Mission Impossible: Network Segmentation War Stories from a Frontline Pen Tester

A couple of weeks ago Mark Wolfgang, CEO of Shorebreak Security gave a fascinating webinar on a recent engagement where his organization undertook a pen test of a major metropolitan city complex. As part of the test they found that they could gain access to the employee card reader system – a system that controlled access to the police gun lockers,  evidence lockers, holding cells, narcotics vault, guard workstations, the mayor’s office, server rooms – basically any door in the entire city complex!

The scariest part was that Mark and his team were able to access the card system through the public wireless network in a library!

In Mark’s own words, think of a mission impossible kind of attack… we (and anyone else) could have easily gone in and disabled the security cameras, the guard workstation, and the narcotics vault, and then radioed our buddies and told them that the vault locks were disabled … in you go!

In this case, simple network segmentation would have prevented this exposure.

It’s worth watching the webinar to hear the full story as well as Mark’s tips for strategically segmenting your network and enforcing network segmentation, as well as his list of common mistakes organizations make every day.