IT Infrastructures Penetration Testing for a US Insurance Service Provider
The Customer is a US company operating in the insurance industry. They provide their clients with property and casualty (P&C) insurance services.
The Customer wanted to check the security of their IT infrastructures situated in two locations with two separate data centers. The infrastructures included the web-facing servers. The Customer turned to ScienceSoft to get penetration testing services to ensure the protection of sensitive data stored in their data centers.
ScienceSoft’s security testing team performed two black box penetration tests during one project that lasted for 11 days. Both tests were conducted remotely.
The penetration tests carried out by the security testing team showed that the Customer’s IT infrastructures were well-protected. Nevertheless, ScienceSoft’s team revealed several vulnerabilities the exploitation of which might lead to negative consequences from the security perspective (sensitive data leakage, in particular).
- Outdated encryption protocols were used in both IT infrastructures. The data transferred using these protocols could easily be encrypted by attackers.
- Unauthorized users could send requests with malicious payload to the servers in the IT infrastructures and see the details about the structure of file location. Normally, the servers must give an error message and not let unauthenticated users see such internal information so that hackers wouldn’t be able to use it to learn about other security weaknesses in IT infrastructures.
- Internet Key Exchange version 1 (IKEv1) aggressive mode was enabled. This configuration allowed an attacker to capture and hack the pre-shared key of a VPN gateway and get unauthorized access to the Customer’s networks.
- The configuration of certain servers allowed disclosing their IP addresses to unauthorized users. This vulnerability meant that potential attackers could learn the servers’ internal IP addresses. The disclosure of this information could allow an attacker to exploit other vulnerabilities that might be found in the Customer’s IT infrastructures.
Following the Customer’s requirements, the security engineers granted the Customer a right to remotely access and review the “raw” scanning results stored in a repository arranged on ScienceSoft’s servers.
Upon the completion of penetration testing, ScienceSoft’s security testing team provided the Customer with the final report. It contained the recommended corrective measures aimed to improve the protection of both IT infrastructures.
The Customer got an expert assessment of the security level of their IT infrastructures. ScienceSoft’s security engineers managed to reveal several critical weaknesses in both infrastructures. The Customer was recommended to change their servers’ configuration and use updated and reliable encryption protocols. ScienceSoft’s security testing team provided the Customer with a comprehensive list of corrective measures aimed to reduce the probability the intruders would access the stored sensitive data.
Technologies and Tools
Metasploit, Wireshark, OpenVAS, Nessus, BurpSuite, w3af, Nmap, SQLMap, DIRB, Zmap.