A company's online presence could provide hackers access to critical systems
How much data of your organization can be found on the internet? And can old data be used to enter critical systems? Yes, it can. Old unused domains that are still present online, can be used by hackers which might give access to other used systems.
When assessing the network security of an organization it is important to understand the breadth of the attack surface. A single forgotten host or web application in the network will often become the initial foothold for an attacker. Request a scan to map the security of your online organisational data.
The focus of the security mapping of online organizational data is on gathering information specifically related to the organization's network footprint and services. Open source intelligence from social networks, email addresses, search engines and document meta data is often used for creating a social engineering attack.
What does the Security Mapping of Online Organizational Data contain?
- identification of domains and IP-addresses which belong or are related to the company.
- identifying and exploring systems/services.
- research possible attack points.
- finding mostly unstructured other information, i.e. indexed by search engines or floating around on websites.
What does Security Mapping Online Organizational Data do for your company?
- provide insight in which information is easily obtainable for a potential attacker/hacker.
- provide insight in which systems/services are online.
- get to know which services are online available that should not be public.
- provide insight in what is the weakest link in your IT-infrastructure.
Passively Mapping the Network Attack Surface
Using open source intelligence (OSINT) techniques and tools it is possible to map an organizations Internet facing networks and services without sending any packets (or just a few standard requests) to the target network.
Looking at this another way an attacker can do a comprehensive analysis and mapping of your network infrastructure and technologies without actually sending you any packets, and therefore without you having any knowledge that this reconnaissance has taken place.
Identifying Hosts and Related Domains
Identifying all known hosts for an organization allows us to continue to dig deeper for more systems and hosts to target. By examining all discovered IP address blocks (ASN) we can find other hosts within the next block of interest. Identifying related domains will lead to the discovery of more hosts.
Think of a single web server, the actual open services (SSH, HTTP, RDP) are all points of attack, discovering all the virtual hosts running on the server is important as web applications running on any of the virtual hosts are also an attack vector.