It’s easy to assume that an attack on a business’s IT infrastructure and data assets will come from outside the organisation, but recognising the possibility of an attack by a malicious insider is just as important.
Our client, a major hedge fund based in the UK, acknowledged the risk and asked us to assess the strength of its security against cyber attacks by both insiders and outsiders. In particular, the company wanted to be sure that intellectual property in the form of sophisticated algorithms for automated trading could not be stolen or acquired by low-privileged, non-technical users or a disgruntled employee.
Our comprehensive security assessment, covering the client’s infrastructure applications, web applications and applications created for clients in Java, identified a number of high-risk issues. These included a vulnerability to SQL injection, a technique that allows attackers to extract data such as usernames, customer details and passwords from databases. Such is the seriousness of this security issue that we alerted our client immediately.
We also managed to bypass access controls in several applications and perform actions that were not originally granted to specific user roles. This type of ‘privilege escalation’ makes it possible for users to gain access to data that is forbidden to them or even to perform operations that could harm the system. In addition we found significant weakness in the Java client applications, with database credentials such as usernames and passwords not sufficiently secured or simply guessable.
Our final report included a technical analysis of our findings along with detailed remediation steps to increase the level of security. We gave special attention to the protection of intellectual property, outlining preventive measures that are particular effective against reverse engineering, whereby attackers would have been able to dismantle the client’s algorithms in order to understand how to recreate them.
Our work led to a significant lift in the cyber security posture of our client and ensured the IP assets underpinning its core business are now appropriately secured against potential attackers, whether they come from within the organisation or outside.
Do you need a cyber security strategy that is equipped to protect your business from both outside and inside cyber attacks? Speak to one of our pen testers today or read more about our cyber security services.