OP Innovate planned an OSINT campaign to gather information as the reconnaissance phase prior to launching an attack on the customer’s assets. This would be followed by penetration testing of the internet facing assets, then identification of the most advanced attack (from the perspective of exploitability and impact) that an insider threat could execute.

OP Innovate’s Red Team began researching the target organization and gathering information on  business purpose, personnel, technological platforms, employees that could potentially have an impact on it and other in-scope components.

The Red Team collected many leaked user credentials found in 3rd party breaches then the team conducted a social engineering and spear phishing campaign, and managed to trick a user and gain control over their local, domain connected machine. After installing a network scanner and gaining admin privileges on many of the organization assets and machines, the team gained control of a web developer’s workstation which enabled them to move laterally as admin to the websites and gain admin privileges on 80% of the organization’s web assets.

The organization has patched and mitigated the Red team findings with the help of the researchers’ recommendations. The organizational resilience to the ever-present threat of cyber attack has been increased and a long term defense plan has been established.