What is Malware?
Malware is software that is specifically designed to gain access to or damage a system. This is usually achieved without the knowledge of the owner. There are various types of malware, including spyware, ransomware, viruses, worms, Trojan horses, adware, and other types of malicious code designed to infiltrate a computer.
There has recently been an increase in popularity of ransomware which attempts to monetise infection. Ransomware infects a computer system and network in some way and demands payment before providing encryption keys, or passwords to decrypt the affected data.
Furthermore, phishing attacks may lead to the accidental downloading of Malware.. Attackers use malware to perform nefarious actions by remote control. Examples include searching for and stealing confidential information such as usernames and passwords, internet banking credentials or installing further programs without your knowledge to extend their attack.
Malware Breakout Penetration Testing
By conducting a Malware Breakout Penetration Test, Sense of Security will be able to present you with a complete end to end flow on:
- How malware can get in to the network, including:
- Reviewing which workstation/desktop controls are missing or misconfigured.
- Test the effectiveness of your endpoint protection controls and event management capabilities.
- What could malware see or access in the network from an automated perspective.
SOS will perform a detailed review of the configuration and “hardening” of the selected end-point from the perspective of what known malware could utilise in gaining a further foothold in the environment. We will also test the efficacy of the implemented endpoint security controls to detect and block attacks.
SOS’s assessment will test the ability to defend against both internal and external malware attacks; and if successful lateral movement and data exfiltration. It will also test the effectiveness of any incident response and escalation procedures that may be in place.
This assessment will include the following components:
- Reconnaissance
- System Hardening
- Enumeration
- Vulnerability Inspection
- Network Attack
- Drive-by Download
- Vulnerability Analysis & Exploitation
- Reporting
To discuss how we can assist your organisation through malware breakout penetration testing please contact us on 1300 922 923 or complete the enquiry form by pressing the button below.