Redscan Case Studies Real-World Cyber Attack Simulation for Global Trading Organisation

Edit This Case Study Record

	Real-World Cyber Attack Simulation for Global Trading Organisation Redscan

Real-World Cyber Attack Simulation for Global Trading Organisation

Redscan

Technology Category	Analytics & Modeling - Digital Twin / Simulation Cybersecurity & Privacy - Application Security
Applicable Industries	Education National Security & Defense
Applicable Functions	Quality Assurance
Use Cases	Cybersecurity Intrusion Detection Systems
Services	Cybersecurity Services Training
Challenge	The CEO and board of directors of an international trading organisation were concerned about the potential damage a cyber-attack could inflict on their operations and reputation. Despite significant investments in cyber security, they lacked visibility into the effectiveness of these defences and how their organisation would respond to a real-world attack. The Financial Conduct Authority (FCA) legislation holds senior managers personally accountable for ensuring that IT security regulatory requirements are met. Therefore, the CEO and board decided to engage Redscan’s Red Team to test the effectiveness of the company’s cyber security controls and its ability to detect and respond to malicious behaviour. Read More
About Customer	The customer is a global trading organisation with its headquarters in the UK. The company operates in the finance industry and is subject to regulations from the Financial Conduct Authority (FCA). The CEO and board of directors are aware of the potential damage a cyber-attack could inflict on their operations and reputation. Despite significant investments in cyber security, they lacked visibility into the effectiveness of these defences and how their organisation would respond to a real-world attack. Read More
Solution	Redscan’s Red Team used modern adversarial tactics to emulate advanced threat actor activities within the organisation’s network environment. The project involved testing all aspects of the financial company’s IT defences. To ensure the engagement was as realistic as possible, Redscan received no internal information or access to the client’s business. All knowledge was obtained leveraging open source threat intelligence gathering techniques to identify valuable information available within the public domain. The engagement was carried out over a period of three months to replicate the stealthy approach adopted by real-world attackers. Read More Log in to view content
Contents

Technology Category

Analytics & Modeling - Digital Twin / Simulation

Cybersecurity & Privacy - Application Security

Applicable Industries

Education

National Security & Defense

Applicable Functions

Quality Assurance

Use Cases

Cybersecurity

Intrusion Detection Systems

Services

Cybersecurity Services

Training

Challenge

The CEO and board of directors of an international trading organisation were concerned about the potential damage a cyber-attack could inflict on their operations and reputation. Despite significant investments in cyber security, they lacked visibility into the effectiveness of these defences and how their organisation would respond to a real-world attack. The Financial Conduct Authority (FCA) legislation holds senior managers personally accountable for ensuring that IT security regulatory requirements are met. Therefore, the CEO and board decided to engage Redscan’s Red Team to test the effectiveness of the company’s cyber security controls and its ability to detect and respond to malicious behaviour.

About Customer

The customer is a global trading organisation with its headquarters in the UK. The company operates in the finance industry and is subject to regulations from the Financial Conduct Authority (FCA). The CEO and board of directors are aware of the potential damage a cyber-attack could inflict on their operations and reputation. Despite significant investments in cyber security, they lacked visibility into the effectiveness of these defences and how their organisation would respond to a real-world attack.

Solution

Redscan’s Red Team used modern adversarial tactics to emulate advanced threat actor activities within the organisation’s network environment. The project involved testing all aspects of the financial company’s IT defences. To ensure the engagement was as realistic as possible, Redscan received no internal information or access to the client’s business. All knowledge was obtained leveraging open source threat intelligence gathering techniques to identify valuable information available within the public domain. The engagement was carried out over a period of three months to replicate the stealthy approach adopted by real-world attackers.

Impact #1	At the end of the simulated attack period, Redscan’s Red Team delivered a comprehensive report for the CEO and board of directors, highlighting all of the information security issues detected and ranking them according to the level of risk to the business. The Red Team provided clear guidance on how to mitigate the risk, recommending specific solutions, policies or training courses as appropriate. As a result, the business is now implementing new measures to better protect its data, employees and customers. The CEO and board members now have a far more enlightened view of cyber security weaknesses across the business and can better meet their information security obligations. They can provide documentary evidence that information security is of high priority; that they are aware of the risks; and that they are taking the appropriate action to mitigate them.

Impact #1

At the end of the simulated attack period, Redscan’s Red Team delivered a comprehensive report for the CEO and board of directors, highlighting all of the information security issues detected and ranking them according to the level of risk to the business. The Red Team provided clear guidance on how to mitigate the risk, recommending specific solutions, policies or training courses as appropriate. As a result, the business is now implementing new measures to better protect its data, employees and customers. The CEO and board members now have a far more enlightened view of cyber security weaknesses across the business and can better meet their information security obligations. They can provide documentary evidence that information security is of high priority; that they are aware of the risks; and that they are taking the appropriate action to mitigate them.

Benefit #1	The Red Team identified a particular exposure to phishing attacks, which could be used to acquire remote log-in credentials for IT systems and access to client transactional data.
Benefit #2	Failures in the company’s access permissions were identified, which could be exploited to disrupt multi-million dollar trading transactions.
Benefit #3	Configuration issues in intrusion detection systems and a large number of false alerts meant that the company was unable to detect Redscan’s deliberately “noisy” attempts to break in.

Benefit #1

The Red Team identified a particular exposure to phishing attacks, which could be used to acquire remote log-in credentials for IT systems and access to client transactional data.

Benefit #2

Failures in the company’s access permissions were identified, which could be exploited to disrupt multi-million dollar trading transactions.

Benefit #3

Configuration issues in intrusion detection systems and a large number of false alerts meant that the company was unable to detect Redscan’s deliberately “noisy” attempts to break in.

Download PDF Version

Overview

Real-World Cyber Attack Simulation for Global Trading Organisation

Operational Impact

Quantitative Benefit