Target. Neiman Marcus. These are just two of the very latest victims of today’s increasingly stealthy threats permeating our cyber world. My post last month entitled, Stolen Data: Network Security Can Ensure You’re Not a Target, described the attacks that attempted to exfiltrate data from 110 million American consumers. Advanced persistent threats (APTs) were responsible for the damage – exploiting a tiny crack in Target’s corporate Point of Sale (POS) systems’ security. While I wholeheartedly trust that McAfee Labs is on top of these growing threats, it made me even more confident in our strategy after reading a new report from Information Week.
In Advanced Attacks Demand New Defenses, Kurt Marko clearly shows the gap that exists between today’s IT security strategies and the rapidly advancing sophistication of the attackers. The report reinforced that while the number of attacks, malware, and breaches are increasing, IT departments acknowledge that they are only somewhat prepared. At the core of these breaches are APTs that according to the report are, “characterized by sophisticated levels of expertise and significant resources that allow attackers to achieve their objectives using multiple attack vectors — cyber, physical, and deception.”
These days, we cannot talk about APTs without discussing advanced evasion techniques (AETs). AETs are a technique used in an APT and are particularly dangerous because they attack at the trust level – meaning they take advantage of a vulnerability that exists in nearly every security appliance on the market. We are talking about network security devices, such as firewalls and IPS, that we rely on day in and day out to keep our businesses secure. But, as the report describes, this is no longer adequate protection which is why we acquired Stonesoft last year. Our McAfee Next Generation Firewall technology was purpose-built to identify and block the 800 million known AET permutations.
We understand how complex things are becoming, which is also why we developed the Evader Test Lab – a tool that can be downloaded to test your network security devices against AETs. As the report uncovered, understanding the nuances of IP Layer Evasions and TCP and Application layer techniques goes way beyond the knowledge required to manage a firewall. It takes a new way of looking at data streams to identify and stop them.
I agree with Marko as quoted in the report. “The enemy has to be right only once. And today, the enemy seems to control the rules to the game.” Organizations of all sizes must start recognizing that there is a new world order – one that will require them to be more vigilant as cybercrime continues to evolve and data and intellectual property continue to be the target.