To counter increasingly sophisticated attacks and the increasingly aggressive approach by cybercriminals, Innovery has created a division specialized in Offensive Security, with the aim of testing the perimeter and application defenses of companies, both from the point of view of IT and physical security.
They kept an eye on the bank’s entrances for weeks, noted the hours, filmed the employees, studied the front, prepared a planimetry of the spaces. Then they saw a Facebook post about the monitoring video cameras in use and studied the model. Downloading the manuals from the Internet, they discovered that the video camera sent an alarm to the security via SMS over the 2G network, and therefore they created a fake cell tower to hang up the system and redirect messages to their phones: at that point they entered.
This is how this story of the intrusion into a Lombard bank through the tampering of video cameras began. Fortunately, they were defenders, not thieves. Or rather, experts who behave like thieves but who are actually the 007s of security. Innovery’s team of raiders has the task of identifying the vulnerabilities of companies. It is one of the few Italian companies specialized in “corporate infiltration”. His Red Team takes the field with real corporate espionage activities, starting from the perimeter reconnaissance and tailing the employees up to the intrusion by cloning badges and tampering with video cameras and security doors to highlight the gaps and vulnerabilities of companies.
Innovery experts first carry out a passive analysis with Osint (Open Source intelligence) methods using feeds (contained from various sources) that come from the clear web and use specialized personnel who infiltrate closed groups of hackers who plan cyber attacks.
Antonio Fiorito, head of the Innovery Red Team, explained that the goal is to detect possible flaws in the customer’s physical and digital defense, and raise awareness of the importance of security.