SOCIAL ENGINEERING ASSESSMENT
MEASURING THE SECURITY AWARENESS OF YOUR EMPLOYEES
Email "Spear-phishing" Social Engineering Testing
In this portion of the testing, WavePort Security will send emails to a pre-approved list of your employees in attempt to trick the employees into visiting an unknown web site or execute an unknown attachment. The website will be developed and operated by WavePort Security, and will be custom designed to deceive the target user into compromising domain credentials. The email attachment will be a custom benign executable created by WavePort Security that will collect identifying system information (e.g., hostname, logged on user, IP address, current user permissions) then transmit that information securely to WavePort Security. In the event that the employee either "authenticates" to the website or executes the attachment, WavePort Security will automatically record the technical details of the customer system necessary to demonstrate test success and produce metrics.
Phone "Cold Calling" Social Engineering Testing
WavePort Security will place telephone calls to a pre-approved list of customer employees in an attempt to deceive the employees into revealing login credentials or visiting a malicious website for installation of a benign executable masquerading as an “important security update.” The website and executable leveraged during this activity will be the same as described above in the email phase.
Removal Device Social Engineering Testing
WavePort Security will place custom-configured USB drives in key locations around your facility and attempt to compromise any user that finds the drive and connects it to a customer system. To demonstrate test success and produce metrics, the USB drivers will be configured to execute a series of keystrokes on the connected device that will collect system identification information from the system and securely upload that information to a WavePort Security-controlled website.
Physical Security Testing
WavePort Security will access the production floor and approach your pre-approved employees in an attempt to deceive the user into providing physical access to the employee's endpoint or network-connected manufacturing system. During this activity, WavePort Security will not display appropriate badges or other customer identification and will not be accompanied by a trusted customer representative. Upon gaining access to the employee's system, WavePort Security will perform a simple review of the system configuration in order to demonstrate test success and produce metrics.