Every year, data breaches account for millions of dollars in losses as personal account details are pilfered from businesses ranging from enterprise corporations to family practices. With IT focused on prevention, it leaves many wondering how the attacks bypass security. On January 26th, 2017, we offered a glimpse into these attacks during a live demonstration with security experts SynerComm.
Titled the Live Hacking of Evil Corp, SynerComm’s white hat hackers assumed the personas of Darkhorse and The Hooded Hacker, and guided our guests through a step-by-step presentation describing how environments are infiltrated and compromised. Spectators watched silently as the hackers used IRC to coordinate their attacks and raid passwords, social security numbers, and other personal information using open-source hacking tools. Feigning the identity of an internal user, the hackers used the user’s credentials to gain access to the internal infrastructure. By tunneling and sending packets through the user’s machine, Darkhorse and The Hooded Hacker accessed RDP through an administrator account, then circumvented DLP to access the domain controller, and finally the credentials of all users in their environment.
The SynerComm presentation was enlightening with one guest stating it was scary how easy it was for the hackers to penetrate the security. Computer Solutions understands these fears and has partnered with SynerComm to offer penetration-testing services to help our customers verify the integrity of their IT security.
Simulating real attacks in a safe and controlled manner is crucial to understanding the effectiveness of security controls such as IDS/IPS, Antivirus, and Security Information and Event Management (SIEM) tools. SynerComm uses a variety of exploits to evaluate the security of networks, services, and applications. SynerComm also leverages social engineering tactics to find weak links in security policies.
When performed thoroughly and methodically, penetration testing can be an excellent method to validate your security. Once you have pinpointed your weaknesses, Computer Solutions can help you address them by analyzing your assessment and developing a hardware, software, or policy strategy to avert security issues in the future. If managing your security is overwhelming, or maintaining it is costly, NetWatch Security can be your managed services partner.
Utilizing next-gen firewalls, advanced malware protection, and the best in SEIM intelligence and IPS/DNS protection, NetWatch Security is a formidable defense. NetWatch security offers around the clock monitoring, on-site and virtual management, and improved system security at a cost-effective rate. With multiple engineers, architects, and front-line operations technicians, NetWatch Security can focus on your defense while you focus on your business.