The client company was looking to improve both its internal and external security posture. Before engaging Secmentis to perform External Attack & Penetration Testing and Internal Attack & Penetration Testing, the client informed Secmentis they had completed the implementation of additional IT security protections to safeguard both their external and internal IT infrastructure.
The goal of the client company in engaging Secmentis to perform External and Internal Penetration Testing was to evaluate the effectiveness of the IT security controls implemented, and to understand whether their investments in IT security were worthwhile.
The objectives of the penetration testing engagement were set as follows:
Secmentis Penetration Tests are performed from a "blackbox" perspective (i.e. zero initial information, apart from the target company's name) in order to make the ethical hacking attacks more realistic.
Secmentis uses the same tools and tactics used by the bad guys against your business. We use both manual and automated testing methods, and take advantage of both custom-built and industry available tools.
"Insider threat" attacks are usually more deadly than external attacks, as this engagement demonstrated to the company. Despite the increased IT security measures, the company discovered that its internal security was still lacking. For the Internal Penetration Test, a Secmentis consultant was placed on-site.
The External Penetration Test targeted a select number of the company's public-facing domains and services (e.g. website, email services, VPN services, etc.), and again, yielded good results.
At the end of our testing, a detailed report was provided to the company, including an executive summary, and our technical findings/evidence and remediation recommendations.
Secmentis consultants achieved spectacular results, some of which are summarized below.
The company's public-facing VPN service was vulnerable to a critical vulnerability that allowed our attackers to target the service and extract sensitive information.
Several of the company's public services, sites, and documents (i.e. metadata) leaked excessive information about their general IT infrastructure that could aid targeted attacks.
Full Admin access on the Storage Management of the company meant malicious attackers could have done anything they wanted with the company's data.
Full Admin access on the IT Manager's computer would mean "Game Over" for the company, had the attack been made by malicious attackers.
Full Admin access was achieved on all of the company's senior management staff computers, which would enable attackers to extract very sensitive business information.
Full Admin access was achieved on the company's PBX systems, which would enable attackers to place and record calls, reroute calls, create phone extensions, etc.
Sensitive information that could be extracted: The company's Internet banking information and credentials, building PINs, customer data, business data (e.g. plans), financial info (e.g. payroll, etc.), and other confidential data.
Talk to us today to find out how our experts can best help you