The Luxembourg Job
Discover how a combined physical and social attack a single member of our Swarm exposed network and process vulnerabilities.
Discover how a combined physical and social attack a single member of our Swarm exposed network and process vulnerabilities.
For us, client confidentiality is key. So, while we can’t reveal names, know that the world’s leading organizations trust their offensive cybersecurity needs to us.
The focus of this attack was a large global financial organization.
The organization needed to assess the physical controls and local processes at their European remote offices, including an assessment of site security, physical vulnerabilities, untested environments and security blindspots.
Our cybersecurity specialist (let’s call him Doug) was dispatched to the client’s Luxembourg site for a physical security and social engineering engagement.
After deciding against entering via the slow moving door of an underground car park, Doug simply gained access by tailgating a delivery driver into the reception area.
An empty room in a quiet part of the building was the chosen spot to set up a laptop, which then deployed a ‘dropbox’ preconfigured to attack the company’s domain in order to gain admin privileges.
As the scripts ran, Doug was able to sit at his post for almost three hours, entirely undisturbed. However, we have to admit that, in this case, things didn’t go exactly as planned.
Doug decided to explore the office, making sure his phone was set up to receive remote updates. After helping himself to coffee and chatting with the staff, the MD arrived and, as there was no record of Doug signing in at reception, he was immediately suspicious.
Although holding up to some intensive questioning from the MD in a locked room, Doug decided the game was up when he saw two police officers entering the building. To prevent the situation from escalating, he produced his letter of authorisation, signed by the company’s Chief Technology Officer and validating what he was doing. His ‘get out of jail free’ card.
The MD was pleased to have identified Doug as an attacker, thinking he had managed to stop him before doing anything malicious. That is until Doug flashed his phone, still connected to the dropbox, which now displayed the message ‘Domain Admin Obtained’.
Doug managed to identify several weaknesses within the physical security posture and processes of the business, as well as finding a number of vulnerabilities on their network.
These vulnerabilities could easily have put the company at risk, not only by enabling access to sensitive information, but by giving permissions that could lead to the takeover of the network and, potentially, access to other areas of the business.
Following our thorough insights report, the organization took steps to prevent this from happening in a real-life scenario.
As you can see, our work isn’t just about sitting behind a screen. We also go on location to attack from every angle – whether it’s monitoring staff traffic, scoping entry and exit points or identifying and replicating staff lanyards.
Our proven expertise in conducting realistic physical security attacks will give you complete confidence in what should be your first line of defense.
Radical thinking and constant research inform all we do. Think ahead with shared intelligence from the CovertSwarm experts.
K8s – Pod to Node Escape Techniques
In this article we are exploring the breakout of a pod, to gain access to a node. This is performed by attackers to elevate their privileges…
Rishikesh Bhide joins CovertSwarm as Head of Engineering
Rishikesh joins CovertSwarm to accelerate the organization’s engineering capabilities and product strategy as part of its rapid growth trajectory.
Louis Blackburn joins as Operations Director
Louis joins CovertSwarm from Lloyds Banking Group with an extensive background in red teaming, becoming the latest senior hire as part of the organization’s rapid expansion…