Why penetration testing is critical in protecting your business.
External infrastructure penetration testing is a combination of manual and automated testing of a public facing system by stimulating a malicious attacker on the internet. Public facing systems include servers that have public IP addresses which can be accessed by users on the internet – for example, websites and email servers.
SysGroup has experience in using external infrastructure testing methodologies to look for various security flaws. These methodologies inlcude:
- Identifying firewall misconfigurations
- Vulnerability identification and exploitation
- Locating and compromising administrative services and interfaces
- Other attack techniques
The testing will determine potential attack vectors by which a system could be compromised remotely. SysGroup will present the findings with reproduction steps, along with recommendations around remediation.
We recommend external infrastructure pen testing to be conducted annually, or at least after any major network changes to internet facing systems and services.
Why do you need external pen testing?
As you would regularly check your front door locks and office alarms to ensure they are working, basic security testing for networks is necessary to ensure that no threat actors can get into your environment via your network. External pen testing is the essential first step in your cyber security journey.
Reliance on next-generation firewalls and trusted cloud security providers to host and protect companies’ infrastructure has led to a sometimes false sense of security in the protection provided. Vulnerabilities are not necessarily an issue with the product/ service, but often human error around misconfiguration.
We recommend annual testing, but as your internal IT team matures, and if the network environment is mostly consistent year-on-year, testing on an ad hoc basis may be appropriate, unless otherwise specified by compliance requirements.
What do you gain from external pen testing?
- Visibility as to how a remote attacker could compromise your public-facing systems
- Insight into how to prioritise your security spend based on actual risks
- Understanding as to how an attack might occur providing and opportunity to formulate an incident response plan that is relative to your risks.
- Uplifting of the security capabilities of your IT team through our recommended remediation
- Confidence that you are closer to achieving your business’ compliance and regulation requirements
What is the SysGroup process for external pen testing?
Reconnaissance
SysGroup will perform information gathering before any simulated attacks are actioned.
Vulnerability Detection
SysGroup will perform vulnerability detection to discover flaws in systems, networks and applications which can then be leveraged by the tester.
Exploitation
SysGroup will try to actively exploit security weaknesses identified in the vulnerability detection phase. To achieve this, SysGroup may use publicly-available, in-house developed or commercially available exploit kits.
Privilege Escalation
After a target has been successfully compromised, SysGroup will try to gain a further foothold within the organisation, this may involve gaining higher privileges in the system or potentially gaining access to other systems on the internal network. The end goal is to gain complete control of the network.
Data Exfilitration
Based on the scope of the project, SysGroup may be required to perform data extraction. To achieve this, the tester will use a set of tools and techniques to extract specific data from the organisation’s network.
Reporting and Delivery
SysGroup will document, in priority order, the issues identified, along with recommendations for every issue identified. These are presented in a clear and meaningful way for both a technical and a business audience.
Internal Pen Testing
An internal pen test is usually done after completing an external pen test. It imitates an insider threat and identifies how an attacker with internal access may compromise or damage the network, systems or data.
Typically, the starting point of an internal network pen test is a user with standard access privileges.
The test may work with these common scenarios:
- An unhappy rogue employee (malicious insider) who tries to compromise or damage the system
- An external malicious attacker who accesses the system via social engineering, phishing scam, or stolen credentials
Most organisations focus on external security threats. Yet internal threats – coming from malicious insiders, careless employees, insecure third-party vendors, and even clients or customers – are equally (if not more) serious than external threats.
Internal threat can come from:
- Weak or shared passwords
- Weak access controls
- Insecure file sharing or unencrypted data
- Network misconfigurations
- Lack of awareness about social engineering and phishing
- Ransomware attacks
- Insecure remote networks and devices
It’s crucial to identify these threat vectors and address them on priority. For this, internal pen testing is critical.
In internal pen tests, the test may test:
- Computer systems, workstations, and mobile devices
- Servers
- Wi-Fi networks
- Access points
- Firewalls
- Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
- Internet-connected HVAC systems
- Cameras
- Employees (behaviours and procedures)
Once the tester identifies security vulnerabilities in these components, he or she will try to exploit them to understand the potential for unauthorised access and damage. The tester will also provide a detailed report, so the security team can take the necessary actions to close discovered vulnerabilities as soon as possible.
There are many ways to conduct internal pen tests. The tester may use privilege escalation, steal credentials, spread malware, leak information; or conduct other malicious activities like man in the middle (MitM) attacks. Other common internal pen testing methodologies include:
- Internal network scanning
- Port scanning
- System fingerprinting
- Firewall testing
- Manual vulnerability testing
- Password strength testing
- Database security controls testing
- Network equipment security controls testing
What is the SysGroup process for internal pen testing
Reconnaissance
SysGroup will perform information gathering before any simulated attacks are actioned.
Vulnerability Detection
SysGroup will perform vulnerability detection to discover flaws in systems, networks and applications which can then be leveraged by the tester.
Exploitation
SysGroup will try to actively exploit security weaknesses identified in the vulnerability detection phase. To achieve this, SysGroup may use publicly-available, in-house developed or commercially available exploit kits.
Privilege Escalation
After a target has been successfully compromised, SysGroup will try to gain a further foothold within the organisation, this may involve gaining higher privileges in the system or potentially gaining access to other systems on the internal network. The end goal is to gain complete control of the network.
Data Exfilitration
Based on the scope of the project, SysGroup may be required to perform data extraction. To achieve this, the tester will use a set of tools and techniques to extract specific data from the organisation’s network.
Reporting and Delivery
SysGroup will document, in priority order, the issues identified, along with recommendations for every issue identified. These are presented in a clear and meaningful way for both a technical and a business audience.
Get in touch today to scope out your test!
