Cyber Attack Simulation
Mail Bypass Simulation
Cyber Attack Simulation
The Cyber Attack Simulation service is fully customizable and will be determined and planned based on the customer’s objective, wishes and restrictions.
The service has four main phases:
- Information Gathering – passive and active intel reconnaissance of the client and its footprints in public networks.
- Plan the attack – analysis and planning of potential attack vectors based on the information-gathering phase.
- Attack commence – execution of the attack in order to gain first compromise of organization related internal workstation/server.
- Compromise of critical assets – gaining hold of critical assets and exfiltration of sensitive information to our C2 server.
The final product provides the organization with information about the active routes that are available for use by an attacker, along with a wide range of security gaps and improvements that are possible ways to harden them. As part of the final report, the organization will receive detailed descriptions of all the tests that have been performed along with concrete recommendations for how to improve security and strengthen the barricades to prevent attacks.
BugSec’s unique point of view, vast experience and a combination of defensive and offensive experts allows her us to simulate a real life situation, and give our customers an edge in Cyber-security. We performed dozens of cyber simulations and have a bullet proof methodology that’s allowing us to quickly spread throughout the organization without living a trace.
Back To Core Services
The main purpose of this service is to simulate the ability of an attacker to gain access to corporate data in order to hold or expose confidential and/or sensitive information.
Today, the most common way of doing this, is for an attacker to combine attacks on the mail infrastructure with social engineering, with the purpose of pushing the end-user to open a malicious file.
Bugsec’s Red Team has developed a unique tool with dozens of malicious files and policy testers to simulate email attacks and evaluate the efficiency of the mail security control told put in-place by an organization.
BugSec’s Mail Bypass Simulation service will demonstrate the ability to gain access to an organization from a remote location by sending dozens of malicious files in order to target and bypass the mail security controls (Mail Relay, Sandbox, etc.) and push the end-user to open the malicious file.
By bypassing the mail security controls of an organization, an attacker has the possibility to gain control of the organization’s assets and so cause damage to sensitive and/or confidential data.
The Mail Bypass Simulation will demonstrate the effectiveness of current mail security controls to handle the most common forms of attack by performing the following:
– Testing Standard Executable files developed by BugSec
o With different file extensions, such as: .exe, .cpl, .dll, .scr, .sys, etc.
o With Add-ons (plug-ins for FF, Chrome, IE, etc.)
– Testing of various kinds of known Trojan horses
– Examining archives:
o RAR, ZIP, CAB, etc.
o Files protected by passwords
o Attack archives, such as Zipbomb, etc.
– Examining files that contain running codes:
o Macro files
o PDF files with script)
– Examining the use of characters of different encodings / not supported (utf 7, utf 8, ASCII, etc.)
– Examining anti-testing capabilities (Anti-VM, Anti-Debug, Obsefication, ADS, etc.)
– Examining information transfer within pictures / movies / scripts / customer support, etc.
The service includes three phases:
– Reception of target email and setting-up auto-replay rule
– Running the BugSec simulation through the email infrastructure in order to infect local machines within the customer’s organization with malicious files and to check the effectiveness of the mail security controls
– Reporting: Establish a list of the malicious files that were able to bypass the mail security controls and their risk levels.
The report also describes the overall success rate of the mail security controls of the organization.
This service can be combined with a full Cyber Attack Simulation service, including social engineering, and will be performed by our Red Team.
It can also be combined with a Cyber Readiness Evaluation, performed by our Defense Security Team.
These services have been developed to simulate and evaluate the ability of the organization to handle ongoing cyber-attacks and to improve the effectiveness of the existing security controls.