Insecurity outfit Sophos has poured water on a "new kind of attack", which Finnish security provider Stonesoft says is the latest to target network security equipment.
Stonesoft said that it found a new threat category - advanced evasion techniques (AETs) - which simultaneously combined different evasions in several layers of networks, and in the process become invisible for security gear.
It said it let attackers bypass most firewalls and intrusion detection and prevention systems (IPS) without being detected, which could give access to data on secure corporate networks and allow them to plant further attacks.
“We have reason to believe that we have seen just the tip of the iceberg,” said Juha Kivikoski, chief operating officer at Stonesoft.
“The dynamic and undetectable nature of these advanced evasion techniques has the potential to directly affect the network security landscape. The industry is facing a non-stop race against this type of advanced threats and we believe only dynamic solutions can address this vulnerability.”
It added that from the point of view of cybercriminals and hackers, advanced evasion techniques work like a master key to anywhere.
However it seems more like Stonesoft's following through on a marketing push. Graham Cluley, senior technology consultant at Sophos, told TechEye that it's "nothing new."
"I'm not sure why the company has released this story, it's not like the sky is falling in with this threat," Sophos said.
"IDS security risks have been around for years. It's not a risk for many companies as many have better security than IDS. If an attack goes past the IDS they have protection on their desktops.
"The only thing this release does it remind IDS managers that they need extra security, although most have this. It's come at a time that Stonesoft's share prices have risen and it has embarked in a new marketing program."
*EyeSee The picture is of stitching awls, the kind of tools a cobbler, or shoe maker, may use. To use it in a sentence, you could say StoneSoft's announcement is a load of cobbler's awls.
"Security experts at ICSA Labs, part of Verizon Communications Inc, have tested the new evasions and have found the risk is real."
"It's unlikely that really any network security vendor is aware of such evasions."
http://www.reuters.com/article/idUSTRE69H0ZS20101018?feedType=nl&feedName=usmorningdigest
Evasions for sure are not a new thing; the dramatic news is that they discovered that using some of them at the same time, an attacker can BYPASS network Security solutions implemented at a perimeter level. Once inside, an attacker can try to attack hosts using the whole range of know and unknow exploits with no hurry.