Advanced Evasion Techniques still top of mind for pros, study says

Share this article:
Leaks revealed how the intelligence agency targets computers not connected to the internet.
Nearly 40 percent of IT decision-makers don't believe they have the ability to detect AETs.

Almost 40 percent of IT decision-makers surveyed for a Vanson Bourne study commissioned by McAfee report that they don't believe they can detect and track Advanced Evasion Techniques (AETs).

The report, "The Security Industry's Dirty Little Secret," which surveyed 800 CIOs and security managers from the United States, United Kingdom, Germany, France, Australia, Brazil, and South Africa, found that two-thirds of respondents believe the biggest challenge to implementing technology to combat AETs is convincing their boards that the threats are serious.

But serious and costly they are, with 22 percent of the professionals surveyed admitting to network breaches (costing an average of $1 million) and 40 percent of those believing that AETs played an important role in the attacks.

As the name implies, AETs evade detection as cyber criminals spend weeks, even months, patiently searching for and exploiting vulnerabilities in corporate networks.

“AETs are the delivery methods hackers use to bypass businesses' security defenses to get a piece of malware into a company's network,” says Jennifer Geisler, senior director, network security, at McAfee.

AETs also fly below the radar of most firewalls — McAfee notes that less than one percent of the estimated 800 million known AETs (representing a significant rise since 2010) are detected by firewalls.

“Most security system vendors understand them but are unable to detect them” because they don't “perform normalized data stream inspection, which is the primary way to identify AETs.,” Geisler said. “Additionally there's industry confusion around AETs vs. APTs [Advanced Persistent Threats] by CIOs, CISOs and security professionals, which is a recipe for trouble.”

In addition, the industry has been hyper-focused on the “sexier” malware. “We agree that it's important to detect new threats,” Geisler said. “But it's also important for businesses to know how hackers are getting into their networks.”

To protect against AETs, Geisler urges security professionals “to first talk about the threat across all levels of your organization, understand the scope of the problem and look at your defenses.”

[An earlier version of this story incorrectly referred cited the McAfee-commissioned report as the Van Bourne study and misspelled Geisler in two instances].

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.