Stonesoft Warns Flame, Stuxnet, Duqu Still Not as Dangerous as Conventional SCADA and ICS Attacks
Security gaps, advanced evasion techniques, denial of service attacks pose
bigger threats
Helsinki, Finland - 20 June, 2012 - Despite widespread warnings around Flame,
Stuxnet and Duqu viruses, Stonesoft advises organizations relying on SCADA and
industrial control system (ICS) networks to be vigilant against conventional
network threats. These threats pose a far greater threat to SCADA and ICS
network security, and include gaps in security infrastructure, advanced evasion
techniques (AETs) and simple denial of service attacks. Stonesoft is a global
provider of proven, innovative network security solutions, including IPS,
firewall/VPN, SSL-VPN and remote cloud access.
"Our advice to ICS and SCADA network managers is to be informed of new threats
like Flame, but be especially vigilant against the more conventional, widely
understood threats. In all likelihood, a simple denial-of-service attack has a
better chance of wreaking havoc on their network than Stuxnet or Duqu. It's
important they don't drop the ball as the game advances," said Olli-Pekka Niemi,
Vulnerability Expert at Stonesoft.
Stonesoft advises organizations deploying SCADA and ICS networks to protect
their networks in the following ways:
IPS protection. By monitoring all data traffic, and only allowing it into the
network if it's safe, IPS devices keep the network clear of malicious traffic.
If the device detects malware attempting to enter the network, it will
automatically sever the data connection and prevent network penetration. IPS
devices can also facilitate virtual patching, which protects vulnerable servers
in between scheduled maintenance windows.
AET detection capabilities. Hackers have always used evasion techniques to skirt
IPS protection. Most recently, they have developed advanced evasion techniques
(AETs) that combine and modify traditional evasions. The result is that an
organization can be re-exposed to old threats as well as susceptible to new
ones.
Advanced normalization. Sophisticated threats like AETs and advanced persistent
threats (APTs) require advanced security mechanisms - namely normalization.
Using advanced normalization, the IPS interprets the data traffic and assembles
the packets in the same manner as the end system. This allows the IPS to detect
malicious code hidden in the data flow. Normalization is nothing new, but the
ability to perform it without sacrificing network performance has traditionally
been a challenge. SCADA and ICS networks must ensure traffic normalization is
both powerful and realistic in real-world traffic scenarios.
Software-based security. Most network security solutions deployed in industrial
environments are hardware-based, making them difficult, time-consuming and
expensive to update. Software-based solutions eliminate these hurdles, eliminate
human error and improve security effectiveness.
To learn more about Stonesoft's network security solutions, please visit
www.stonesoft.com.
Contact:
For more information, please contact:
Olli-Pekka Niemi
Vulnerability Expert
Stonesoft Corporation
Tel. + 358 040 736 8000
E-mail: olli-pekka.niemi(AT)stonesoft.com
About Stonesoft
Stonesoft Corporation (NASDAQ OMX: SFT1V) delivers software based, dynamic and
customer driven network security solutions that secure the information flow and
simplify security management. The company's product portfolio consists of the
industry's first transformable Security Engine, standalone next generation
firewalls and intrusion prevention systems, and SSL VPN solutions. At the core
lies Stonesoft's Management Center which unifies the management of entire
networks.
Stonesoft serves private and public sector organizations requiring high
availability, ease of management, compliance, dynamic security and protection of
their critical digital assets and business continuity against today's rapidly
evolving cyber threats. Stonesoft is a recognized researcher of advanced evasion
techniques used in targeted cyber attacks to bypass security.
Stonesoft has the highest customer retention rate in the industry due to low
TCO, ease of management, and overall customer excellence. Stonesoft's customer
base covers more than 4,000 mid- or large-sized organizations across various
industries and geographical markets.
Founded in 1990, the company's track record is well recognized by certifiers,
industry analysts and demanding customers. The company's corporate headquarters
are based in Helsinki, Finland and North American headquarters in Atlanta,
Georgia. For more information, visit www.stonesoft.com.
This announcement is distributed by Thomson Reuters on behalf of
Thomson Reuters clients. The owner of this announcement warrants that:
(i) the releases contained herein are protected by copyright and
other applicable laws; and
(ii) they are solely responsible for the content, accuracy and
originality of the information contained therein.
Source: Stonesoft Oyj via Thomson Reuters ONE
[HUG#1620880]