STONESOFT OYJ : Warns Flame, Stuxnet, Duqu Still Not as Dangerous as Conventional SCADA and ICS Attacks

Security gaps, advanced evasion techniques, denial of service attacks pose bigger threats

Helsinki, Finland - 20 June, 2012 - Despite widespread warnings around Flame, Stuxnet and Duqu viruses, Stonesoft advises organizations relying on SCADA and industrial control system (ICS) networks to be vigilant against conventional network threats. These threats pose a far greater threat to SCADA and ICS network security, and include gaps in security infrastructure, advanced evasion techniques (AETs) and simple denial of service attacks. Stonesoft is a global provider of proven, innovative network security:
http://www.stonesoft.com/ solutions, including IPS, firewall/VPN, SSL-VPN and remote cloud access.

"Our advice to ICS and SCADA network managers is to be informed of new threats like Flame, but be especially vigilant against the more conventional, widely understood threats. In all likelihood, a simple denial-of-service attack has a better chance of wreaking havoc on their network than Stuxnet or Duqu. It's important they don't drop the ball as the game advances," said Olli-Pekka Niemi, Vulnerability Expert at Stonesoft.

Stonesoft advises organizations deploying SCADA and ICS networks to protect their networks in the following ways:

IPS protection. By monitoring all data traffic, and only allowing it into the network if it's safe, IPS devices keep the network clear of malicious traffic. If the device detects malware attempting to enter the network, it will automatically sever the data connection and prevent network penetration. IPS devices can also facilitate virtual patching, which protects vulnerable servers in between scheduled maintenance windows.

AET detection capabilities. Hackers have always used evasion techniques to skirt IPS protection. Most recently, they have developed advanced evasion techniques (AETs) that combine and modify traditional evasions. The result is that an organization can be re-exposed to old threats as well as susceptible to new ones.

Advanced normalization. Sophisticated threats like AETs and advanced persistent threats (APTs) require advanced security mechanisms - namely normalization. Using advanced normalization, the IPS interprets the data traffic and assembles the packets in the same manner as the end system. This allows the IPS to detect malicious code hidden in the data flow. Normalization is nothing new, but the ability to perform it without sacrificing network performance has traditionally been a challenge. SCADA and ICS networks must ensure traffic normalization is both powerful and realistic in real-world traffic scenarios. 

Software-based security. Most network security solutions deployed in industrial environments are hardware-based, making them difficult, time-consuming and expensive to update. Software-based solutions eliminate these hurdles, eliminate human error and improve security effectiveness.

To learn more about Stonesoft's network security solutions, please visit www.stonesoft.com:
http://www.stonesoft.com/.

Contact:

For more information, please contact:

Olli-Pekka Niemi
Vulnerability Expert
Stonesoft Corporation
Tel. + 358 040 736 8000
E-mail: olli-pekka.niemi(AT)stonesoft.com

About Stonesoft

Stonesoft Corporation (NASDAQ OMX: SFT1V) delivers software based, dynamic and customer driven network security solutions that secure the information flow and simplify security management. The company's product portfolio consists of the industry's first transformable Security Engine:
http://securityengine.stonesoft.com/, standalone next generation firewalls and intrusion prevention systems, and SSL VPN solutions. At the core lies Stonesoft's Management Center which unifies the management of entire networks.

Stonesoft serves private and public sector organizations requiring high availability, ease of management, compliance, dynamic security and protection of their critical digital assets and business continuity against today's rapidly evolving cyber threats. Stonesoft is a recognized researcher of advanced evasion techniques used in targeted cyber attacks to bypass security.

Stonesoft has the highest customer retention rate in the industry due to low TCO, ease of management, and overall customer excellence. Stonesoft's customer base covers more than 4,000 mid- or large-sized organizations across various industries and geographical markets.

Founded in 1990, the company's track record is well recognized by certifiers, industry analysts and demanding customers. The company's corporate headquarters are based in Helsinki, Finland and North American headquarters in Atlanta, Georgia. For more information, visit www.stonesoft.com:
http://www.stonesoft.com/.