In an age where Ransomware is a real threat and examples of attacks are featured regularly in the media, it is a growing concern for organisations. The simple question “What happens if they get in?” is a fundamental piece of knowledge regarding understanding an organisation’s exposure to ransomware.
Rather than focus on the “How can they get in” question, which is what many businesses have spent a lot of time and money on over the years, in a modern technologically connected world with disparate end-user devices all connected to singular information sharing systems, the assumption must me that “they are already in”, or at least, that the hurdle of gaining access is not as difficult to mitigate as you initially believed.
Reframing the issue such that the “bad guys” are already in the building lets you focus on ensuring that lateral movement, domain access and system compromise are not as easy as 123, for your visiting bad guy.
The Nellcote HackM3 assessment is a targeted attack simulation designed to establish what, if any, low-hanging fruit exists within the IT infrastructure and what could be leveraged to gain a foothold in the estate. This could ultimately lead to successful Ransom or Extortion attacks from one of the many ransomware operators, leading to high costs, reputational damage and business interruption.
A device is deployed on your network reducing the cost of the simulation through simplifying the initial foothold and assuming the position that the attackers are already inside the network. This device, with no other access rights than a valid IP address on the network, is used as a beach head to attack your systems and identities in the same manner that a skilled set of attackers would do after the successful compromise of a network connected asset.
The Nellcote team also scan all of the connected networks and systems, including the outside-in view of your perimeter networks and any wireless networks in range of the appliance, for vulnerabilities to establish if any accessible routes into the networks existed that would allow for the internal issues to be quickly, remotely executed by a global attacker.
The results of our assessment generate a lot of technical information about your estate that can be leveraged by your technology teams to make direct improvements, however, the primary formal output of the project is a 2-page report including ratings in a number of key areas. This simple document is designed to be popularised with your senior teams to help drive the business case for security investment. This document is also accompanied by a project close-out meeting where we go through the attack strategies leveraged and demonstrate how any seemingly innocuous weaknesses can lead to full domain compromise.
HackM3 is a physical device, sent via courier in a locked Peli case. It is simple to set up from an end user perspective, all that is required is power and an ethernet connection so that the device can see the internet.
Once plugged into the network it will behave just as an attacker would, driven by one of our team of experienced ethical hackers.
In conclusion, the Nellcote HackM3 is a realistic Ransomware Simulation, it is not a Penetration Test which would audit all of your systems and network but simulates a hackers actions and approach. The output is an easy to read report highlighting weaknesses in the network with additional technical output detail for IT technicians, internal and external network scans for your team to review and remediate as necessary.
Contact Us
