News Feed Item
Controversy Surrounding Advanced Evasion Techniques Leads to High Price Tag for Businesses
|By Business Wire
|March 31, 2014 12:16 AM EDT
A new report by McAfee,
a division of Intel Security, examines the controversy and confusion
surrounding Advanced Evasion Techniques (AETs), and the role that they
play in Advanced Persistent Threats (APTs). A Vanson Bourne study,
commissioned by McAfee, surveyed 800 CIOs and security managers from the
United States, United Kingdom, Germany, France, Australia, Brazil and
South Africa, and showed that there are misunderstandings,
misinterpretation and ineffective safeguards in use by the security
experts charged with protecting sensitive data.
Recent high profile data breaches have demonstrated that criminal
activity can still evade detection for long periods of time. Survey
respondents acknowledged this and more than one in five security
professionals admit their network was breached (22 percent). Nearly 40
percent of those breached believe that AETs played a key role. On
average, those who experienced a breach in the last 12 months reported a
cost to their organization of upwards of $1 million.
“We are no longer dealing with the random drive-by scanner that is just
looking for obvious entryways into your network. In today's
interconnected world, we are dealing with adversaries who spend weeks or
months studying your public facing network footprint, looking for that
one small sliver of light which will allow them to gain a foothold into
your networks,” said John Masserini, vice president and chief security
officer, MIAX Options. “Advanced Evasion Techniques are that sliver of
light. When deployed, McAfee’s Next Generation Firewall technology adds
an extra layer of depth to protect against such threats, making that
sliver of light that much harder to find.”
Why Current Firewall Tests Hide the Existence of AETs
Nearly 40 percent of IT decision-makers do not believe they have methods
to detect and track AETs within their organization, and almost two
thirds said that the biggest challenge when trying to implement
technology against AETs is convincing the board they are a real and
“Many organizations are so intent of identifying new malware that they
are falling asleep at the wheel toward advanced evasion techniques that
can enable malware to circumvent their security defences,” said Jon
Oltsik, senior principal analyst, Enterprise Strategy Group. “AETs pose
a great threat because most security solutions can’t detect or stop
them. Security professionals and executive managers need to wake up as
this is a real and growing threat.”
Of the estimated 800 million known AETs, less than one percent is
detected by other vendor’s firewalls. The prevalence of these techniques
has risen significantly since 2010 with millions of combinations and
modifications of network based AETs having been identified to date.
Professor Andrew Blyth of the University of South Wales has studied the
prevalence and impact of AETs for many years. “The simple truth is that
Advanced Evasion Techniques (AETs) are a fact of life. It’s
shocking that the majority of CIOs and security professionals severely
underestimated that there are 329,246 AETs, when in fact the total of
known AETs is approximately 2,500 times that number or more than 800
million AETs and growing,” said Blyth.
AETs are methods of disguise used to penetrate target networks
undetected and deliver malicious payloads. They were first discovered in
2010 by network security specialist Stonesoft, which was acquired by
McAfee in May 2013. Using AETs, an attacker can split apart an exploit
into pieces, bypass a firewall or IPS appliance, and once inside the
network, reassemble the code to unleash malware and continue an APT
The reason these techniques are under-reported and not well understood
is that in some paid tests, vendors are given the chance to correct for
them. As such, only the specific techniques identified are corrected
for, and not the broader techniques that are rapidly updated and adapted
by criminal organizations.
“Hackers already know about advanced evasion techniques and are using
them on a daily basis,” said Pat Calhoun, general manager of network
security at McAfee. “What we’re hoping to do is educate businesses so
they can know what to look for, and understand what’s needed to defend
High Costs to Organizations
Respondents whose organizations had experienced a network breach in the
past twelve months estimate the average cost to the business to be
$931,006. Australia, which reported a lower number of breaches at 15
percent, indicated a much higher average cost per breach at $1.5
million. The cost to American respondents also exceeded $1 million on
average. The hit to the financial services sector was the hardest, with
estimated cost to be over $2 million per breach globally.
To download a copy of the full report, executive summary and
infographic, please visit www.mcafee.com/AET.
McAfee, a division of Intel Security and a wholly owned subsidiary of
Intel Corporation (NASDAQ: INTC), empowers businesses, the public
sector, and home users to safely experience the benefits of the
Internet. The company delivers proactive and proven security solutions
and services for systems, networks, and mobile devices around the world.
With its visionary Security Connected strategy, innovative approach to
hardware-enhanced security, and unique global threat intelligence
network, McAfee is relentlessly focused on keeping its customers safe. http://www.mcafee.com
Note: McAfee is a registered trademark of McAfee, Inc. in the United
States and other countries. Other names and brands may be claimed as the
property of others.
Photos/Multimedia Gallery Available: http://www.businesswire.com/multimedia/home/20140330005026/en/
While DevOps most critically and famously fosters collaboration, communication, and integration through cultural change, culture is more of an output than an input. In order to actively drive cultural evolution, organizations must make substantial organizational and process changes, and adopt new technologies, to encourage a DevOps culture.
Moderated by Andi Mann, panelists discussed how to balance these three pillars of DevOps, where to focus attention (and resources), where organizations migh...
Jul. 7, 2015 04:00 AM EDT Reads: 2,521
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and Containers together help companies to achieve their business goals faster and more effectively.
In his session at DevOps Summit, Ruslan Synytsky, CEO and Co-founder of Jelastic, reviewed the current landscape of...
Jul. 7, 2015 03:45 AM EDT Reads: 2,859
The enterprise market will drive IoT device adoption over the next five years.
In his session at @ThingsExpo, John Greenough, an analyst at BI Intelligence, division of Business Insider, analyzed how companies will adopt IoT products and the associated cost of adopting those products.
John Greenough is the lead analyst covering the Internet of Things for BI Intelligence- Business Insider’s paid research service. Numerous IoT companies have cited his analysis of the IoT. Prior to joining BI In...
Jul. 7, 2015 02:00 AM EDT Reads: 1,297
"ciqada is a combined platform of hardware modules and server products that lets people take their existing devices or new devices and lets them be accessible over the Internet for their users," noted Geoff Engelstein of ciqada, a division of Mars International, in this SYS-CON.tv interview at @ThingsExpo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 7, 2015 01:15 AM EDT Reads: 963
SYS-CON Events announced today that Secure Infrastructure & Services will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
Secure Infrastructure & Services (SIAS) is a managed services provider of cloud computing solutions for the IBM Power Systems market. The company helps mid-market firms built on IBM hardware platforms to deploy new levels of reliable and cost-effective computing and hig...
Jul. 6, 2015 11:00 PM EDT Reads: 1,943
DevOps Summit, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development...
Jul. 6, 2015 07:45 PM EDT Reads: 1,941
Live Webinar with 451 Research Analyst Peter Christy. Join us on Wednesday July 22, 2015, at 10 am PT / 1 pm ET
In a world where users are on the Internet and the applications are in the cloud, how do you maintain your historic SLA with your users?
Peter Christy, Research Director, Networks at 451 Research, will discuss this new network paradigm, one in which there is no LAN and no WAN, and discuss what users and network administrators gain and give up when migrating to the agile world of clo...
Jul. 6, 2015 07:45 PM EDT Reads: 1,639
DevOps is about increasing efficiency, but nothing is more inefficient than building the same application twice. However, this is a routine occurrence with enterprise applications that need both a rich desktop web interface and strong mobile support. With recent technological advances from Isomorphic Software and others, it is now feasible to create a rich desktop and tuned mobile experience with a single codebase, without compromising performance or usability.
Jul. 6, 2015 07:00 PM EDT Reads: 1,204
Containers are revolutionizing the way we deploy and maintain our infrastructures, but monitoring and troubleshooting in a containerized environment can still be painful and impractical. Understanding even basic resource usage is difficult – let alone tracking network connections or malicious activity.
In his session at DevOps Summit, Gianluca Borello, Sr. Software Engineer at Sysdig, will cover the current state of the art for container monitoring and visibility, including pros / cons and liv...
Jul. 6, 2015 06:15 PM EDT Reads: 1,988
SYS-CON Media announced today that CloudBees, the Jenkins Enterprise company, has launched ad campaigns on SYS-CON's DevOps Journal.
CloudBees' campaigns focus on the business value of Continuous Delivery and how it has been recognized as a game changer for IT and is now a top priority for organizations, and the best ways to optimize Jenkins to ensure your continuous integration environment is optimally configured.
Jul. 6, 2015 05:30 PM EDT Reads: 1,243
The 4th International Internet of @ThingsExpo, co-located with the 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - announces that its Call for Papers is open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than
Jul. 6, 2015 05:00 PM EDT Reads: 2,018
SYS-CON Events announced today that ProfitBricks, the provider of painless cloud infrastructure, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
ProfitBricks is the IaaS provider that offers a painless cloud experience for all IT users, with no learning curve. ProfitBricks boasts flexible cloud servers and networking, an integrated Data Center Designer tool for visual control over the...
Jul. 6, 2015 05:00 PM EDT Reads: 2,176
"In the IoT space we are helping customers, mostly enterprises and industry verticals where time-to-value is critical, and we help them with the ability to do faster insights and actions using our platform so they can transform their business operations," explained Venkat Eswara, VP of Marketing at Vitria, in this SYS-CON.tv interview at @ThingsExpo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 6, 2015 04:30 PM EDT Reads: 745
The most often asked question post-DevOps introduction is: “How do I get started?” There’s plenty of information on why DevOps is valid and important, but many managers still struggle with simple basics for how to initiate a DevOps program in their business. They struggle with issues related to current organizational inertia, the lack of experience on Continuous Integration/Delivery, understanding where DevOps will affect revenue and budget, etc.
In their session at DevOps Summit, JP Morgenthal...
Jul. 6, 2015 04:15 PM EDT Reads: 1,594
"We provide a web application framework for building really sophisticated web applications that run on a browser without any installation need so we get used for biotech, defense, and banking applications," noted Charles Kendrick, CTO and Chief Architect at Isomorphic Software, in this SYS-CON.tv interview at @DevOpsSummit (http://DevOpsSummit.SYS-CON.com), held June 9-11, 2015, at the Javits Center in New York
Jul. 6, 2015 03:45 PM EDT Reads: 1,789