McAfee Report Details Myths and Realities of Advanced Evasion Techniques (AETs)

By

If you do not know about Advanced Evasion Techniques (AETs) and the role they play in Advanced Persistent Threats (APTs), you should. Unfortunately, as a new report by security solutions provider McAfee (a division of Intel Security) highlights, these bad boys are highly prevalent and there should be a sense of urgency about getting educated about the myths and realities of AETs and sounding the alarm to raise your defenses.   

So what is an AET?

The best place to get a level set is in understanding what AETs are. As McAfee notes, AETs are methods of disguise used to penetrate target networks undetected and deliver malicious payloads. Discovered in 2010, using AETs, an attacker can split apart an exploit into pieces, bypass a firewall or IPS appliance, and once inside the network, reassemble the code to unleash malware and continue an APT attack.

The problem is they are hard to detect. And, as the name implies the destruction they create from attacks they help launch are advanced and persistent. Worse, as the research found, at the moment AETs are under-reported and not well understood. In fact, despite testing, McAfee notes that in some paid tests vendors are given the chance to correct for AETs. What this means according to McAfee is that, “Only the specific techniques identified are corrected for, and not the broader techniques that are rapidly updated and adapted by criminal organizations.”

Disturbing findings concerning AETs 

The new report, commissioned by McAfee and done by Vanson Bourne entitled, "The Security Industry's Dirty Little Secret: The debate over advanced evasion techniques (AETs)” 2014, surveyed 800 CIOs and security managers from the United States, United Kingdom, Germany, France, Australia, Brazil and South Africa. It showed there are misunderstandings, misinterpretation and ineffective safeguards in use by the security experts charged with protecting sensitive data. 

Source: The Security Industry's Dirty Little Secret: The debate over advanced evasion techniques (AETs)  Click here to enlarge.

As the infographic shows there is plenty to be concerned about:

  • 22 percent of respondents acknowledged they had challenges detecting AETs admitting their network was breached in the past 12 months.
  • Nearly 40 percent of those breached believe that AETs played a key role.
  • On average, those who experienced a breach in the last 12 months reported a cost to their organization of upwards of $1 million.

Plus, as the report points out, the bad guys have become very sophisticated in evading early detection. 

“We are no longer dealing with the random drive-by scanner that is just looking for obvious entryways into your network. In today's interconnected world, we are dealing with adversaries who spend weeks or months studying your public facing network footprint, looking for that one small sliver of light which will allow them to gain a foothold into your networks,” said John Masserini, vice president and chief security officer, MIAX Options. “Advanced Evasion Techniques are that sliver of light.”

He went on to note that, “McAfee’s Next Generation Firewall technology adds an extra layer of depth to protect against such threats, making that sliver of light that much harder to find.” In fact, McAfee is providing a free version of McAfee Evader, a tool that assesses how well your existing network security devices stand up against AETs. It allows you to launch controlled AET-borne attacks against your systems, and then modify evasions and combinations of attacks to see if the AET can get through.

AETs are everywhere

As the infographic also depicts, there are other disconcerting findings from the survey that should serve as a call to action. You should consider this if for no other reason than to have you test to see how prepared you are. 

For example, while nearly 40 percent of respondents do not believe they have methods to detect and track AETs within their organization, almost two thirds said that the biggest challenge when trying to implement technology against AETs is convincing the board they are a real and serious threat. But, the problem is that even that 61 percent who have what they believe is protection, as other research (see below) shows, they greatly under-estimate the level of protection they actually have given AETs are out there in much larger numbers, and continue to rapidly morph.

To prove a point, McAfee quotes renowned subject matter expert, Professor Andrew Blyth of the University of South Wales, as saying, “The simple truth is that Advanced Evasion Techniques (AETs) are a fact of life. It’s shocking that the majority of CIOs and security professionals severely underestimated that there are 329,246 AETs, when in fact the total of known AETs is approximately 2,500 times that number or more than 800 million AETs and growing.”  

McAfee goes on to assert that of the estimated 800 million AETs, making the case as to why organizations need advanced firewalls (obviously one from McAfee is deemed preferable), the less than one percent are detected by competitors’ products. 

“Many organizations are so intent of identifying new malware that they are falling asleep at the wheel toward advanced evasion techniques that can enable malware to circumvent their security defences,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “AETs pose a great threat because most security solutions can’t detect or stop them. Security professionals and executive managers need to wake up as this is a real and growing threat.”

 “Hackers already know about advanced evasion techniques and are using them on a daily basis,” said Pat Calhoun, general manager of network security at McAfee. “What we’re hoping to do is educate businesses so they can know what to look for, and understand what’s needed to defend against them.”

Today happens to be World Backup Day. It is something to celebrate. It is also something that should give everyone pause as to whether AETs are lying in wait and being backed-up to wreak havoc later. As noted, it might be prudent to see where your organization stands on detecting AETs. 




Edited by Cassandra Tucker
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

Can Science Outsmart Deepfake Deceivers? Klick Labs Proposes an Emerging Solution

By: Alex Passett    3/25/2024

Researchers at Klick Labs were able to identify audio deepfakes from authentic audio recordings via new vocal biomarker technology (alongside AI model…

Read More

Top 5 Best Ways to Integrate Technology for Successful Project-Based Learning

By: Contributing Writer    3/19/2024

Project-based learning, also popularly known as the PBL curriculum, emphasizes using and integrating technology with classroom teaching. This approach…

Read More

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More