From internal infrastructure to Internet-facing assets
Targeting your network
This may include your internal network at your office premises or based on the targeting of your organisations assets from across the Internet.
When an adversary or cybercriminal targets an organisation’s assets on the Internet this may be because the Internet facing assets are the easiest to target. For example, these can be targeted at any time from any Internet connected device. Devices and services directly connected to the Internet are subject to constant scans and probes from adversaries and cybercriminals.
Experience shows that network-based engagements can lead to a variety of discoveries from minor issues allowing limited amounts of information being disclosed to severe findings meaning that it would be possible for a skilled cybercriminal to be able to extract or alter sensitive information.
Understanding the process
What are the typical stages?
Network penetration testing starts with reconnaissance and scanning. From this point the network is surveyed and options for attack are formulated, typically passwords for user accounts can be guessed or detected through other means and then attention can be turned to escalating privileges. If this is not possible, then common vectors are attempted to gain a foothold in the network. Typically network storage locations are raided for configuration files which can lead to additional attack vectors becoming viable. The final stage of a successful attack would be to gain high level privileges on network assets or the domain in the case where the target is an internal network.
What type of findings have you made in the past?
It is not uncommon to find weak passwords, on one occasion a highly privileged temporary account created at a critical public service provider was found to have a trivial password. The account was created for a specific short term purpose but it was not subsequently removed. This left a gaping hole and left the organisation open to abuse if a worker had logged into the account not realising it had the power to cripple a key public service if it was used improperly.
On another occasion it was possible to find Internet network assets which had long since been lost from the asset tracking system and had not been maintained or monitored for some time, leaving them vulnerable to attack. Where untracked assets are identified they can be brought under the remit and control of the enterprise.
Take ACTION TODAY
Protect Your Organisation with Penetration Testing
Get started with a comprehensive penetration test today and fortify your organisation against cyber threats.