Challenge:

The new CISO of an automotive manufacturer wanted a fresh take on the efficacy of the organization’s security controls, including evaluation of defenses against the latest attacker tactics, techniques, and procedures (TTPs) and identification of unknown attack surfaces.

Solution:

Converge Cybersecurity was a trusted partner because of an existing relationship involving incident response readiness, and the client selected our Advanced Testing services. We performed reconnaissance to determine the topology of the client’s network and live hosts. Nearly 700 live hosts connected to external IP addresses were found among the 45,000 addresses in the scope of the engagement.

Host enumeration, vulnerability scanning, port scanning, service identification, OS fingerprinting, and DNS enumeration were used, and firewall and VPN penetration testing was performed.

Converge coupled the discovery of a cloud service provider API exposed in an open-source code repository with a misconfigured extranet VPN to breach the client’s external network infrastructure.

A forced authentication attack and password cracking captured credentials for a connected backup service, allowing our testers to pivot to other machines as local admin and access internal networks.

Results:

The client received an easy-to-read report with an executive summary and prioritized, risk-ranked descriptions of uncovered vulnerabilities. Details for exploiting the vulnerabilities and steps for remediation were detailed. The client was able to leverage this information to provide key stakeholders with an objective, accurate picture.