Penetration Testing that Reflects a True Attack
Nation states, criminal gangs, political activists and recreational hackers are just some of the threats faced by organizations today. Despite their different motives, these threat actors have one advantage in common. Time.
While typical penetration tests will be conducted within a rigid time window, BlackBerry® Red Teaming from BlackBerry® Cybersecurity Consulting occurs over an extended period. Testers will observe targets and choose times when attacks will be most effective—just as a malicious attacker would.
How Does it Work?
Prior to commencement of the service your BlackBerry Cybersecurity consultant will work with you to define testing scope and acceptable level of invasiveness and disruption. The time scale, number of exercises and targets will also be agreed upon.
Simulated attacks may be delivered in multiple formats:
- Social vectors
- Physical assessments
The result will be a full understanding of your organization’s defences and will take into account your security culture and readiness as a whole.
Remote Surveillance and Discovery
Enumerating as much freely available online information as possible, associated with your organization’s digital footprint.
The art of finding information about an individual, to be used in phishing or targeted social engineering.
Engaging and exploiting select individuals to reveal confidential information about your organization.
Assessing your organization’s infrastructure from an attacker’s viewpoint and exploiting if possible.
Attempts to intercept traffic and test cryptography levels of the secure tunneling method being used for VPN.
Internal and external client-side attacks entice users to click a link, open a document or somehow go to a malicious website.
Particular attention given to the Technical Support function in an attempt to obtain confidential information to aid an attack.
Through brute forcing methods, an attempt can be made to crack the wireless key of an AP that is used on-site.
On-site Attacks and Testing
Unauthorized access can be gained by tailgating, cloning access cards, using a fake persona or exploiting weak security measures.
Once on-site, testers can attempt to gain access to the server room and look for further vulnerabilities.
A tester can attempt to gain access to physically unsecured documents that may reveal sensitive information.
If testers gain access to the internal network, they can assess and exploit network vulnerabilities.
Once a device is obtained, applications on the device can be exploited, and sensitive information can be revealed.
If source code of an application written by your organization can be obtained, a competitor could acquiring the same information.
Credit card sized PC’s can be hidden behind tower PCs or furniture to intercept and transmit data from an internal network over an SSH protocol.
Tiger scenarios provide real time, real life feedback in relation to how an organization would respond to a real time security threat.