Date: Tuesday, June 10, 2014
Time: 2:00 p.m ET / 11:00 a.m. PT
As various industry organizations, such as the Community Emergency Response Team (CERT) in Finland, work with numerous IT security vendors and other experts to figure out the countless vulnerabilities that can allow advanced evasion techniques (AETs) to sneak through networks, organizations plagued by AETs are facing their own, more immediate pressures to come to terms with these rising attacks. These particular network-targeting attacks, which combine various known evasion methods in unique ways to launch assaults on companies over several layers of their infrastructures, are a sneaky lot because they handily disguise themselves from many information security solutions that organizations already have in place. And, they're gaining more steam, hitting organizations more and more, with some victims not even realizing they've been infiltrated. Indeed, AETs – not to be confused with advanced persistent threats – are being used by cyber criminals to gain entry into targeted networks because the countless permutations of evasion methods they use are proving much more successful in dodging current methods of detection. So, although an intrusion prevention system, for example, might be able to thwart one of the known AETs from breaching a network, it likely would allow a similar attack that has been modified and disguised. What, then, can organizations do exactly to ensure that they are taking whatever measures necessary to prevent AETs from getting into networks in the first place? And, failing that, what mitigation techniques are best to detect them and get them out of breached networks before severe damage—like unwanted exposure, theft and damage to critical data— happens? We explore the current conundrum that is this growing family of AETs, learning why bad guys are relying on them, how these attacks look, why exactly they still prove so difficult to detect, and what practical tips companies can enlist to help battle them more effectively.
Steven Smith, Sr. Network Security Manager, McAfee
Illena Armstrong, VP, Editorial, SC Magazine