Welcome!

News Feed Item

Controversy Surrounding Advanced Evasion Techniques Leads to High Price Tag for Businesses

A new report by McAfee, a division of Intel Security, examines the controversy and confusion surrounding Advanced Evasion Techniques (AETs), and the role that they play in Advanced Persistent Threats (APTs). A Vanson Bourne study, commissioned by McAfee, surveyed 800 CIOs and security managers from the United States, United Kingdom, Germany, France, Australia, Brazil and South Africa, and showed that there are misunderstandings, misinterpretation and ineffective safeguards in use by the security experts charged with protecting sensitive data.

Recent high profile data breaches have demonstrated that criminal activity can still evade detection for long periods of time. Survey respondents acknowledged this and more than one in five security professionals admit their network was breached (22 percent). Nearly 40 percent of those breached believe that AETs played a key role. On average, those who experienced a breach in the last 12 months reported a cost to their organization of upwards of $1 million.

“We are no longer dealing with the random drive-by scanner that is just looking for obvious entryways into your network. In today's interconnected world, we are dealing with adversaries who spend weeks or months studying your public facing network footprint, looking for that one small sliver of light which will allow them to gain a foothold into your networks,” said John Masserini, vice president and chief security officer, MIAX Options. “Advanced Evasion Techniques are that sliver of light. When deployed, McAfee’s Next Generation Firewall technology adds an extra layer of depth to protect against such threats, making that sliver of light that much harder to find.”

Why Current Firewall Tests Hide the Existence of AETs

Nearly 40 percent of IT decision-makers do not believe they have methods to detect and track AETs within their organization, and almost two thirds said that the biggest challenge when trying to implement technology against AETs is convincing the board they are a real and serious threat.

“Many organizations are so intent of identifying new malware that they are falling asleep at the wheel toward advanced evasion techniques that can enable malware to circumvent their security defences,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “AETs pose a great threat because most security solutions can’t detect or stop them. Security professionals and executive managers need to wake up as this is a real and growing threat.”

Of the estimated 800 million known AETs, less than one percent is detected by other vendor’s firewalls. The prevalence of these techniques has risen significantly since 2010 with millions of combinations and modifications of network based AETs having been identified to date.

Professor Andrew Blyth of the University of South Wales has studied the prevalence and impact of AETs for many years. “The simple truth is that Advanced Evasion Techniques (AETs) are a fact of life. It’s shocking that the majority of CIOs and security professionals severely underestimated that there are 329,246 AETs, when in fact the total of known AETs is approximately 2,500 times that number or more than 800 million AETs and growing,” said Blyth.

AETs are methods of disguise used to penetrate target networks undetected and deliver malicious payloads. They were first discovered in 2010 by network security specialist Stonesoft, which was acquired by McAfee in May 2013. Using AETs, an attacker can split apart an exploit into pieces, bypass a firewall or IPS appliance, and once inside the network, reassemble the code to unleash malware and continue an APT attack.

The reason these techniques are under-reported and not well understood is that in some paid tests, vendors are given the chance to correct for them. As such, only the specific techniques identified are corrected for, and not the broader techniques that are rapidly updated and adapted by criminal organizations.

“Hackers already know about advanced evasion techniques and are using them on a daily basis,” said Pat Calhoun, general manager of network security at McAfee. “What we’re hoping to do is educate businesses so they can know what to look for, and understand what’s needed to defend against them.”

High Costs to Organizations

Respondents whose organizations had experienced a network breach in the past twelve months estimate the average cost to the business to be $931,006. Australia, which reported a lower number of breaches at 15 percent, indicated a much higher average cost per breach at $1.5 million. The cost to American respondents also exceeded $1 million on average. The hit to the financial services sector was the hardest, with estimated cost to be over $2 million per breach globally.

To download a copy of the full report, executive summary and infographic, please visit www.mcafee.com/AET.

About McAfee

McAfee, a division of Intel Security and a wholly owned subsidiary of Intel Corporation (NASDAQ: INTC), empowers businesses, the public sector, and home users to safely experience the benefits of the Internet. The company delivers proactive and proven security solutions and services for systems, networks, and mobile devices around the world. With its visionary Security Connected strategy, innovative approach to hardware-enhanced security, and unique global threat intelligence network, McAfee is relentlessly focused on keeping its customers safe. http://www.mcafee.com

Note: McAfee is a registered trademark of McAfee, Inc. in the United States and other countries. Other names and brands may be claimed as the property of others.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, discussed how from store operations and ...
"There's plenty of bandwidth out there but it's never in the right place. So what Cedexis does is uses data to work out the best pathways to get data from the origin to the person who wants to get it," explained Simon Jones, Evangelist and Head of Marketing at Cedexis, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
In his session at 21st Cloud Expo, Carl J. Levine, Senior Technical Evangelist for NS1, will objectively discuss how DNS is used to solve Digital Transformation challenges in large SaaS applications, CDNs, AdTech platforms, and other demanding use cases. Carl J. Levine is the Senior Technical Evangelist for NS1. A veteran of the Internet Infrastructure space, he has over a decade of experience with startups, networking protocols and Internet infrastructure, combined with the unique ability to it...
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
Enterprises are moving to the cloud faster than most of us in security expected. CIOs are going from 0 to 100 in cloud adoption and leaving security teams in the dust. Once cloud is part of an enterprise stack, it’s unclear who has responsibility for the protection of applications, services, and data. When cloud breaches occur, whether active compromise or a publicly accessible database, the blame must fall on both service providers and users. In his session at 21st Cloud Expo, Ben Johnson, C...
"We're developing a software that is based on the cloud environment and we are providing those services to corporations and the general public," explained Seungmin Kim, CEO/CTO of SM Systems Inc., in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...
"MobiDev is a software development company and we do complex, custom software development for everybody from entrepreneurs to large enterprises," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Data scientists must access high-performance computing resources across a wide-area network. To achieve cloud-based HPC visualization, researchers must transfer datasets and visualization results efficiently. HPC clusters now compute GPU-accelerated visualization in the cloud cluster. To efficiently display results remotely, a high-performance, low-latency protocol transfers the display from the cluster to a remote desktop. Further, tools to easily mount remote datasets and efficiently transfer...
"Codigm is based on the cloud and we are here to explore marketing opportunities in America. Our mission is to make an ecosystem of the SW environment that anyone can understand, learn, teach, and develop the SW on the cloud," explained Sung Tae Ryu, CEO of Codigm, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Telecom Reseller has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
"CA has been doing a lot of things in the area of DevOps. Now we have a complete set of tool sets in order to enable customers to go all the way from planning to development to testing down to release into the operations," explained Aruna Ravichandran, Vice President of Global Marketing and Strategy at CA Technologies, in this SYS-CON.tv interview at DevOps Summit at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
WebRTC is great technology to build your own communication tools. It will be even more exciting experience it with advanced devices, such as a 360 Camera, 360 microphone, and a depth sensor camera. In his session at @ThingsExpo, Masashi Ganeko, a manager at INFOCOM Corporation, introduced two experimental projects from his team and what they learned from them. "Shotoku Tamago" uses the robot audition software HARK to track speakers in 360 video of a remote party. "Virtual Teleport" uses a multip...
In his session at 21st Cloud Expo, James Henry, Co-CEO/CTO of Calgary Scientific Inc., introduced you to the challenges, solutions and benefits of training AI systems to solve visual problems with an emphasis on improving AIs with continuous training in the field. He explored applications in several industries and discussed technologies that allow the deployment of advanced visualization solutions to the cloud.