Network Vulnerability Assessment for Limited IT Company - Cyber Security Case Study

Scenario

To fulfill the requirement of identifying potential issues in the multiple in scope machines the organization contracted us. The client strictly mentioned to perform VA only during this project as we had to perform the exercises during ongoing work of the organization for avoiding any disturbance to current workflow. The real challenge was to conduct this exercise remotely because of COVID-19 pandemic. Though we succeed with better outcome.

Testing methodology

For performing the VA client provided their public facing VPN from remote access. We scanned all the in scope machines for open ports and identified potential weaknesses which could lead to system compromise and potential data loss.

Risk Found

    Network Audit resulted that entire network was vulnerable to DoS attack which could leads to complete breakdown of the infrastructure and hence business. Further open ports are easily exploitable which leads to sensitive information stealing from the network. This could result into extreme possible business loss for a limited company - approx 150Cr Market Cap - that was saved.