“Our aim is to provide our customers with the reassurance that they can trade in a secure online environment at all times. To this end the relationship with Ambersail Assured will provide us with the required high level of guidance and protection in the pursuit of this.”
Security Manager, Birmingham Midshires.
Network Penetration Testing Is Important
Networks are constantly evolving. Whether they be cloud-based or internal, there are a myriad of services and network architectures which are becoming more and more common.
However, with this increased reliance on technology comes increased risk from advanced attackers.
Companies and institutions across the world come under cyber-attack every day. The scale of these attacks is entirely unprecedented, with nation-state actors, APT (Advanced Persistent Threat) groups as well as lone hackers all vying for an entry point.
The goal is almost always related to data. Data is a prime target for attackers looking to extort their victims, or to sell on. Huge institutions have fallen victim to ransomware attacks. In the UK, the National Health Service was heavily affected by WannaCry malware, with a reported costs of £92m.
Other targets should not be discounted. Internet connected ( IoT) devices such as IP cameras are often exposed to the Internet to allow easy maintenance. These devices are prime targets for attackers looking to build botnets similar to Mirai, as they typically have sub-standard security by default.
In the worst case, devices (or any vulnerable service) which are exposed in this way can be used as a bridge to the internal network on which they reside. This often exposes even more vulnerable services and can lead to full network takeover.
Many companies today rely on cloud infrastructure for network appliances and data storage. The security implications of this are still being discovered. In some cases vast amounts of sensitive data have been left exposed in poorly configured cloud storage systems.
Secure configuration can prevent this. However, as we’ve seen from notable database exposures in the past, external audits are sometimes necessary to spot mistakes before an attacker does.
A network security assessment – or penetration test – is an extremely useful tool to identify and remove these weak areas.
Should You Perform Network Penetration Testing?
Yes. For several reasons.
Companies are concerned about cyber security and how it might affect their networks. They want to make sure that their networks are properly protected. This includes internal networks that should not be accessed by all staff.
Support Companies need to protect remote IT services. Companies providing remote network administration for clients are often targeted by hackers. This is because they are providing a trusted route into much larger company networks. Network Penetration Testing aims to access these routes and gain access into larger client networks.
Businesses working towards compliance. We perform network penetration testing for clients needing to be compliant. For these companies, getting secure is a by-product of compliance.
Network Penetration Testing is now used as a strategic tool by businesses to support security goals and reduce risk.
Getting Started Is Easy
Ambersail has been performing penetration testing for many years. We understand what is really important to our clients.
We make it easy for companies to understand what needs to be tested. Network Penetration Testing is performed under carefully controlled conditions. Results are very clear making it easy to fix any problems.
You can expect:
- Competitive pricing for test services.
- Help and advice from when you contact us.
- Testing that is performed when you need it. Even if it needs to be performed immediately.
- CREST Network Penetration Testing team. Testing clients for over a decade from all over the world.
- Direct access to our UK Based test team. You can pick up the phone and talk to a real person.
- Easy to understand reports with clear advice.
- Walkthroughs of results and retests to confirm fixes have been made.
Contact us to get started.
Need To Know More On How We Do Things?
Network Penetration testing consists of three distinct stages:
We begin with thorough network scans, discovering any visible services and performing simple banner grabs to determine what they are, and the version number where possible. This gives us an initial overview of the attack surface and forms the basis for further tests.
From here we proceed to perform service-specific tests. The simplest may involve testing for authentication weaknesses such as password-based SSH or the presence of default credentials. Discovered software versions are researched, and any public exploits will be tested to ensure working patches are in place.
Any service which relies on encrypted communication will have the TLS protocols and cipher suites in use assessed and weaknesses determined. Cloud services are also assessed for permissions-related issues. This is where exposed databases and misconfigured cloud buckets are discovered.
Following these tests more bespoke methods are employed. This may involve sending targeted payloads in an attempt to discover vulnerabilities in software which seems likely to provide access to sensitive data. The most serious issues, such as remote code execution and local file inclusion are found at this stage.
When performing internal network tests further attacks are possible. These typically focus on intercepting and manipulating traffic between network devices. These attacks can be quite simple, such as sniffing for plaintext credentials. Or it can be more complex, such as SMB relay attacks against Active Directory infrastructure. Attacks of this nature tend to be extremely effective, often leading to full network compromise.
Any weaknesses discovered are comprehensively tested. This allows us to determine not only the original attack vector and its impact, but also any defence-in-depth measures that may be put in place to prevent similar attacks in the future.
What Is A Network Penetration Test?
Also referred to as a Network Pen Test, it tests to identify security flaws. A network may consist of devices such as mail servers, web hosts, firewalls and database servers. Testing aims to locate issues with services running on those devices that will allow a hacker to access the network.
Why does a company test? Often a company needs to be compliant or because a business partner needs to allay security concerns. Also, because of concerns that network controls are not properly implemented.
Network Penetration Tests can be performed over the Internet (referred to as external testing) or from within the target network (known as internal testing). All networks can be tested in this way, even if cloud services such as AWS, Azure or Rackspace are being used.
Network Penetration Testing will often uncover a wide range of issues. This depends on how much information the tester is given before the test. For example if there are any specific goals the test must achieve. Additionally, supplying the tester with full access to the network will lead to a deeper and more detailed test.
Our team uncovers findings that include the location of malware and the discovery of weak or default passwords. Also we find systems that are unpatched or poorly configured. Most importantly, we identify confidential data that is not properly secured. Findings are presented in an easy-to-understand report along with a clear management summary with advice on how to fix.
Contact our team to get started…