Intelligent Security, Intelligently Tested.

Learn how Orro delivered critical testing services against internal and external IT infrastructure for a large financial institution.

External and Internal Penetration Testing

Challenge

Orro was engaged by a large Financial institution for penetration testing services against their external and internal IT infrastructure. These services were required as part of their annual security assessment program.

The key components for this work included Blackbox type testing of the Customers externally accessible services, with the objective to get to the internal network. The Internal network penetration testing was carried out with provided login credentials of an internal user (low privileges), with the main objective to elevate privileges on the network to a Domain Administrator and/or root user in the Customers core systems.

Solution

Orro identified and documented any discovered technical vulnerabilities in the external and internal infrastructure, and outlined the resulting risks to the customer, posed by the following sample attack scenarios:

  • A threat actor on the Internet, who:
    • Discovers vulnerabilities in externally facing hosts, services or applications, and then attempts to bypass authentication mechanisms and/or other restrictions deployed to block anonymous access to services, and thus to corporate and/or customers’ data;
    • Guesses or steals (e.g. via phishing) authorised user’s login credentials for externally facing systems and then uses these credentials to obtain unauthorised access to corporate systems and customers’ data.
  • A threat actor connected to internal network, who:
    • Connects their device to internal network, discovers vulnerabilities within internally accessible hosts, services or applications, and then attempts to exploit these to gain unauthorised access to corporate systems and customers’ data;
    • Guesses or steals (e.g. via phishing or internal network traffic sniffing) authorised user’s login credentials for systems accessible to low privilege type user accounts, and then attempts to elevate their privileges to obtain higher level access, including full administrative privileges (Domain Administrator and/or root user) to core systems.
  • A malicious insider, with authorised low-level privilege account, connected to internal network, who:
    • Misuses their authorised low-level access to probe the internal systems for vulnerabilities that can be exploited in order to elevate their privileges to obtain higher level access, including full administrative privileges (Domain Administrator and/or root user) to core systems.

Outcome

The resulting security assessment report provided the Customer with a prioritised list of recommended risk remediation actions that, once implemented, ensured that all relevant security controls deployed within the external and internal ICT networks are configured in an efficient manner to provide robust defence against threat actors targeting the Customers ICT systems.

Two reports (one per each testing phase listed above) were provided, including the identified findings and risk mitigation recommendations.

An onsite debrief and presentation to key stakeholders was also carried out along with the retesting of ‘high risk’ issues as reported.

The customer name has been withheld due to confidentiality.  More information can be provided by contacting the Orro team directly.

Related Resources

City Beach
1 January 2022
Learn how Orro helps deliver SIEM, Vulnerability Management and Penetration Testing services for imperative 24/7 eyes on glass, and cyber resilience capabilities that provide City Beach with a fit-for-purpose cyber security strategy and roadmap for the future.
3 September 2021
Learn how Orro helped a local council identify several security risks via vulnerability assessment and penetration testing services to increase the organisation’s security maturity.
23 February 2022
Our client is an award winning Australian Financial Services Client with an Australian and International presence with a focus on consumer lending and asset servicing. This client has offices in Australia, New Zealand, Asia and Europe.