Stonesoft Corporation: Advanced Evasion Techniques Bypass Almost All Current Network Security Systems without Leaving a Trace

Stonesoft Corporation Stock Exchange Release 18 October 2010 at 10:58 AM

Stonesoft Press Release, Helsinki, Finland — October 18, 2010 — In the stock exchange release published on 4 October, 2010 Stonesoft Corporation announced it has discovered a new network security threat category. These are so-called Advanced Evasion Techniques (AET), which can bypass current network security devices without leaving a trace. Advanced Evasion Techniques can also transport already known malware or phishing programs, worms and viruses, which otherwise would be detectable and stoppable by network security systems.

Stonesoft has reported the threat posed by these advanced evasion techniques to the national computer security incident response team of Finland CERT-FI for vulnerability coordination, and ICSA Labs, a US-based security-product testing and certification laboratory has confirmed the severity of the discovery.

In addition to testing their own network security solutions, Stonesoft has extended their research to cover also solutions by other leading vendors in the field. The test results show that most of current network security solutions do not detect attacks that utilize advanced evasion techniques. The most efficient protection against the threat posed by advanced evasions techniques is provided by software-based systems, which can be remotely updated and centrally managed. Stonesoft’s network security solutions fulfill these criteria.

Stonesoft estimates the discovery to open new business opportunities for the company and to have a positive effect on the company’s net sales, but it still cannot estimate the magnitude nor the schedule of this effect.

More information about advanced evasion techniques is available at Stonesoft website and at the web address

Stonesoft Corporation
Ilkka Hiidenheimo