Information Security Specialists.
News: Twitter attacker had proper credentials
News: PhotoDNA scans images for child abuse
News: Conficker data highlights infected networks
News: Monster botnet held 800,000 peoples details
News: Google: no timetable on China talks
Call it what you will, "penetration testing", "attack & penetration", "ethical hacking", etc. Whatever the name, the end result is that you would always prefer to discover any holes in your network before an outsider does.
Security Technology Science has separated their penetration services into two main areas:
"The vast majority of attackers, 78 percent, committed crimes from their home computers; most often using unsanctioned computers with no relationship to the penetrated organization."¹
The number of worms and viruses on the Internet is constantly on an exponential rise. Not taking into account the threat of 0-day exploits, the time taken after a patch has been released, to the release of an exploit has been reduced from months to just days - and that window is continuously closing. Bot-nets are also on the rise with denial of service (DoS) attacks becoming so common, that they are part of the weekly news.
Successful external compromise, the majority of worms still propagating the Internet and the number of servers susceptibility to DoS attacks are mostly due to un-patched vulnerabilities and mis-configured common operating system services. Protecting your organisation from these threats is critical to maintaining your company’s reputation, market share, critical information and operational capabilities.
Security Technology Science realises that each client is different and therefore requires a different solution. Below is a list of the solutions we commonly perform:
This assessment type simulates the threats posed by an outside hacker with limited or no knowledge trying to break into your organisation. Basically, no information, except for the company name (possibly subsidiaries) is given to the assessment team. We then leverage a number of publicly available resources to discover your network range to perform the assessment.
This assessment type simulates the scenario where one of your perimeter servers has been rooted by a hacker. The company can then assess the risks of exposure within there DMZ and beyond.
Requirement: This requires root access to be given on one host in the DMZ to our assessment team.
We have a documented, tried and tested, repeatable methodology. Our assessment team uses a combination of automated and manual techniques using an array of tools most commonly used by attackers on the Internet. Our team predominantly uses the latest open source and commercial tools in conjunction with in-house developed scripts.
This service can be provided as a one-off assessment, or it can be conducted on a monthly basis to provide continuous, cost-effective, managed vulnerability protection.
"On average, it cost organizations $1.5M per attack from unauthorized access to internal networks"²
Our assessment team can perform two types of simulated scenarios on your network. Firstly, they act as an anonymous user who has gained access to you internal network. And secondly, they act as an authorised user who has a user identification and password.
Using our internal documented, tried and tested, repeatable methodology, the testing team targets authentication and authorisation vulnerabilities in the following environments:
Key supporting infrastructure, such as routers, switches, firewalls, file shares, web portals, etc are also targeted.
[1] [2] Network Attacks: Analysis of Department of Justice Prosecutions 1999 - 2006. Trusted Strategies, LLC (2006).