14 DAY TRIAL // A new Vanson Bourne study commissioned by IT security company McAfee analyzes advanced evasion techniques (AETs) and their role in sophisticated cyberattacks. The report also focuses on the controversy and confusion surrounding this topic.
The report reveals that 22% of respondents admit having their networks breached in the last 12 months. 40% of them believe AETs have played an important role in the intrusion.
The organizations that have suffered data breaches reported costs of upwards of $1 million (€730,000).
“We are no longer dealing with the random drive-by scanner that is just looking for obvious entryways into your network. In today's interconnected world, we are dealing with adversaries who spend weeks or months studying your public facing network footprint, looking for that one small sliver of light which will allow them to gain a foothold into your networks,” noted John Masserini, VP and CSO of MIAX Options.
“Advanced Evasion Techniques are that sliver of light. When deployed, McAfee’s Next Generation Firewall technology adds an extra layer of depth to protect against such threats, making that sliver of light that much harder to find,” Masserini added.
The study shows that it’s not an easy task to convince a company’s board that AETs are a serious threat and that they need to implement appropriate technology in order to guard systems against them. In fact, two thirds of respondents have named this the biggest challenge.
Close to 40% of those surveyed say they don’t believe they have what it takes to detect and track AETs.
“Many organizations are so intent of identifying new malware that they are falling asleep at the wheel toward advanced evasion techniques that can enable malware to circumvent their security defences,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group.
“AETs pose a great threat because most security solutions can’t detect or stop them. Security professionals and executive managers need to wake up as this is a real and growing threat.”
The existence of AETs came to light back in 2010, when Stonesoft (a company acquired by McAfee in 2013) discovered them. McAfee says there are around 800 million known AETs and only less than 1% of them are detected by the security solutions of other companies.
800 CIOs and security managers from the US, the UK, Germany, France, Australia, South Africa and Brazil have taken part in the survey. The complete report on AETs is available on McAfee’s website.