'Advanced evasion techniques' cause network security rethink

Security vendor Stonesoft claims to have discovered a dangerous new category of threat which could render network security tools useless.

So-called advanced evasion techniques (AETs) use different methods in virtually limitless combinations to avoid detection by 99 per cent of current products on the market, according to the vendor.

AETs can be coupled to an exploit to effectively make that exploit invisible, allowing hackers as much time as they like to test and refine exploits on a target system until they are successful, according to Stonesoft chief executive Ilkka Hiidenheimo.

The use of AETs at a network level could lead to serious data breaches involving the loss of corporate information from mission-critical applications, Stonesoft warned.

"Even our product doesn't offer full protection because we're finding new holes and combinations of evasions all the time," said Hiidenheimo.

"A very clear rethink is needed in network security. All security functionality must be software-based, automated and updatable, because when something is found in the wild you need to make changes very quickly."

Stonesoft has informed CERT-FI in Finland for vulnerability co-ordination purposes, and has had its research validated by third-party testing organisation ICSA Labs.

The company has shared its intelligence with the industry in an attempt to help in the race to find an effective solution.

"The issues identified by Stonesoft affect a range of content inspection technologies," said Jussi Eronen, head of vulnerability co-ordination at CERT-FI.

"Continuous co-operation among CERT-FI, Stonesoft and other network security vendors is essential for remediating the identified vulnerabilities."