Case StudyPenetration Testing
This customer wanted to throughly replicate what an attacker could potentially exploit within his environment. They hired Anchor Technologies to ethically hack their environment from the Internet and from within the network.
How We Improved Executive-Level Cybersecurity Risk Awareness
The engagement began with exploring all information available in the Open Source Intelligence (OSINT) realm on the Internet. From this investigation we discovered the IP address blocks and vendors the organization was using to hosts their core customer facing application. The investigation also provided key information on employees that worked in important roles at the organization, their email addresses, and in a few cases, even their login IDs and passwords were harvested from the Dark Web. This certainly had an impact with the organization’s executives in reviewing the findings report.
Hacking your organization before the bad actor does.
How to test your security controls using the same methods that a real attacker would, in a safe controlled non-disruptive manner. Maybe even test your staff’s ability to respond to a cybersecurity attack.
The Penetration Test exploits technical vulnerabilities extending the Vulnerability Assessment activities into a proof of exploitability vs. just a theory. This test is extremely valuable after the organization has a reasonable level of confidence in its security controls. This test replicates what an attacker will actually do to break into your environment, but in a safe and cooperative controlled manner.
The test resulted in a 100% penetration level of the internal network while pivoting through the external network. Multiple entry points were identified and proof of each penetration step was documented and supported with detailed evidence on how the weakness was identified and exploited.
It was shown how an attacker could identify the key systems, gather enough OSINT to effectively plan an attack then probe the system vulnerabilities until a path inside was found.
Once inside, the attacker could have utilized a combination of two lower severity vulnerabilities to gain domain level credentials. Once the domain credentials were acquired, then fake system accounts were setup to evade detection and the internal resources were explored for data of interest. Once the data was identified, then a sample was exfiltrated through the minimally restricted outbound encrypted SSL ports to the attacker’s waiting external host. This evaded all detection from the existing advanced security controls.
“I can’t believe it took us this long to perform this test. So happy that we did. The results don’t lie.”