TechRepublic: Advanced Evasion Techniques wreaking havoc on network security

In the never-ending war against security breaches, attackers gaining the upper hand by unleashing zero day attacks, advanced persistent threats (APTs) and other rapidly evolving threats.

By Frank Ohlhorst
July 14, 2014

The nefarious types looking to compromise network security are getting craftier at their trade. Case in point is the rise of Advanced Evasion Techniques (AETs), which obfuscate malicious code by slicing and dicing it into bits and pieces that arrive by different paths. Ultimately, that code re-assembles on an endpoint, where it can wreak havoc.

The big problem with AETs is that they are very successful for the most part, evading the technologies deployed by Next Generation Fire-Walls (NGFWs) that are used to detect malware. What's more, AETs are often the first shot fired in a battle that supports the spread of APTs, which ultimately target intellectual property and financial resources. In other words, AETs enable drive by attacks that can go unnoticed until long after the damage is done.

Defending against AETs is no simple task and the obfuscation techniques employed are sophisticated enough to bypass the detection capabilities of many firewalls. So the first question that comes to mind becomes "how can I tell if my firewall can withstand an AET attack."

Click the URL above to read the full article