To improve the overall security posture of their client, a Seattle area Managed Service Provider (MSP) engaged Shinobi IT to assess a key client’s network and facilities.
Shinobi IT performed both an internal blue team assessment and a penetration test/red team assessment including physical security, a review of internal IT security best practices, network vulnerability scanning and an NIST 800-171 readiness assessment.
Upon completion of the testing, Shinobi IT delivered an actionable remediation list, executive summary, one-hour training session and a 50-page report documenting serious security vulnerabilities:
–Phone System: An outdated phone system server maintained by a vendor contained vulnerable backdoors which were open to the public internet.
–Network File Permissions Issue: We were able to access critical company data encrypted with a weak password by attempting to access the file via a terminal server that was available to the user account. The credentials to bypass the encryption on this file were easily cracked offline.
–Network Equipment Misconfiguration: Key network equipment configured with default usernames and passwords, allowing for takeover of all network traffic and eventual administrator level access.
–Firewall Vulnerability: Outdated firewall firmware version that was vulnerable to man in the middle attack, brute force, and exploit. This provided us with both persistent access to the network and access to all traffic crossing the firewall.
–Workstation Vulnerability: An unsupported operating system with a known vulnerability was deployed on the network, resulting in user-level access and eventual escalation to Administrator access.
–Physical Infiltration: Shinobi IT’s physical security team was able to gain undetected access to the client office. During the access attempt, the engineers were able to successfully deploy multiple tools resulting in a full breach of the client infrastructure.
Using the testing results, out MSP partner was able to make quick improvements to the client’s infrastructure and secure their data. This resulted in billable projects for the MSP and a vastly improved security posture for their client.