewalls and intrusion detection and prevention systems (IPS) without being detected, which could give access to data on secure corporate networks and allow them to plant further attacks.
“We have reason to believe that we have seen just the tip of the iceberg,” said Juha Kivikoski, chief operating officer at Stonesoft.
“The dynamic and undetectable nature of these advanced evasion techniques has the potential to directly affect the network security landscape. The industry is facing a non-stop race against this type of advanced threats and we believe only dynamic solutions can address this vulnerability.”
It added that from the point of view of cybercriminals and hackers, advanced evasion techniques work like a master key to anywhere.
However it seems more like Stonesoft’s following through on a marketing push. Graham Cluley, senior technology consultant at Sophos, told TechEye that it’s “nothing new.”
“I’m not sure why the company has released this story, it’s not like the sky is falling in with this threat,” Sophos said.
“IDS security risks have been around for years. It’s not a risk for many companies as many have better security than IDS. If an attack goes past the IDS they have protection on their desktops.
“The only thing this release does it remind IDS managers that they need extra security, although most have this. It’s come at a time that Stonesoft’s share prices have risen and it has embarked in a new marketing program.”
*EyeSee The picture is of stitching awls, the kind of tools a cobbler, or shoe maker, may use. To use it in a sentence, you could say StoneSoft’s announcement is a load of cobbler’s awls.