Preventing financial damage through Red Team Assessment
The client is a large retail and commercial bank. Apart from the international operations in multiple countries, the bank has around 105 branches and around 500 ATMs.
The bank wanted to understand its exposure to advanced and sophisticated cyber-attack tools, techniques and procedures. Zacco was engaged to conduct a full scale Red Team Assessment on all layers of the bank’s operations.
Considering that the banks in the region were subject to various high-profile sophisticated attacks, the Board of Directors wanted to understand the bank’s security capability to identify and respond to such attacks.
The client had grown organically and had amassed various technology infrastructure and capabilities along the way. They had also deployed various security technologies, established cyber security processes and conducted security awareness scenarios over time. The bank had never put itself to test to multi-vector real-life sophisticated attacks.
Zacco conducted the red team assessment from an internet-facing perspective. Various attempts were established to gain access into the client’s internal network.
- One of the attempts was to establish some form of communication over email hoping to establish a trust relationship with the bank’s official. The objective was to initiate a dialogue and establish a reasonable degree of trust which could then be exploited by sending a malicious attachment.
- Another attempt was to use promotional offerings as a bait. Zacco carefully chose locations that were potentially popular with the bank.
- Another scenario lured a high profile executive to open an attachment with a payload. A customized payload was specifically created for the purpose which collected and exfiltrated data from the target system when executed.
Many such scenarios and attack vectors were tried out and a summary and comprehensive reports were documented listing down the assessment findings and recommendations for protecting against such sophisticated attacks.
The full Red Team engagement executed by Zacco was highly successful and had yielded a significant set of results. Using the various approaches of information gathering, social engineering and phishing to extract sensitive information from the financial institute, it was possible to enumerate and gain numerous sensitive information.
The level of access and information that was obtained would have represented a severe breach, financial damages, and harm to the organization’s brand and reputation if similarly conducted by a real-world adversary.Back to all Client Cases