Unlocking Cybersecurity with Cythera's Penetration Testing

15 Nov / 2023

Unlocking Cybersecurity with Cythera's Penetration Testing

Penetration testing, often referred to as pen testing, is a vital cybersecurity measure to your ongoing security hygiene. With increasing media attention around Australian cyber attacks and a crackdown by ASIC on businesses failing to protect their systems, most Insurance companies are now making a penetration test mandatory for organisations looking to secure an IT security insurance policy in 2023/2024. 

The Five Phases of Penetration Testing with Cythera

  • Discovery: This is the first phase where Cythera gathers as much information about the target system as possible. This could be details about network topology, applications, user accounts, and more. This phase uses both passive (using publicly available resources) and active (direct interaction with the target) methods. Network discovery and enumeration maps out assets and blind spots. Companies often don't fully map networks until penetration testing shows the risks.
  • Scanning: Here, Cythera identifies open ports and checks the network traffic of the target system using various tools. It's an essential step to determine potential entry points for attacks.
  • Vulnerability Assessment: After scanning, Cythera uses the gathered data to identify potential vulnerabilities and assess whether they can be exploited.
  • Exploitation: In this phase, Cythera tries to exploit the identified vulnerabilities using tools like Metasploit to simulate real-world attacks. Our testers will look to exploit logic flaws, or move laterally and step up their privileges to gain additional control over your environment.
  • Reporting: Post-exploitation, Cythera prepares a comprehensive report highlighting the findings. This report provides valuable insights and recommendations to remediate the discovered vulnerabilities.

Detailed Methodologies Employed by Cythera

  • Internal Testing: This involves broad service enumeration scans across the entire network, segmenting hosts based on their service "fingerprints". The focus is on understanding the network layout, identifying assets of interest, and then simulating attacker behaviours.
  • External Testing: Cythera performs both active and passive scans on the listed assets. While passive scans rely on open-source intelligence repositories, active scans include port enumeration, brute force attacks, and vulnerability assessments.
  • Wireless Network Testing: Cythera starts by attacking wireless access points directly. They spoof and masquerade wireless networks to trick clients into connecting to rogue devices. The primary goal is to test the logic of the network environment, simulating various wireless attacks like encryption cracking, authentication attacks, and MAC spoofing.

Pen Testing With Cythera: A Recent Case Study

Background: A high-profile state government department tasked with managing sensitive medical records faced the daunting challenge of safeguarding patient data shared with local medical practitioners. Amidst growing concerns over data breaches, they enlisted Cythera's expertise to rigorously test their cybersecurity defences.

The Challenge: The department's data-sharing ecosystem was intricate, with multiple potential entry points for cyber threats. The stakes were high: a data breach could compromise the privacy of 30,000 individuals, exposing medical records and personal information.

Cythera's Approach: Cythera's penetration testing was thorough and multifaceted, encompassing internal networks, external points of access, and wireless systems. The testing was conducted within a strict time frame, utilising a blend of automated tools and manual techniques tailored to the department's unique network architecture.

Key Findings

  • Sensitive Data Exposure: The most critical finding was an unauthenticated synchronisation API endpoint within the department's Electronic Health Records (EHR) web application. This vulnerability provided unrestricted access to a significant portion of the database, exposing sensitive patient information.
  • Compromised Credentials: The team discovered exposed staff email addresses, role mappings, and hashed passwords, heightening the risk of unauthorised access and potential impersonation.
  • Health Data At Risk: Patient health data, including contact details, allergies, and pharmaceutical prescriptions, were at risk of being accessed without proper authorisation.
  • Regulatory Implications: Given the sensitive nature of the exposed data, any leakage could lead to a reportable incident with severe legal and reputational consequences.
  • Recommendations: Cythera rated the API vulnerability as 'High' due to the major repercussions and likelihood of exploitation. Our remediation advice included:
    • An immediate audit of all unauthenticated and public-facing content.
    • Restriction of administrative portal access to authenticated, privileged users.
    • A comprehensive review of all API endpoints to ensure default authentication requirements.

Outcome: Following Cythera's recommendations, the department was able to close the alarming security gaps. By doing so, they fortified their defences against potential cyberattacks that could exploit the previously undetected vulnerabilities.

To safeguard your organisation's data against emerging cyber threats, consider a partnership with Cythera. Download our Pen Testing 2024 Checklist and take the first step towards a comprehensive cybersecurity strategy tailored to your organisation's needs. Don't wait for a breach to reveal your system's weaknesses - act now.


You may be interested in

4 Times Security Monitoring Technology Alone will Fail to Prevent Attack

With clear advantages over its reactive alternatives, Managed Detection & Response (MDR) is fast becoming the world’s most popular security so…

Read More arrow_forward


FORTIGUARD FIREWALL HEAP-BASED BUFFER OVERFLOW VULNERABILITY CVE: CVE-2022-25610What is VulnerableFortiOS version 7.2.0 through 7.2.3FortiOS ve…

Read More arrow_forward

The Ugly Side of ISO 27001 Compliance. What Happens if You Get it Wrong?

We’re going to be candid and frank here. ISO 27001 audits, and any cybersecurity compliance audits at all, can be hard to achieve and stressfu…

Read More arrow_forward